Name:
The Health Club - Woodborough
Address: Roe Lane, Woodborough, NG14 6DA
Phone Number:
E-mail: thehealthclubwoodborough@gmail.com
This Privacy and Cookie Notice explains how The
Health Club – Woodborough collects, holds, transfers, processes and discloses
your Personal Data. This Privacy Notice also explains your rights under
the laws relating to Personal Data.
Definitions and Interpretation
The following terms shall have the following
meanings:
“Cookie” - means a small text file placed on your
computer or device by our site when you visit certain parts of the site and/or
when you use certain features of the site. Details of the Cookies used by our
site are set out below.
“Cookie Law” - means the relevant parts of the
Privacy and Electronic Communications (EC Directive) Regulation 2003
“DPA 2018” - Data Protection Act 2018
“GDPR” - General Data Protection Regulation
“Identifiable Natural Person” - GDPR defines as
“one who can be identified, directly or indirectly, by reference to an
identifier such as a name, or to one or more factors specific to that natural
person.”
“IP Address” - a number that is automatically
assigned to the computer that you are using by your Internet Service Provider.
“Personal Data” - GDPR defines as “any information
relating to an identified or identifiable natural person’’
“Privacy Notice” – an externally facing
notification informing customers, regulators, and other stakeholders what the
organisation does with personal data.
“Privacy Policy” – is an organisations internally
focused document informing employees what the company may do with personal
information.
“Privacy Summary” – is a condensed version of the
organisations full Privacy Notice created primarily for customers.
Who is the Registered Data Controller?
The Health Club – Woodborough, Roe Lane,
Woodborough, NG14 6BX, hereafter referred to as the “Company”
The Data Controller’s Representative
The Company’s Data Protection Officer acts as the
Data Controller’s Representative.
The Business of the Company
A boutique health club providing and open gym,
classes and personal training.
Sources of Personal Data Collection and Relevance
of Privacy Notice
This Privacy Notice relates to Personal Data
collected from you via:
·
Company-related websites;
·
Social media;
·
Mobile devices;
·
Wi–fi access points.
The content of this Privacy Notice applies to you
when you interact with the Company in centre, online, via social media,
telephone, text, websites and any other form of correspondence.
Consent
The Company asks for your consent as a way of
ensuring that your Personal Data is collected and processed on your behalf
lawfully and you are marketed to appropriately. You have the right to withdraw
consent at any time.
Legitimate Business Interest
The Company may also use Personal Data where it
falls within the definition of Legitimate Business Interest under the GDPR.
Your right to withdraw consent will override the right of Legitimate Business
Interest.
Personal Data Collected & Held
Information about the services that you use and how
you use them is collected. The Company may also collect device-specific data
(such as your location and mobile telephone number) and log-in frequency
information. Categories of Personal Data that are collected include:
·
Personal details - e.g. name,
address, email, telephone number;
·
Financial details, where applicable;
·
Goods and services;
·
Enquiries, compliments and
complaints.
Your web browser may provide the Company with
information about the device you are using such as an IP address and details
about the browser you use.
An “IP Address” may be identified and logged
automatically in the Company’s server log files whenever you access the
services, along with the time of the visit and the page(s) that were visited.
Personal Data Storage
The Personal Data you give is stored with your
account.
This data is located on servers within the European
Union and contractual safeguards are in place. No third parties have access to
your Personal Data unless there is a lawful basis to do so.
Company Use of Personal Data
The Company is committed to protecting your
Personal Data. When you share your Personal Data with the Company there is a
legal obligation for it to only use it in line with data regulations.
All your Personal Data is processed by our staff in
the UK.
The Company processes your Personal Data:
·
To provide a better service to you
including customised search results, spam and malware detection.
·
For service administration purposes,
carrying out its obligations arising from any contracts entered into by you and
it and provide you with the information, products and services that you request
from it;
·
To provide you with information about
other goods and services it offers that are similar to those that you have
already purposed or enquired about;
·
To notify you about changes to its
services;
·
To ensure that content of its site is
presented in the most effective manner for you;
·
To administer its site and for
internal operations, including troubleshooting, data analysis, testing,
research, statistical and survey purposes;
·
To measure and understand the
effectiveness of advertising it serves to you and others.
The Company uses IP Addresses for purposes such as
calculating usage levels of the services, helping diagnose server problems and
administrating its services.
The Company will ask for your consent before using
your Personal Data for a purpose other than that it was provided for or
authorised to use.
