Privacy Policy

This policy was last updated on June 4, 2026. Daypasser is operated by Radish Retail LLC.

We collect account information, booking details, gym claim details, support requests, payment-session metadata, device information, approximate IP location signals, optional browser location when you grant permission, and information you submit through forms.

We collect first-party analytics events such as page views, page intent, searches, suggestions selected, map interactions, listing views, button and link clicks, external gym-site clicks, phone clicks, support and owner-claim clicks, booking intents, checkout starts, booking confirmations, waiver intents, and beta feedback interactions.

Analytics events can include a randomly generated visitor cookie id, session cookie id, page URL, landing page, referrer, campaign parameters, advertising click ids present in the URL, page title, target link or button label, gym id, pass id, booking id, browser language, timezone, viewport size, user agent, IP address, approximate IP city/region/country, and related event metadata.

For signed-in users, we may maintain internal loyalty and reward data derived from completed bookings, including points, status tiers, benefit eligibility, free-pass credits, and campaign segment metadata.

Signed-in users must provide a legal first name, legal last name, and phone number before using account features.

Daypasser is a Radish Retail LLC company. Radish Retail LLC also operates other applications, Daypasser is run independently as a separate product. This policy describes data use for the Daypasser service.

We use information to create accounts, send email sign-in links, process bookings, issue check-in tokens, support gym operators, prevent abuse, and improve marketplace quality.

We use analytics data to understand product usage, measure search and booking funnels, debug slow or broken flows, estimate demand for gyms and cities, detect abuse, improve ranking and recommendations, and prioritize product work.

We use loyalty and reward data to operate benefits, test reserved-spot or free-pass campaigns, route rebooking offers, and help gym partners understand conversion and repeat-visit funnels.

We do not sell personal information or use Daypasser analytics events for cross-context behavioral advertising. We share data with service providers such as Supabase, Stripe, hosting/CDN providers, Google Analytics, Google Maps, and gym partners only as needed to operate, secure, and improve Daypasser.

Daypasser uses first-party cookies to remember a randomly generated visitor id, a short-lived session id, beta-popup dismissal, sign-in state, and analytics preferences. The visitor cookie helps us recognize repeat visits; the session cookie helps group activity during a single browsing session.

We also use Google Analytics to measure aggregate site usage. Google Analytics may set its own cookies or use similar technologies according to Google's policies. We configure Google Analytics with IP anonymization where supported.

You can block or delete cookies in your browser. Some features, such as sign-in state, beta dismissal, and analytics preferences, may not persist if cookies are disabled.

Approximate IP location may be used to show nearby city results, analyze city-level demand, and protect the service from abuse. Precise browser location is requested only after you choose to share it, and it is used to sort or search nearby gyms.

When browser location is granted, analytics may record rounded latitude and longitude for the search action so we can understand how location search performs.

You can decline browser location, turn off first-party Daypasser analytics in this browser, request deletion of account data, or contact support for booking and privacy questions.

We honor browser Global Privacy Control and Do Not Track signals for first-party Daypasser analytics where we can detect them. Those signals may not control third-party services outside our direct control.

First-party analytics events are normally pruned after about 400 days. Booking, support, security, and audit records may be kept longer where reasonably needed to operate Daypasser, resolve disputes, comply with legal obligations, prevent abuse, and improve the service.

We use access controls, row-level security, service-role-only database policies, and provider security controls to limit access to sensitive operational data.

Depending on where you live, you may have rights to know, access, correct, delete, or opt out of certain uses of personal information. Contact Daypasser support to make a privacy request.

We may need to verify your identity before fulfilling a request, and some information may be retained where required for security, fraud prevention, accounting, legal, or booking-dispute purposes.