NR12 Fitness is committed to protecting the privacy and security of our members' and employees' personal data. This Data Privacy and Security Policy outlines the types of data we collect, the purposes of its collection, and the security measures in place to protect this data. Our practices comply with applicable data protection laws, including [e.g., GDPR, CCPA, or other relevant legislation].
1. Scope
This policy applies to all personal data collected, stored, and processed by NR12 Fitness in connection with membership accounts, services, and interactions with our facility, website, and other platforms. It applies to all employees, contractors, and third-party partners who handle data on behalf of the gym.
2. Data Collection
2.1 Types of Data Collected
- Personal Information: Name, address, phone number, email, date of birth, and emergency contact information.
- Membership and Billing Information: Membership type, payment details, billing address, transaction history.
- Health and Fitness Information: Information provided voluntarily by members, such as fitness goals, medical conditions (as applicable to fitness programmes), and class attendance.
- Digital Information: Data collected from our website or app, including IP addresses, browser type, and cookies.
2.2 Purpose of Data Collection
- Membership Management: To register members, manage memberships, process payments, and provide requested services.
- Service Improvement: To improve our services, personalise member experiences, and enhance overall customer satisfaction.
- Health and Safety Compliance: To ensure a safe fitness environment by understanding member needs, preferences, and relevant health concerns.
- Marketing and Communication: To send members updates, promotions, and information about our services (with the option to opt out).
- Analytics and Security: To analyse usage patterns and enhance the security of our website and facilities.
3. Data Usage and Disclosure
3.1 Usage of Data
- Personal data will only be used for the purposes outlined in this policy.
- Sensitive data, such as health information, will only be used with the member's explicit consent and strictly for the purposes of personalising fitness plans or programmes.
3.2 Disclosure to Third Parties
- Data may be shared with third-party service providers (e.g., payment processors, software providers) only as necessary to provide services and maintain our facility.
- Third parties are required to comply with data protection regulations and maintain confidentiality.
- Data will not be sold or shared with external parties for marketing purposes without explicit consent.
3.3 Legal Obligations
We may disclose personal data if required by law, in response to legal processes, or to protect the rights, safety, and security of NR12 Fitness and its members.
4. Data Security
4.1 Security Measures
- Personal data is protected by administrative, technical, and physical security measures, including encryption, secure servers, and restricted access to authorized personnel only.
- Access to personal data is limited to employees who require it to perform their job functions.
4.2 Digital Security
- Data transmitted online is encrypted using SSL (Secure Socket Layer) technology.
- Firewalls, anti-virus software, and regular security updates are employed to safeguard against unauthorised access, data breaches, and other cyber threats.
4.3 Data Breach Response
- In the event of a data breach, NR12 Fitness will promptly assess the risk, contain the breach, and notify affected individuals and relevant authorities as required by law.
- Affected individuals will be informed of the nature of the breach, the data involved, and recommended actions to protect against further risk.
5. Data Retention
5.1 Retention Period
- Personal data will only be retained for as long as necessary to fulfil the purposes for which it was collected, or as required by law.
- Membership data will be retained for the duration of the membership and for a reasonable period afterwards to address potential inquiries or legal obligations.
5.2 Data Deletion
- Upon termination of membership or upon request, personal data will be deleted or anonymised, unless retention is required by law or necessary for legitimate business purposes.
- Requests for data deletion can be submitted in writing to NR12 Fitness
6. Member Rights
6.1 Access and Correction
- Members have the right to access their personal data and request corrections if information is inaccurate or incomplete.
- Access and correction requests can be directed to NR12 Fitness.
6.2 Data Portability
Members may request a copy of their data in a machine-readable format for transfer to another service provider.
6.3 Opt-Out and Consent Withdrawal
- Members may withdraw consent for data processing or opt out of marketing communications at any time by updating preferences in their member account or by contacting NR12 Fitness.
6.4 Complaint Process
Members who have concerns regarding their data privacy rights may submit a complaint to our Manager at NR12 Fitness or directly to a relevant regulatory authority.
7. Cookies and Online Tracking
Our website uses cookies to enhance the user experience, collect analytics data, and improve our services. Members can manage their cookie preferences in their browser settings.
8. Policy Updates
NR12 Fitness reserves the right to update this Data Privacy and Security Policy to reflect changes in legal requirements or our business operations. Members will be notified of significant changes through email or website announcements.
9. Contact Information
For questions or concerns about this policy or personal data handling practices, please contact us at: NR12 Fitness
Acknowledgment
By becoming a member of NR12 Fitness, you acknowledge that you have read, understood, and agree to the terms of this Data Privacy and Security Policy.