Key Fitness Academy is fully committed to compliance with the requirements of the Data Protection Act 2018 (the Act) and all other data protection legislation currently in force. The Act applies to anyone processing personal data and sets out principles which should be followed and gives rights to those whose data is being processed.
This privacy notice tells you what to expect us to do with your personal information when you make contact with us or use one of our services.
In this Privacy Notice we’ll tell you:
- why we are able to process your information;
- what purpose we are processing it for;
- whether you have to provide it to us;
- how long we store it for;
- whether there are other recipients of your personal information;
- whether we intend to transfer it to another country; and
- whether we do automated decision-making or profiling.
Key Fitness Academy takes its responsibilities seriously and adheres to the Data Protection Principles as listed below.
When processing data we will ensure that it is:
- processed lawfully, fairly and in a transparent way
- processed only for the purpose that the data was collected for
- limited to what is necessary
- accurate and kept up to date
- kept for no longer than is necessary
- kept safe and secure
- only shared with other organisations who can demonstrate compliance with the regulations
- OUR CONTACT DETAILS
Key Fitness Academy is the controller for the personal information we process, unless otherwise stated.
There are many ways you can contact us, including via Facebook, post or email, as follows:
Name: Key Fitness Studio
Postal Address: Forge Way, Silverlink Business Unit 10 Darlington, DL1 2PL
Facebook Contact: https://www.facebook.com/keyfitnessstudio
- COLLECTING AND PROCESSING YOUR PERSONAL DATA
2.1 The type of information we have
We collect and process the following information:
- Personal data such as your name and contact details (address, email address, telephone number)
- other personal identifiers such as IP Addresses
- Payment details
- Your date of birth, gender, weight and height
When you use our services, you also have the option to provide us with other items of personal data including data we may use to help support you with your goals.
This data can include:
- Photographs showing your before and after progress
- Health conditions (non-mandatory)
2.2 How we obtain your data and the purpose for collecting and processing it
Most of the personal information we process is provided to us directly by you for one or more of the following reasons:
- Enquiry about our products and services via the Key Fitness Academy website or Facebook page
- Post updates or record updates on your weight and fitness progress to the Key Fitness Academy website or Facebook page
2.3 Lawful basis for processing
Under the current legislation we are obliged to advise you of our lawful basis or reason for processing your information. In most cases, this will be in order to fulfil the obligation of our contract with you, when you subscribe to our services and as detailed in our Terms and Conditions.
Included in our contractual terms, is an area within your account for you to upload your ‘before and after’ progress photographs. Once you upload your photographs they will be visible to Key Fitness Academy members and our coaches unless you chose to make private, then they will only be visible to you and the coaches. On occasion, we may want to use/publish these images on our Website or Facebook page. They will only be published on our Website and/or Facebook page. With your ‘before and after’ photographs, you can amend or delete your photos at any time via your account on the Key Fitness Academy Account.
Other lawful basis which we rely upon for processing your data are:
- our legal obligations, for example, financial audit obligations, complaint handling, and the common law duty to mitigate our contractual losses;
- your consent, for example, in respect of placing cookies on your devices;
- our legitimate interests, for example:
-to provide our services to you;
-to manage your account and our relationship with you;
-to manage payments, fees, charges, and to collect debts which you may owe to us;
-to increase our business and promote our brand;
-to improve our products and services;
-to conduct web analytics;
-to administer and protect our business, website and social media profiles;
-for the prevention and detection of fraud and spam; and
-for the establishment, exercise and defence of legal claims.
2.4 What we do with the information we have
We only collect and process personal data that is necessary and which is used for the following reasons:
- Set up your subscription account on our website
- Grant you access and use of the Key Fitness Academy
- Grant you access to the Key Fitness Academy Facebook page and associated coaching and support pages
- Receive and respond to any queries you may have
- Share your progress photographs with others
2.5 How we store your information and for how long
We securely store all your data in the Key Fitness Academy website and associated storage systems.
We will store your data until you tell us not to in order to provide you with the best possible service.
Details relating to any payment transactions are retained for 6 years in order to comply with our financial audit obligations.
We may also retain certain data for as long as it is necessary for the purpose of protecting our business, and the establishment, exercise and defence of legal claims.
