Privacy Policy for HER GYM (CYPRUS) LTD
Effective Date: 29-02-2024
Introduction
HER GYM (CYPRUS) LTD (“we,” “us,” or “our”) is committed to protecting the privacy of our users (“you” or “your”) in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws. This Privacy Policy describes the types of information we collect, how we use it, and your rights concerning your data.
Consent
By using this website, you hereby consent to our Privacy Policy and agree to its terms.
Cookies and Web Beacons
Like any other website, HER GYM (CYPRUS) LTD uses ‘cookies’. These cookies are used to store information including visitors’ preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users’ experience by customizing our web page content based on visitors’ browser type and/or other information.
Information We Collect and Legal Basis for Processing
We collect the following personal information:
Essential Information
Name: Required for membership identification and communication.
Contact Information: Email address and phone number required for booking classes, sending important updates, and contacting you in emergencies.
Payment Information: Payment details are collected and processed securely by our third-party payment processor. We do not store full payment card details.
Health Information: Any health information you provide through our website (e.g., fitness goals, medical conditions) is collected with your explicit consent and used solely to tailor your workout experience with our services.
Usage Data: We collect anonymized usage data about your website and app activity (e.g., pages visited, features used) to analyze user behavior and improve our services. This data is collected through cookies and similar technologies, which you can control through your browser settings.
We process your personal information based on the following legal bases:
Contractual Necessity: We use your essential information to fulfill our contractual obligations with you as a gym member.
Consent: We use your health information and optional marketing communications only with your explicit consent.
Legitimate Interests: We use anonymized usage data to improve our services and website, which we believe benefits all users.
Sharing Your Information
We may share your personal information with the following third parties only when necessary:
Service Providers: We use trusted service providers for tasks like payment processing, website hosting, and marketing automation. We have data sharing agreements with these providers to ensure your information is protected and used only for the agreed-upon purposes.
Law Enforcement and Regulatory Authorities: We may disclose your information if legally required, such as in response to a court order or to report suspected illegal activity.
Data Retention
We will retain your personal information for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. We will then securely delete or anonymize your information.
Your Rights under GDPR
You have the following rights regarding your personal information:
Right to access: You can request a copy of your personal information at any time.
Right to rectification: You can request us to correct any inaccurate or incomplete information we hold about you.
Right to erasure (right to be forgotten): You can request us to delete your personal information, subject to certain legal exceptions.
Right to object: You can object to the processing of your personal information for marketing purposes or based on legitimate interests.
Right to restriction of processing: You can request us to restrict the processing of your personal information in certain circumstances.
Right to data portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.
You can exercise these rights by contacting our Data Protection Officer (DPO) at [DPO contact information]. You also have the right to lodge a complaint with the Data Protection Commissioner of Cyprus if you believe your data protection rights have been violated.
Children’s Privacy
Our Website is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and you believe that your child has provided us with personal information, please contact us. We will take steps to delete the information from our systems.
Security
We have implemented appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. This includes server security measures, encryption of sensitive data, and regular security audits. However, no internet transmission is completely secure, so we cannot guarantee the absolute security of your information.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the revised Privacy Policy on the Website. You are advised to review this Privacy Policy periodically for any changes.
Contact Us
If you have any questions about this Privacy Policy or your data protection rights, please contact our Data Protection Officer at dvir@hergym.cy
Additional Information
This Privacy Policy is governed by and construed in accordance with the laws of the Republic of Cyprus.