Purpose of policy
Fitness Republic Ashby ltd is committed to protecting your personal information and being transparent about what information we hold about you. The purpose of this policy is to give you a clear explanation about the personal information that Fitness Republic gathers and how it is used.
Using personal information allows us to develop a better understanding of our contacts and in turn to provide you with relevant and timely information about the work that we do.
We use your information in accordance with all applicable laws concerning the protection of personal information. This policy explains:
- What information we may collect about you
- How we may use that information
- In what situations we may disclose your details to third parties
- Information about how we keep your personal information secure, how we maintain it and your rights to be able to access it
Who we are
Fitness Republic is a registered company in England and Wales under registration number 07223372
We collect various types of information and in a number of ways:
Information you give us
When you join our mailing lists,engage with us via our website, app, social media or email, participate in our facilities, activities or other engagement, we’ll store personal information you give us such as your name, email address, postal address andtelephone number.
Sensitive personal data
Data Protection law recognises that certain categories of personal information are more sensitive such as health and medical information, age, sexuality, gender, ethnicity and financial information. Due to the nature of our business and for your safety, we do have to collect this type of information about all our contacts.
Information about your interactions with us
We will also collect records of your purchases or other interactions with us, for example emails you have opened, links you have clicked on, events and activities attended or taken part in and feedback you have given.
There are four legal bases under which we may process your data:
- Contract purposes
When you make a purchase or goods or services from usor supply goods or a service to us, you are entering into a contract with us. In order to perform this contract, we need to process and store your data. For example, we may need to contact you by email or telephone in the case of cancellation of a class or activity, or in the case of problems with your payment.
- Legal obligations
In certain situations, we collect and process personal information in order that Fitness Republic complies with the law. For example, accident/incident reports.
- Legitimate business interests
In certain situations, we collect and process personal information for purposes that are in the legitimate interests of both Fitness Republic and the individual.
The Information Commissioner’s Officer (ICO) advises that:
“Legitimate interest is likely to be most appropriate where you use people’s data in ways they would reasonably expect, and which have a minimal privacy impact, or where there is a compelling justification for the processing”.
In line with ICO guidelines, Fitness Republic has conducted a legitimate interest assessment and has identified legitimate interests, demonstrated that data processing is necessary to achieve it and has balanced this against the individual’s interests, rights and freedoms.
- With your explicit consent
For any situations where the three bases above are not appropriate, we will instead ask for your explicit consent before using your personal information in that specific situation.
We aim to communicate with you about the work that we do in ways that you find relevant, timely and respectful. To do this we use data that we have stored about you, such as events you have booked, activities in which you have participated or your professional involvement in Fitness,as well as any preferences about what you would like to receive that you may have told us about.
Our marketing communications primarily are done by social media and text, however, from time to time we may also use telephone and email We may use a combination of legitimate interest and explicit consent to target relevant contacts. We will give you an opportunity to update your preferences or to unsubscribe from email communication in every email that we send you, or you can alternatively use the contact details at the end of this policy to tell us if you don’t wish to receive emails from us.We very rarely use post for marketing communications and only using the basis of legitimate interest or contract purposes, so we do not hold contact preferences for this method.
Other processing activities
In addition to marketing communications, we also process personal information in the following ways that are within our legitimate organisational interests:
- We may analyse data we hold about you to ensure that the content and timing of communications that we send you are as relevant to you as possible.
- We may analyse data we hold about you in order to identify and prevent fraud.
- In order to improve our website, we may analyse information about how you use it and the content and ads that you interact with.
In all of the above cases we will always keep your rights and interests at the forefront to ensure they are not overridden by your own interests or fundamental rights and freedoms. You have the right to object to any of this processing at any time. If you wish to do this, please use the contact details at the end of this policy. Please bear in mind that if you object this may affect our ability to carry out tasks above that are for your benefit.
Fitness Republic has contracts with third party organisations that process data on our behalf and on our instructions, for example providers of online booking system, fitness tracking software, direct debit processors, online forms, health and safety services. Where we need to share your personal information to these third parties, we have contracts in place that ensure they comply strictly with our instructions and with data protection laws, for example around security of personal data and that they do not share your data with anyone else. A list of these third party organisations is available from us. .
We will not pass on your personal details to any other third party where such a contract is not in place.The only exception would be if you have given us unambiguous and direct consent to pass on your details to another named individual or organisation through an opt-in consent on paper, email or online form, for example if you wanted to join the mailing list of a freelance instructor that provides a service here at Fitness Republic.
Links to other sites
Storing and maintaining your personal information
We will put in place appropriate safeguards (both in terms of our procedures and the technology we use) to keep your personal information as secure as possible. We will ensure that any third parties we use for processing your personal information do the same. We will take appropriate measures to ensure that the information we hold is kept secure, accurate and up to date and is kept only for so long as is necessary for the purposes for which it is used.
If you use your credit or debit card to purchase from us we will ensure that this is carried out securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). The card details are processed by third party contractors in a way where none of our staff members are able to see your full card number or your security code. If you give card details to us over the phone or in writing, these will be stored securely in the Fitness Republic office and used to process payments as soon as possible, destroying them after use. Card details should never be sent over email or social media.
We will not transfer, process or store your data anywhere that is outside of the European Economic Area unless a contract compliant with EEA law is in place.
Your rights to your personal information
You have a right to request a copy of the personal information that we hold about you and to have any inaccuracies in this data corrected. If there are aspects of your record that are inaccurate or that you would like to remove, please use the contact details at the end of this policy if you would like to exercise this right.
Any objections you make to any storing or processing of your data will be noted against your record on our system so that we can comply with your requests.
Fitness Republic Ashby ltd, 59a Market Street, Ashby de la Zouch, Leicestershire, LE65 1AH
Data Controller, Sarah Pellecchia. Email: email@example.com
You may view Fitness Republic Ashby Ltd’s Data Protection Registration by visiting the Data Information Commissioner’s Website.