Anonymous and Aggregated Data
The Company:
·
may aggregate personal data so it
does not personally identify you (“pseudonymised data”); For example, it may
aggregate Personal Data to analyse the percentage of customers which have a
particular post code.
·
may remove Personal Data to create
anonymous data;
·
uses anonymous and aggregated
information for historical, statistical, or business planning purposes.
Use of Personal Data to Contact You
Transactional: The Company will communicate with
you in order to complete any transactional commitments.
Marketing Purposes: The Company will only contact
you for marketing purposes where you have given consent to do so. The Company
may personalise the message content based upon information you have previously
provided and your use of any linked websites.
Social Media: Social Media communications such as:
Facebook, Google, Instagram, Snapchat, Twitter etc. will be responded to based
upon the data you have previously provided.
Circumstances when the Company may Release Your
Personal Data to Others
The Company does not share your Personal Data with
organisations outside contractual requirements unless one of the following
applies:
·
It is necessary to comply with data
protection laws;• Your consent has been obtained and can be evidenced;
·
A legal requirement exists e.g. to
meet a legal obligation or enforceable government request, detect and prevent
or address fraud;
·
The Company is responding to matters
of personal or public safety.
The types of organisation with which the Company
may share some of your Personal Data it processes are:
·
Any member of the Group, which means
its subsidiaries as defined in section 1159 of the UK Companies Act 2006;
·
Analytics and search engine providers
that assist the Company with the improvement and optimisation of the website;
·
Credit reference agencies for the
purpose of assessing your credit score where this is a requirement for the
Company prior to entering into a contract;
·
Debit collection and tracing
agencies;
·
Central government;
·
Police forces and security
organisations.
Duration for which the Company will keep your
Personal Data
The Company holds your Personal Data on its systems
for as long as is necessary relevant to the transactional, tax and legal
obligations and marketing interests consented by you. Specific details of the
Company’s Data Retention Policy can be obtained from the Company Data
Protection Officer.
Data Security
The Company protects your Personal Data from
unauthorised access, disclosure or amendments by using:
·
Encryption;
·
Two factor authentication;
·
Secure storage locations;
·
Regular audit and review of data
storage and processing practices including physical safety procedures to
guard against unlawful access;
Access to your Personal Data is restricted to
employees on a need to know basis, suppliers and authorised representatives who
are subject to contractual responsibilities.
Unfortunately, the transmission of data via the
internet is not completely secure. Although the Company does its best to
protect your Personal Data, it cannot guarantee the security whilst it is
transmitted to its site; any transmission is at your own risk. Once in
receipt of your Personal Data, the Company will use procedures and security
measures to prevent unauthorised access.
Links to other Websites
Company-related websites contain hyperlinks to
websites operated by third parties who have their own privacy notices and
related cookies. The Company does not accept liability for the privacy
practices of these third parties.
Social Media
The Company’s websites contain links and sharing
buttons to third party social media websites e.g. Facebook and Twitter. These
third parties may in turn serve you cookies. The Company is not responsible for
the placement of these cookies. Please check the data Privacy Notices for the
respective third party social media website for more information.
When you make contact with the Company via social
media channels certain Personal Data may be shared with the Company about your
online activities such as gender, interests and marital status depending on
your profile settings. The Company is not responsible for the Personal Data you
share on your social media profiles and you are encouraged to familiarise
yourself with the privacy settings of these sites.
Cookies
Use of Cookies on the Company’s Websites
Internet Log File Information
When you visit our websites we collect standard
internet log information. We do this to find out things such as the number of
visitors to various parts of our site. Information we gather in our standard
internet log information does not identify anyone and is only used to
statistical purposes including the establishment of visitor numbers, most
popular pages and features, and most popular browser types.
Cookie Law
Where a cookie can identify an individual via their
device, even if identification can only be made via combining the data in
question with other data, it will fall within the definition of data laws.
Use of Cookies
Cookies are small text files that are placed on
your computer by websites when you visit. They are widely used in order to make
websites work, or work more efficiently, as well as provide information to the
owners of the site. Several of the cookies we use are essential for parts of
the site to operate, in particular our booking systems. You may delete and
block all cookies from our sites, but parts of the site will not function
correctly.
The cookies used on this website have been
categorised using best practice. A list of all the cookies used on this website
by category is set out in the table below.
