Privacy Policy
·
GENERAL
1. General intro
1.1. We are committed to ensuring that we manage your personal data
professionally and in compliance with all applicable data protection laws. Part
of this commitment is to ensure that there is transparency about how we process
personal data.
This policy includes an explanation of:
1.1.1. what data we are processing;
1.1.2. why we are processing it and what we do with it;
1.1.3. whether we will share it with anyone else;
1.1.4. whether we will transfer it outside of the European Economic Area
(EEA);
1.1.5. how we keep your data safe; and
1.1.6. your rights.
1.2. We hope that you find this Data Protection Policy helpful. If you
have any questions, please don’t hesitate to contact us.
2. Who we are and our contact details
2.1. We are ANYTIME UK CLUBS LIMITED and our registered office is at. We
are incorporated in England and Wales and our company number is 7130617. In
this Data Protection Policy ANYTIME CLUBS UK LIMITED is referred to as we, us,
our or Anytime UK.
2.2. Anytime UK, has been appointed by Anytime Fitness, LLC (AFC) as
master franchisee for “Anytime Fitness” branded health clubs in the United
Kingdom and Ireland. AFC is incorporated in the State of Minnesota, USA and is
the owner of the Anytime Fitness system for operating health clubs and all
intellectual property associated with that system. Anytime UK’s business is the
entry into franchise agreements with the owners of health clubs (franchisees)
granting franchisees the right to operate their independently owned businesses
as Anytime Fitness health clubs and the provision of training and support to
franchisees.
2.3. Because the nature of the franchising relationship between Anytime
UK, AFC and Anytime UK’s franchisees involves the prescription of certain
procedures and policies as well as the use of prescribed information systems,
we believe that, in relation to personal data concerning your membership,
Anytime UK and AFC are joint “data controllers” for the purposes of the General
Data Protection Regulation ((EU) 2016/679) (GDPR) and that the franchisee is a
“data processor”.
2.4. Please send any queries concerning your data to us using the
following contact details:
Name: Compliance Officer (Data Protection)
Email address: gdpr@anytimefitness.co.uk
Phone: +44 (0)330 3322 361
3. Your personal data
3.2.1. We have obtained information about you when you have enquired
about membership of an Anytime Fitness health club or completed and application
for membership. Typically, the information that we obtain will be your name,
address, email address, phone number, a photograph of you and payment
information.
3.2.2. If you have visited our website we may automatically collect some
personal information including details of your browser and operating system,
the website from which you visit our website, the pages that you visit on our
website, the date of your visit, and the Internet protocol (IP) address
assigned to you by your internet service. We collect some of this information
using cookies – please see Cookies in section 4 for further information. We may
also collect any personal information which you allow to be shared or that is
part of your public profile on a third party social network.
3.2.3. Our telephone calls are recorded for training purposes and may
also be used to verify any comments that were made during any conversation.
3.2.4. Anytime UK’s franchisees have CCTV in operation at each Anytime
Fitness health club. This is for security as well as health and safety
purposes. It is therefore possible that images of you will be recorded when
visiting our sites.
3.2.5. Your photograph will be used to ensure that you can access both
the Anytime Fitness health club where you are a member as well as other Anytime
Fitness health clubs you may visit.
3.2.6. If you become a member of an Anytime Fitness health club, we may
from time to time arrange for you to be offered access to software for use on
your mobile phone as well as updates to that software (the software and updates
together, an “App”). In particular, you may be given access to App’s developed
by AFC and its affiliates and information you enter into such App’s may be
integrated with other App’s owned by third parties. Before using an App you
should read the terms of use or end user agreement carefully to make sure that
you understand who is providing the app to you and what use may be made of your
information when you use the App. We do not make any commitment to you
concerning data that you enter into an App which is not provided by us.
3.3. How do we use your personal data and what is the applicable lawful
basis?
3.3.1. Where you have consented, we may provide you with marketing
information about our products and services, the products and services offered
by AFC or our franchisees and the products and services of selected partners.
In addition, we will keep you informed of events that we think will be of
interest to you.
3.3.2. We many process your information to ensure that you are provided
with all the benefits of your membership of an Anytime Fitness health club.
3.3.3. We may process your information to comply with our legal
obligations.
3.3.4. We may process your information to allow us to pursue our
legitimate interests including:
3.3.4.1. analysing our performance and the performance of our
franchisees in delivering services and products to you;
3.3.4.2. market research, training and the administration of our website;
3.3.4.3. the prevention of fraud or other criminal acts;
3.3.4.4. undertaking credit checks for finance;
3.3.4.5. complying with requests from you including if you exercise any
of your rights noted in this Data Protection Policy;
3.3.4.6. the purpose of corporate restructure or reorganisation or sale
of our business or assets;
3.3.4.7. enforcing our legal rights or to defend legal proceedings and
for general administration purposes.
3.4. Will we share your personal data with any third parties?
3.4.1. We may share your personal data with AFC, the owner of the
Anytime Fitness health club at which you are a member and, if you visit another
Anytime Fitness health club, the franchisee who operates that health club.
3.4.2. We may disclose your information to third-party service providers
for the purposes of providing services to us or directly to you on our behalf.
When we use third party service providers, we only disclose to them any
personal information that is necessary for them to provide their service and we
have a contract in place that requires them to keep your information secure and
not to use it other than in accordance with our specific instructions.
3.4.3. If the franchisee of the Anytime Fitness health club at which you
are a member sells its business to a third party, we may transfer your
information to that third party to ensure that it can continue to provide you
with the services that you expect to receive as a member of an Anytime Fitness
health club.
3.4.4. We may transfer your data to government or other official bodies
for the purposes of complying with legal obligations, for enforcing our rights,
or for the prevention or detection of a crime.
3.5. How long do we keep your data?
3.5.1. If you have expressed an interest in buying Anytime Fitness
products or services or other products and services from our selected partners,
we will retain your contact details and related information concerning your
enquiry for [five] years from the date that we last had contact with you.
3.5.2. If you have purchased membership of an Anytime Fitness health
club, if you have purchased Anytime Fitness goods or services or if you have
purchased goods or services from our selected partners, we will keep the data
relating specifically to that purchase (e.g. order forms, invoices and related
correspondence) for [seven years] from the date of the contract.
3.5.3. Voice recordings of telephone calls, CCTV images and data related
to your use of courtesy vehicles shall be kept for a maximum of 6 months unless
we have a good reason to retain such information for a longer period. This
might be because of a contractual dispute or an injury suffered by you or
another person.
3.5.4. If you have requested that we do not send you marketing
information we will always retain sufficient information to ensure that we
remember to comply with your request.
3.5.5. All of the periods stated in this section may be extended if
there is a legal requirement to do so.
3.6. Transferring your data outside of the European Economic Area
(‘EEA’)
3.6.1. The information that you send to us may be transferred to
countries outside the European Economic Area (EEA) including the USA. By way of
example, AFC may view information stored on the information systems that
Anytime UK and its franchisees are required to use as part of the Anytime
Fitness system and your information may also be transferred out of the EEA or
if any of our servers or those of our third-party service providers are from
time to time located in a country outside of the EEA. These countries may not
have similar data protection laws to the UK.
3.6.2. If we transfer your information outside of the EEA in this way,
we will take steps to ensure that appropriate security measures are taken with
the aim of ensuring that your privacy rights continue to be protected. These
measures include imposing contractual obligations on the recipient of your
personal information or ensuring that the recipients are subscribed to
‘international frameworks’ that aim to ensure adequate protection. Please
contact [the DPO whose contact details are set out above] if you would like
more information about the protections that we put in place.
3.6.3. If you use take advantage of the benefits of membership of an
Anytime Fitness health club outside the EEA, your information may be
transferred outside the EEA to provide you with those services.
4. Cookies
4.1. We use Cookies on our website. A cookie is a small text file which
is placed onto your computer (or other electronic device) when you visit our
website. This enables us to monitor how many times you visit the website, which
pages you go to, traffic data, location data and the originating domain name of
your internet service provider.
4.2. You can find out more about the Cookies we use in our Cookies
Policy .
4.3. You can set your browser not to accept cookies, however some of our
website features may not function as a result.
4.4. For more information about cookies generally and how to disable
them you can visit: www.allaboutcookies.org
5. Data security
5.1. We have adopted the technical and organisational measures necessary
to ensure the security of the personal data we collect, use and maintain, and
prevent their alteration, loss, unauthorised processing or access, having
regard to the state of the art, the nature of the data stored and the risks to
which they are exposed by human action or physical or natural environment.
However, as effective as our security measures are, no security system is
impenetrable. We cannot guarantee the security of our database.
5.2. Unfortunately, the transmission of information via the internet is
not completely secure. Although we will do our best to protect your personal
data, we cannot guarantee the security of your data transmitted to our website;
any transmission is at your own risk. Once we have received your information,
we will use procedures and security features to try to prevent unauthorised
access.
5.3. Where we have given you (or where you have chosen) a password which
enables you to access certain parts of our website, you are responsible for
keeping this password confidential. We ask you not to share a password with
anyone.
6. Links to other websites
Our website may contain links to and from other websites (e.g. social
media sites such as Twitter, Flickr, YouTube and Facebook). Unless we own such
websites, we accept no responsibility for the way in which they process your
personal data. You are recommended to check the privacy policy of each website
before you submit any personal data to it.
7. Social Plugins
7.1. We use so-called social plugins (buttons) of social networks such
as Facebook, Google+ and Twitter.
7.2. When you visit our websites, these buttons are deactivated by
default, i.e. without your intervention they will not send any data to the respective
social networks. Before you can use these buttons, you must activate them by
clicking on them. They then remain active until you deactivate them again or
delete your cookies. Please see section 4 for further details regarding our use
of cookies.
7.3. After their activation, a direct link to the server of the
respective social network is established. The contents of the button are then
transmitted from the social network directly to your browser and incorporated
in the website.
7.4. After activation of a button, the social network can retrieve data,
independently of whether you interact with the button or not. If you are logged
on to a social network, the network can assign your visit to the website to
your user account.
7.5. If you are a member of a social network and do not wish it to
combine data retrieved from your visit to our websites with your membership
data, you must log out from the social network concerned before activating the
buttons.
7.6. We have no influence on the scope of data that is collected by the
social networks through their buttons. The data use policies of the social
networks provide information on the purpose and extent of the data that they
collect, how this data is processed and used, the rights available to you and
the settings that you can use to protect your privacy.
8. Your rights
8.1. Your right to access data
8.1.1. We always aim to be as open as we can and allow people access to
their personal information. Where we hold your personal data, you can make a ‘subject
access request’ to us and we will provide you with:
8.1.1.1. a description of it;
8.1.1.2. an explanation of why we are holding it;
8.1.1.3. information about who it could be disclosed to; and
8.1.1.4. a copy of the information – unless an exception to the
disclosure requirements is applicable.
8.1.2. If you would like to make a ‘subject access request’ please make
it in writing to [the DPO whose contact details are set out above] and mark it
clearly as ‘Subject Access Request’.
8.1.3. If you agree, we will try to deal with your request informally,
for example by providing you with the specific information you need over the
telephone.
8.1.4. Unless you agree a different time, we will complete your subject access
request within one month.
8.2. Right to stop marketing messages
You always have the right to stop marketing messages. We will usually
include an unsubscribe button in any marketing emails. If you do wish to
unsubscribe, please just click the unsubscribe button and we will promptly
action that request. Alternatively, you can update your marketing preferences
by contacting us at any-time.
8.3. Right to be forgotten
If we hold personal data about you, but it is no longer necessary for
the purposes that it was collected and cannot otherwise be justified, you have
the right to request that we delete the data.
8.4. Right to restrict data
If we hold personal data about you and you believe it is inaccurate you
have the right to request us to restrict the data until it is verified. You
also have the right to request that the data is restricted where you have a
right to it being deleted but would prefer that it is restricted.
8.5. Transferring your personal data
Where we rely on your consent as the legal basis for processing your
personal information or need to process it in connection with your contract, as
set out under section 3, you may ask us to provide you with a copy of that
information in a structured data file to you or to another service provider. We
will action this request, usually by sending the data in a CSV file.
8.6. Right to complain
You always have the right to complain to the personal data regulator,
the ICO. You may also be entitled to seek compensation if there has been a
breach of data protection laws.
9. Policy updates
This policy was last updated on 25 May 2018.