2.6 Third parties we share your data with
We share your data with third party service providers which we use to operate our business, for example, our website developers and an encryption service to protect any data files we send you, hosting services providers and payment processing providers. We also use your data to enable you access to our Facebook group. We have contracts in place with our suppliers to ensure that your personal data is protected.
We may also:
- disclose your personal data to our staff;
- disclose your personal data to our professional advisers (e.g. lawyers, accountants, auditors or insurers) who provide professional services to us;
- disclose and exchange certain information with law enforcement agencies and regulatory bodies to comply with our legal obligations; and
- share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring.
- The recipients of the information will be bound by confidentiality obligations.
We will not share your information with any third parties for the purposes of direct marketing.
2.7 Joint controllers
In order to process any payments, we share your payment details with other third parties who are classed as joint controllers under the regulation. This is because they decide what and how your data is processed. These third parties are:
- PayPal (https://www.paypal.com/uk/webapps/mpp/ua/privacy-full#Updated_PS)
- Stripe (https://stripe.com/gb/privacy)
Your payment details are entered by you and are then stored in the Key Fitness Academy website in an encrypted format meaning they are not visible to any member of Key Fitness Academy staff nor our website developer.
These details are then transferred to the payment companies who process your data to ensure payment is made. Details of their processing arrangements of your payment details are explained in their privacy notices, which can be accessed via the above web links.
Any questions you have in relation to how your data is used to process such payments should be made to the relevant payment company.
2.8 Social Media
We have both an open page on Facebook (for members and non-members) as well as closed group for members only.
Our staff have administration access to moderate the pages on our members only group, on our behalf and as such, they have access to all information shared on our Facebook pages and at times will decide how to manage it. For example, if you send a message via our Facebook pages that needs a response from us, we may process it in our case management system as an enquiry or a complaint.
Key Fitness Academy fully complies with Facebooks ‘pages, groups and events’ policy, ‘Data Privacy’ Policy Community Standards’ and their ‘Terms and Conditions’.
As owners and administrators of the Key Fitness Academy Facebook pages we collect your data as follows and for the purposes as set out below:
- Name, Email address and Key Fitness Academy customer number to grant you access to our membership only pages.
Any posts you make to these pages will be available to view by anyone else in the group.
Under the general terms and conditions of Facebook, you are able to remove any of your posts at your free will and at any time whilst you’re a member of Key Fitness Academy. You may also remove your access to the page or request Key Fitness Academy to remove your access, and any of your personal data from this page. Key Fitness Academy cannot be responsible for any content that you have posted and which is subsequently shared by other members of the page.
To request your data to be deleted please contact Key Fitness Academy via our Facebook page.
When interacting with Key Fitness Academy through the Facebook social media platform, we suggest you also familiarise yourself with Facebooks:
- Community Standards https://www.facebook.com/communitystandards/
- Terms and Conditions https://www.facebook.com/legal/terms
For a full list of the cookies we use on this website, please see the table below:
|_ga||Google Analytics||Used to identify users and generates statistical data on the way they use our website.||2 years|
|_gid||Google Analytics||Used to identify users and generates statistical data on the way they use our website.||24 hours|
|_gat||Google Analytics||Used by Google Analytics to limit request rates.||10 minutes|
|cerber_groove||website||A security cookie used to validate the user session.||2 weeks|
|wordpress_logged_in_||website||Used to identify if the current user is logged in.||session|
|wordpress_sec_[hash]||website||Used to store authentication details.||session|
|wp-settings-||website||Used to customize users view of the admin interface, and possibly the main site interface.||session|
|wp-settings-time-||website||Used to customize users view of the admin interface, and possibly the main site interface.||session|
|hidebanner||website||Stores the user’s cookie consent state for our website||1 year|
|wpSGCacheByPass||website||Used to improve the speed and performance of the website||1 hour|
|woocommerce_cart_hash||website||Used to store an encoded string representing the contents of the WooCommerce shopping cart||session|
|woocommerce_items_in_cart||website||Used to identify if the current user has any items in their WooCommerce shopping cart||session|
- DATA SUBJECT RIGHTS
3.1 Your data protection rights
Under UK data protection law, you have rights including:
1.Your right of access – You have the right to ask us for copies of your personal information.
2.Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
3.Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
4.Your right to restriction of processing – You have the right to ask us to restrict the processing of your information in certain circumstances.
5.Your right to object to processing – You have the right to object to the processing of your personal data in certain circumstances.
6.Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.