Cookie Categories
Strictly Necessary
These cookies are essential in order to enable you
to move around the website and use its features, such as accessing secure areas
of the website. Without these cookies services you have asked for, like
shopping baskets or e-billing, cannot be provided.
Strictly necessary cookies are always enabled.
Functional
These cookies allow the website to remember choices
you make (such as your user name, language or the region you are in) and
provide enhanced, more personal features. For instance, a website may be able
to provide you with local weather reports or traffic news by storing in a
cookie the region in which you are currently located. These cookies can also be
used to remember changes you have made to text size, fonts and other parts of
web pages that you can customise. They may also be used to provide services you
have asked for such as watching a video or commenting on a blog. The
information these cookies collect may be anonymised and they cannot track your
browsing activity on other websites.
Persistent
Persistent cookies are those which remain active on
the user’s computer or device for a predetermined period of time and are
activated when that user visits a website.
Performance
These cookies collect information about how
visitors use a website, for instance which pages visitors go to most often, and
if they get error messages from web pages. These cookies don’t collect
information that identifies a visitor. All information these cookies collect is
aggregated and therefore anonymous. They are only used to improve how a website
works.
Session Cookies
Session cookies are temporary and only remain on a user’s computer or device from the point at which they visit your website until the web browser is closed, at which point they are removed.
Targeting
These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement
Session cookies are temporary and only remain on a
user’s computer or device from the point at which they visit your website until
the web browser is closed, at which point they are removed.
Targeting
These cookies are used to deliver adverts more
relevant to you and your interests. They are also used to limit the number of
times you see an advertisement as well as help measure the effectiveness of the
advertising campaign. They are usually placed by advertising networks with the
website operator’s permission. They remember that you have visited a website
and this information is shared with other organisations such as advertisers.
Quite often targeting or advertising cookies will be linked to site
functionality provided by the other organisation.
It is the visitors responsibility to review any
third party Cookie related Terms and Conditions.
Requests for additional information on our privacy
and data protection policies can be made to:
The Health Club – Woodborough
Roe Lame
Woodborough
NG14 DA
Your Rights under GDPR and DPA 2018
The Right to your Personal Data (Access)
You have the right to obtain a copy of your
Personal Data that is processed by the Company and know the reasons why it
processes your data. Upon receipt of a written request made to the Company Data
Protection Officer you can normally expect a response within one month of the
request. (Should there be a requirement for an extension of the original one
month limit you will be written to with the reasons for any delay). Please note
confirmation of a requester’s identity will be essential prior to any release
of Personal Data.
If the Company holds Personal Data about you, it
will:
·
Provide a description of the data
held;
·
Inform you why the data is being
held;
·
Inform you who the data is disclosed
to;
·
Provide a copy of the data in a
machine readable format (or hard copy).
Depending upon the nature of the request the
Company will try to manage the search informally in the first instance e.g. if
you are seeking specific data, this may be resolved via a telephone call.
The Right to Rectification
You have the right to have any inaccuracies in your
Personal Data which is stored and processed by the Company to be rectified.
The Right to be Forgotten
Under certain circumstances you may request that
Personal Data is erased.
The Right to Restriction of Processing
Under certain specific circumstances you may have
the right to prevent the processing of some Personal Data.
The Right to Notification
Under certain circumstances, the Company has a duty
to ensure you are notified of how any intended change of processing of your
Personal Data may take place which differs to that which you consented for.
The Right to Data Portability
Under certain circumstance you have the right to
see and have transferred your Personal Data in a commonly used and
machine-readable format to another Data Controller.
The Right to Appropriate Decision Making
You have the right not to have decisions made
solely from automated processing. In the event that automated processing is
used, please contact the Company Data Protection Officer to obtain an
explanation from for the outcome of any automated processing.
Consent to this Privacy Notice is implicit in your
use of the Company’s products and services.
Complaints
You have the right to lodge a complaint regarding
the use of your Personal Data. In the initial instance please email the Company
Data Protection Officer who will investigate the matter and keep you informed
of the investigation progress.
If you are not satisfied with the outcome of the
internal investigation you have the right to lodge a complaint with the
Information Commissioner’s Office.
Privacy Notice Changes
The Company:
·
reserves the right to amend this
Privacy Notice at any time;
·
will post any revised Privacy Notice
on its websites;
Queries regarding this Privacy Notice
If you have any questions or comments about this Privacy Notice please contact the Company Data Protection Officer on: thehealthclubwoodborough@gmail.com
Date of publication: October 2021