Privacy Policy

At mysite-name, we are committed to protecting your personal information while you use our fitness club facilities and services across England. This policy explains how we collect, use, and safeguard your data in compliance with UK GDPR and the Data Protection Act 2018.

1. Information We Collect

We collect information necessary to provide our fitness services, including your name, contact details, emergency contact information, health declarations, payment details, and attendance records. This helps us deliver safe and effective fitness experiences and manage club operations effectively.

We collect technical data through our access systems and website analytics to improve user experience. This information is anonymised where possible and not linked to your personal identity without explicit consent.

2. How We Use Your Information

Your data enables us to deliver quality fitness services and includes:

Processing membership applications and managing club access
Monitoring facility usage and class attendance patterns
Managing health and safety requirements and emergency procedures
Processing payments and managing membership billing
Communicating club updates and service changes
Providing fitness guidance and programme support

We handle your information responsibly, using it solely for your fitness service requirements and essential club operations.

3. Health and Medical Information

Your health declarations, medical conditions, and fitness level assessments are stored securely and treated as highly confidential. We maintain these records to ensure safe training environments and appropriate exercise guidance.

Health information is accessed only by qualified fitness staff and is stored on secure systems with restricted access. We maintain this information for 2 years after membership termination.

4. Access and Attendance Records

We maintain records of club access, class attendance, and facility usage to manage capacity, equipment maintenance, and service planning. This information helps us optimise facility operations and member experience.

Usage data is stored separately from personal contact details and is accessible only to operational management for facility planning purposes.

5. Data Security Measures

We implement industry-standard security protocols to protect your personal and health information. All member data is stored on encrypted systems with access limited to authorised staff members. Physical documents are securely stored and shredded when no longer needed.

Our fitness team follows strict confidentiality agreements regarding member information and health details.

6. Photography and CCTV

We operate CCTV in public areas for security purposes, with signage clearly displayed. Images are stored securely and retained for 30 days. Separate consent is obtained for any promotional photography used in marketing materials.

Security monitoring is conducted in compliance with ICO guidelines, with access limited to authorised security personnel.

7. Legal Basis for Processing

By joining our fitness club, you consent to us processing your information as outlined in this policy. This includes processing necessary for service delivery, health and safety compliance, facility management, and business administration.

8. Third-Party Data Sharing

We may share your information with trusted third parties only when necessary to deliver our services, such as payment processors for transaction handling, and security providers for facility protection.

All third-party providers are bound by strict data protection agreements compliant with UK GDPR requirements. We never sell your personal information or health data to other companies.

9. Your Data Protection Rights

Under UK GDPR, you have the right to:

Access personal information we hold about you
Request correction of inaccurate personal data
Request deletion of your personal data
Object to processing of your personal data
Request transfer of your data to another provider

To exercise these rights, contact us at: [email protected]. We respond to all valid requests within 30 days.

10. Data Retention Period

We retain your personal and membership data for as long as necessary to fulfil our services and legal obligations. Membership records are typically maintained for 3 years after termination to facilitate rejoin requests, unless you request earlier deletion.

Financial records are retained for 7 years for accounting and tax compliance purposes. Health and safety records are maintained for 2 years as required by insurance providers.

11. Policy Updates

We may update this privacy policy periodically to reflect changes in our services or legal requirements. The current version will always be available on our website, and we will notify you of significant changes that affect how we process your data.

Last updated: October 2025