Stewarton based gym dedicated to the promotion of a healthier lifestyle, physical and mental fitness.
We believe that your private information should be just that – private. To operate our services we need to collect some personal information about you. This privacy notice explains what we do with the personal data collected and why we do it.
The organisation collects and processes information about you upon enquiring about gym membership. This information allows us to contact you in order to arrange a time for your free trial sessions and answer any questions you may have in relation to the gym and its program.
The information collected includes:
Prior to attending your first trial session with us, we require you to complete a waiver and Physical Activity Readiness Questionnaire (PAR-Q). This acts as a legal document, allowing us to ascertain your current health status and suitability to train safely with us. It also asks for your consent to confirm that you understand the nature of the training program, its stimulus and any risks involved.
The information collected in the client waiver / PAR-Q includes:
your name and address
contact details, including email address and telephone number;
date of birth;
emergency contact details; and
basic medical history of injury / illness.
When you join as a member of Aristos Fitness we will use the above data collected through the waiver to set up your membership. We also require the following information for processing membership payment:
bank account details.
Any products purchased through the Aristos Fitness website also require the collection of personal data in order to process the order. Date collected for orders through the website includes:
address including postcode;
details of any food allergies (for food orders);
bank account details.
Your name, address and payment information will be used to set up your membership and process your payment.
Your email address is used to communicate with you regarding updates and opportunities within the gym in relation to its program.
Your phone number will only be used to contact you at short notice, i.e. to inform you of a last minute class cancellation, or in an emergency situation.
Your emergency contact details will only be used in an emergency situation to notify your designated contact.
Gender and date of birth information helps us to understand the demographic of our membership and allows us to improve the service for our members.
The PAR-Q data is used to ensure that you are in a fit and healthy condition to train with Aristos Fitness, and to ensure that all gym users understand and consent to the nature of the training program through the signed waiver. This helps to ensure that the organisation is complying with its legal obligations.
Personal data collected through the website in relation to products purchased will only be used in conjunction with that particular order, to allow for the payment to be processed and for the product to be produced.
Please note that we will only use your Personal Data in ways that are compatible with the purposes for which it was collected or as subsequently authorised by you.
Data will be stored in:
paper based personal files;
our IT systems; and
our email system.
Aristos Fitness use a secure gym management platform, Wodify Technologies LLC (“Wodify”), to help process member payments, manage class bookings, publish the gym program, record and track member performance and view gym analytics. Every member can access and update their own personal data at any time through their personal member login on Wodify.
Wodify Admin data is only accessible through a separate system, “Wodify Core”, using a specific username and password for each member of the Aristos Fitness Coaching team. This is further secured with password protected computers and phones. All of our systems have firewall protection installed to maximise security and prevent unauthorised access.
Wodify Technologies LLC is located outside of the European Economic Area (“EEA”). Wodify is based in the United States and provides services globally. The personal data collected through Wodify is stored in their primary data store in Virginia, US, however may also transfer some personal data to their third party sub-processors, as detailed below, who may be located in a different country.
“If you are an European Union (EU) citizen and your information is shared with corporate affiliates or third party service providers outside the EEA, we will, prior to sharing your information with such corporate affiliate or third party service provider, establish the necessary means to ensure an adequate level of data protection. This may be an adequacy decision of the European Commission confirming an adequate level of data protection in the respective non-EEA country or an agreement on the basis of the EU Model Clauses (a set of clauses issued by the European Commission).”
Wodify also declares to act in accordance with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Wodify has a Privacy Shield certification.
The organisation takes the security of your data seriously. The organisation has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by the Directors and members of staff in the performance of their duties.
Where the organisation engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
All of your personal information can be updated at any time by logging on to Wodify using your member username and password, or through the Wodify app. This can be accessed through menu / settings / and then selecting the personal data that you would like to update.
The organisation will not keep your personal information for any purpose(s) for longer than is necessary and we will only retain the relevant personal information that is necessary in relation to the purpose. We are also required to retain certain information by law or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions. For example, we will retain the personal information you provided on joining as a member so long as your membership remains in existence.
We are required to keep an electronic copy of your signed waiver for legal purposes.
As a data subject, you have a number of rights. You can:
access and obtain a copy of your data on request;
require the organisation to change incorrect or incomplete data;
require the organisation to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing.