Important Details for RFPs
Company and Solution Details
Services Delivered: Membership management, access control, billing automation, bookings and scheduling, point of sale & inventory management, online sign-up, business reporting & KPIs. SMS*, email & push notification communications and marketing.
Third Party Services: Billing is carried out through integration with one of GymMaster’s dedicated billing providers.
Hosting Services and Locations
GymMaster has support staff and servers situated around the globe to ensure the best possible experience with the system from any location. Back-ups of all data are made periodically.
Support Locations: New Zealand, Australia, Mexico, Singapore, Colombia & Italy.

Server Locations: United States, Japan, Germany, Singapore & Australia.
Data Management
Data is made available to the customer upon request in PDF or CSV format.
Data can be deleted upon customer request – including backups and archives.
Existing data can be uploaded into the system through direct upload by the customer, or direct transfer from GymMaster transfers department.
Back-ups
All data on servers are securely backed up on the hosting servers, as well as on in-house servers at the GymMaster head office in Christchurch, New Zealand. Information is backed up for 6 weeks.
Workers
GymMaster has a team of dedicated developers who work around the clock to improve the system, respond to support queries and resolve issues. New employees are onboarded with an orientation programme lead by senior staff.
A small portion of work is carried out by other workers, such as contractors and work experience. These workers have clearly defined roles and responsibilities.
User access controls
To access GymMaster, users are provided with usernames and passwords, which are stored securely within the system.
Role-based access levels and restrictions can be set by the user administrator.
If a password is forgotten, they can not be recovered–instead the system administrator will send them an email to set a new one.
Test accounts can be provided for assessment purposes upon request.
Security Measures
All data is encrypted in transit, and at rest when contained within the solution.
Electronic two-factor authentication is available to ensure only authorised staff can access the system – Facilitated via email or Google Authenticator.
Vulnerability and penetration tests are conducted regularly to ensure the system is secure and vulnerabilities are remediated.
Customers will be immediately notified of any security breaches and/or data corruption or loss.
Quality Controls
The solution is available 24/7 with a 99% uptime.
Recovery time objective: 1-4 hours.
Recovery point objective: 4-8 hours
Risk and Hazard Management
GymMaster has a risk/hazard register to advise people of potential risks and hazards and with appropriate processes and controls in place to eliminate these.