This Privacy Notice (the “Notice”) sets out how we Fit Cloud Technology Limited (trading under the Membr brand) (“Fit Cloud”, “us” or “we”) process personal information about you (the “User” or “you”) when you sign up to our fitness platform through membership of your gym. We are a data controller of the personal information we process and are therefore responsible for ensuring our systems, processes, suppliers and staff comply with data protection laws in relation to the information we handle.
You can find out more about Fit Cloud’s responsibilities and about how and why we collect and use your personal information by reading this Notice. However, if anything is unclear or if you have any questions about this Notice, please contact us at [email protected]
Personal data, or personal information, means any information about a person from which they can be identified. We may collect, store, and use some or all of the following categories of personal information about you:
Subject to your explicit consent, we may also collect, store and use your health data. This is considered a special category of more sensitive data. Where we process health data, it will be treated confidentially and will never be used for direct marketing purposes.
When you log on to our fitness platform through our website or an app, we automatically collect information about your use of the platform including details of your visits such as pages viewed and the resources that you access. This information will include traffic data, location data, IP address, browser, operating system, referral source, length of visit and other communication data.
We collect Identity Information provided voluntarily by you. For example, when you register with or use our fitness platform (by entering training plan details, goals or making a booking).
We also collect Identity Information when you fill out a web form or questionnaire or contact us (by email or telephone) to ask a question or request information.
We also collect Identity Information through your gym when they add information about you into our fitness platform. For example, a personal trainer may add information when they use the Connected Trainer feature to communicate with you.
As mentioned above, we collect System Information when you interact with our fitness platform, through the website or an app.
Providing our services
As part of the provision of our services, we use the personal information that we collect from you to:
Monitoring, administering and improving
We use your personal information to help us to monitor our performance, administer and improve our fitness platform by:
Where you have indicated you are happy to receive direct marketing, we use your information to provide details of our products or services that may be of interest to you.
This is likely to happen where you have given us your consent in advance. It may also happen where the message only contains information that we think will be of interest to you because it relates to services that you have already purchased from us and you have not opted out despite having the opportunity to do so (at the point we collected your information and in every follow-up message we send).
If you wish us to stop using your information for these purposes at any time, please use the appropriate opt-out link in our messages to you or contact us at [email protected]
Data protection law says we only have the right to use your personal information where we can identify a lawful basis for doing so. Your consent to the processing as specified in this Notice is our primary lawful basis. In some circumstance we may also rely on another lawful basis. Most commonly, these will be:
We will share your personal information with your gym. They have on-going access to your information through a dedicated channel on our fitness platform.
There are other circumstances when we want to or are compelled to share your personal information, including:
We may transfer the personal information we collect about you outside the EU in order to perform our contract with you. Where this occurs we will ensure that your personal information receives an adequate level of protection and we will put in place appropriate measures to ensure that your personal information is treated in a way that is consistent with EU and UK laws on data protection. If you require further information about these protective measures, you can request it by contacting us at [email protected]
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also have procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorised use or disclosure of your information, the purposes for which we process it and whether we can achieve those purposes through other means, and the applicable legal requirements.
Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
As mentioned in Section 1, both Fit Cloud and your gym will act as data controller in relation to personal information processed through the fitness platform.
This means that we both have responsibilities in relation to that personal information. You can find out more and you can exercise the rights set out above by contacting either Fit Cloud or your gym. In order to ensure that any such enquiry is dealt with promptly and efficiently, we recommend in the first instance contacting your gym.
If you have any questions about this Notice or how we handle your personal information, please contact us at [email protected] You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
We reserve the right to update this Notice at any time, and we will provide you with a new Notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.