Privacy Notice 2019 – Version 2, October 2019
The European Union General Data Protection Regulation (GDPR) will take effect in the UK on the 25th of May 2018, placing increased data security and privacy responsibilities on all organisations handling data.
At Revive Fitness and Spa, we are committed to protecting your privacy.
We collect and process personal data about you to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests.
Our Privacy Notice explains how we collect, use, share and protect your personal information. When we update this policy we will post any changes on our website.
If you have any queries about this Notice please contact us at Revive Fitness and Spa, 191-195 Darkes Lane, Potters Bar, Hertfordshire, EN6 1AA.
IDENTITY OF DATA CONTROLLER
The Data Controller in respect of this Privacy Notice is Revive Fitness and Spa Limited.
WHEN DO WE COLLECT INFORMATION?
We collect your personal information when you:
- Complete a Membership Agreement
- Book or attend an exercise class or lesson
- Ask us for more information about a product or service, or contact us with a question or complaint
- Take part in a competition, prize draw or survey
- Contact our team through telephone or email
- Send an email to an @revivefitnessandspa.co.uk email account
- Enter your PIN number or swipe your fob into our gym
- You have an accident our gym or there was an incident where you were a witness or personally affected
- When you book classes, courses and inductions
- CCTV – when you are using our gym
- When using our gym CCTV is being recorded 24 hours a day and actively monitored for your personal safety. CCTV is permanently erased after 31 days.
- We may also collect, match or acquire information about you from other organisations such as Google, Facebook, Instagram or Twitter.
WHAT INFORMATION DO WE COLLECT?
The information we collect is required for the purpose of creating your Member Account and for you to enrol in our gym.
Such information allows you to be identified as a member of Revive Fitness and Spa and includes:
- Name, date of birth, gender, e-mail address, postal address, telephone number, health declaration and whether you require disabled access
- Credit or debit card information, information about your bank account number and sort code or other banking information. Note that we do not store your bank or credit card details on our web servers
- Your usage records and duration of visits
- Your preferences for particular products or services or interests when you tell us what they are – or when we assume what they are, depending on how you use our products and services
- Your contact with us, such as a note or recording of a call you make to our contact centre, an email or other records of any contact you have with us
- Your membership information – such as dates of payment owed and received, the services you use and any other information related to your account
HOW DO WE USE THIS INFORMATION?
We will use your personal information to provide you with the services, products or information that you have requested, for administration purposes, to improve your website experience, and marketing. We may need to share your information with our service providers, associated organisations and agents for these purposes. We may use your information to:
- Process your membership application through Clubright, our chosen membership software.
- Bill you for using our services as part of your membership
- Keep you informed about our services including operational matters relating to your Membership.
- Provide relevant services to you
- Contact you with offers or promotions based on our analysis of how you use our services and what we think will be of interest to you (unless you choose not to receive our marketing messages)
- Respond to any questions or concerns you might have about our services
- Understand how you use our services, to help us develop relevant and updated services
- Carry out research and statistical analysis to monitor how customers use our services
- Prevent and detect fraud or other crimes
Where we process your personal data based on your consent you have the right to withdraw consent at any time, for example your consent to receive direct marketing. If you no longer want to receive marketing messages from us, please email us at firstname.lastname@example.org. You can choose to opt out of all marketing or select your marketing preferences. Alternatively, if you are no longer a member, and wish to remove your consent to receive marketing content please contact by email.
We’ll store your information for as long as you are a Member of Revive Fitness and Spa, or following cancellation and to meet legal requirements including financial audit, anti-fraud and money laundering regulations we will store your information for no more than 6 years from the last activity on the account. An ‘activity’ can be classified as access into a gym, a payment made on the membership account or a comment added to the membership following contact with Revive Fitness and Spa if you haven’t opted out of receiving marketing communications from us.
KEEPING YOUR PERSONAL INFORMATION SECURE
We have a dedicated team leader whose function is to secure our clients’ information and also take appropriate measures to ensure that the information we collect and maintain is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used.
We ensure the organisations that provide us with services related to your membership have appropriate security measures and only process your information in the way we have authorised them to. These organisations will not be entitled to use your personal information for their own purposes.
Communications over the internet (such as emails) aren’t secure unless they’ve been encrypted. Your communications may go through a number of countries before being delivered – as this is the nature of the internet. We can’t accept responsibility for any unauthorised access or loss of personal information that’s beyond our control.
WILL WE DISCLOSE THE INFORMATION WE COLLECT TO OUTSIDE PARTIES?
We may share information about you with:
- Service providers, agents and associated organisations to allow us to service your membership and communicate with you; for example, financial institutions to process payments, and freelance personal trainers when you sign up to classes
- Law enforcement agencies, regulatory organisations, courts or other public authorities where we have a legal obligation to do so.
- We’ll release information if it’s reasonable for the purpose of protecting us against fraud, defending our rights or property, or to protect the interests of our customers.
- If we’re reorganised or sold to another organisation, we may transfer any personal information we hold about you to that organisation. We will inform you if we do.
We value your privacy and do not sell your information to any third parties under any circumstances.
USE OF PERSONAL DATA FOR AUTOMATIC DECISION MAKING
We do not intend to use your personal data for automatic decision making.
DO NOT TRACK (DNT)
The Revive Fitness and Spa website does not respond to DNT signal
COLLECTION OF CHILDREN’S DATA
Revive Fitness and Spa does not collect or process children’s data.
YOUR PRIVACY RIGHTS
You have the following rights in relation to your data privacy: the right of access; the right of rectification; the right of erasure (the “right to be forgotten”); the right to restriction of processing; the right to be notified; the right to data portability; the right of objection; and the right to not be subject to automated profiling.
Access. You have the right to ask for a copy of the information we hold about you and to have any inaccuracies in your information corrected. Please contact us through email to email@example.com, the contact us section of the website or writing to the address below. There is not normally a fee for this service.
Rectification. If you believe we’re holding inaccurate information about you, or your personal details change, and or bank account detail changes please email us at firstname.lastname@example.org
Erasure. You have the right to the erasure of the data we hold on you, when it is no longer needed for the purposes of your Membership, or when you withdraw your consent for our processing (and we have no other lawful basis to hold your data).
Restriction. You have the right to ask us to place restrictions on processing your data in certain circumstances.
Notification. You have the right to be notified of any rectification, erasure or restrictions in relation to your personal data.
Portability. You have a right to receive the data we hold on you electronically in a format that allows it to be easily transferred to another data controller.
Object. You have the right to object to data processing of your personal data for direct marketing or profiling purposes.
Profiling. You have the right not to be subject to any decision based on automatic processing of your personal data.
The address to be used to obtain a copy of your personal information is: Revive Fitness and Spa, 191-195 Darkes Lane, Potters Bar, Hertfordshire, EN6 1AA. You can also contact us by emailing email@example.com
CHANGES TO THIS PRIVACY NOTICE
We will update this privacy notice to reflect the way in which we process and protect your data. If we do so, we will post notice of the change on our website and have a copy of the memo in the reception area.