PLEASE READ THIS PRIVACY NOTICE CAREFULLY.
We are committed to protecting your privacy as a user (referred to as “User”, “you” or “your”), and we take our responsibility regarding the security of your Personal Data (defined below) very seriously. We will be clear and transparent about the Personal Data we are collecting and what we will do with that Personal Data.
- the types of Personal Data we collect on the FITXSYD website, blog, online shop or one of our other products or services, all of which are part of FITXSYD’s platform (the “Platform”) and how we collect it;
- how we hold and use the information, including to provide promotional materials and advertisements that have been tailored to you based on the Personal Data that you have provided;
- with whom we may share it;
- the choices available to you regarding our use of your information;
- the measures we take to protect the security of the information; and
- how you can contact us about our privacy practices.
- Who is responsible for processing your Personal Data?
FITXSYD LLC and its affiliates (referred to as “FITXSYD”, “we”, “us” or “our”) is the “data controller” (i.e. the organisation responsible) for all Personal Data that is collected and used our customers for the purposes of data privacy laws, principles and regulations which may apply to you (including the European General Data Protection Regulation (“GDPR”)) (collectively, “Data Privacy Law”).
- What Personal Data do we collect (including by automated means)?
“Personal Data” has the meaning given in the Data Privacy Law applicable to you, and includes any information or opinion relating to you which allows us to identify you, such as your name, phone number, social media name or ‘handle’, postal address, email address, details of products or services you have purchased, payment details and information about your access to our website.
Specifically, we may (either directly or indirectly) collect the following categories of Personal Data:
Personal details including about your nationality or physical or mental health are considered “sensitive” personal data under applicable Data Privacy Law. We will process any such data only if you have given your explicit consent, or it is necessary (for instance if you request special assistance), or otherwise in compliance with applicable Data Privacy Law.
Children – Users must be of legal age in their respective countries and not under 16 years old, or you must have consent from your parent or guardian. Individuals are not allowed to sign up for a User Account on the Platform without verifying that they are 16 years or older. If you are a parent or legal guardian of a child who is under 16 years old who you believe has provided Personal Data to FITXSDY, please contact us at the details in Section 9 if you want to exercise any of the rights available under applicable Data Privacy Law as set out in Section 6 below.
- first and last names, email address and date of birth (these are mandatory information which we require when opening a user account on the Platform (“User Account”));
- other information such as country of residence and gender, home address and telephone number;
- medical conditions or requirements, and dietary preferences, as well as data on your physical characteristics (e.g. weight, height and body measurements such as stride length and apparel size to the extent you choose to enter these on the Platform);
- fitness activity data provided by you on the Platform or generated through your use of the FITXSYD website (e.g. time, duration, distance, location, calorie count), including activity data generated by the devices (e.g. smart watches, heart monitors) that you connect to the FITXSDY website;
- information you provide about yourself and any preferences in your User Account;
- information about your purchases of products and services from us or our third party partners who may provide or promote their own products or services through the Platform;
- information about your use of the Platform;
- communications with us or directed to us via letters, emails, chat services, calls, and social media;
- where you have selected particular services or features on the Platform (e.g. scheduling your workouts, sharing your fitness activities with friends through social media platforms), your photos, audio, contacts and calendar information, as well as your social network information (including credentials and any information from your public posts about FITXSYD or your communications with us); and
- your location where:
- the IP address of your computer or device is used to determine your geographic location so that we can customize your experience on the Platform (e.g. language settings); and
ii. you elect to use location-based features on the Platform (in particular, the FITXSYD website) and turn on the location services settings on your device or computer (e.g. GPS and/or Bluetooth) so that we can track your real-time geographic location to record your fitness activities (for example, your running route).
- Why and how do we use your Personal Data?
Your Personal Data may be used for the following purposes:
3.1 Provide features of the Platform and the products and services you request: We use the Personal Data you give us to provide the Platform and the products and services you request, including:
- to create and set up your User Account;
- to fulfil any orders for products that you place on the Platform, including to communicate with you about the orders and to process information for our internal accounting, billing and audit purposes; and
- if you use the Platform to track your fitness activity, we will collect and store this information so that you can review it on the Platform and track your progress. We may also use this information to calculate further information about your activity so that this can be provided to you as part of the functionality of the Platform.
3.2 Communicate information about our products and services and for other promotional purposes: With your consent, or as otherwise permitted by applicable Data Privacy Law, we will use your Personal Data to provide information that we believe is of interest to you, prior to, during, and after your interactions with us, including marketing communications and news concerning our products, services, events and other promotions. You can opt-out at any time after you have given your consent to such communications. In providing tailored promotional materials to you, FITXSYD may use the personal information collected through your use of the Platform, such as the user preferences you set and profile data you submit, any fitness activity data generated through your use of the Platform, and any medical conditions or dietary preferences that you have identified to us.
3.3 Customer service communications: we use your data to manage our relationship with you as our customer and to improve our services and enhance your experience with us (e.g. to respond to your inquiries when you reach out to us). From time to time, we may also conduct customer surveys to gauge satisfaction with our Platform and the services and products that we provide.
3.4 Administrative or legal purposes: We use your Personal Data to operate our business, including for statistical and marketing analysis, systems testing and to diagnose technical and service problems, maintenance and development of our Platform, or in order to deal with a dispute or claim. We may also perform data analysis based on the data we collect from you for statistical and marketing analysis purposes – for example, we may use information about how users of our Platform search for and find specific workouts to better understand the best ways to organize and present the content that we offer.
3.5 Security, health, administrative, crime prevention/detection and legal purposes: We may use your Personal Data to verify your information and identity, and to protect against, identify and prevent fraud and other unlawful activities. We may also share your Personal Data with government authorities or enforcement bodies for compliance with legal requirements, or as otherwise required or permitted by applicable Data Privacy Law.
3.6 Other purposes: We may also use your Personal Data in other ways, and where we do so, we will provide specific notice at the time of collection and obtain your consent unless otherwise permitted by applicable Data Privacy Law.
- to comply with a legal obligation;
- if it is in our legitimate interests to do so as a business (e.g. for administrative purposes) and to improve the functionality of our Platform;
- where you have consented to our using your personal data (e.g. for marketing related uses); and
- to protect your vital interests or those of another person (e.g. in case of a medical emergency).
- How do we protect and manage your Personal Data (including international transfers and retention periods)?
4.1 Encryption and security
We follow strict security procedures in the storage and disclosure of your Personal Data, which are designed to protect it against misuse, unauthorized access, modification or disclosure and accidental loss, destruction or damage. The data you provide to us is protected using SSL (Secure Socket Layer) technology. SSL is the industry standard method of encrypting personal information and credit card details so that they can be securely transferred over the internet.
4.2 International transfers of your Personal Data
FITXSYD operates businesses in multiple jurisdictions, some of which are not located in the United States of America (USA). The Personal Data that FITXSYD collects from users will be stored in the United States of America and might also be shared with third party data recipients (e.g. e-commerce and logistics providers such as Shopify, and customer support providers such as Zendesk) that are not located in the United States of America. Therefore, the Personal Data that you provide to FITXSYD may be transferred internationally to countries other than the country in which you initially provided your data.
4.3 Retention of your Personal Data
We will not retain your data for longer than is necessary to fulfil the purposes for which it is being processed. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it, and whether we can achieve those purposes through other means.
We also consider the periods for which we might need to retain personal data in order to meet our legal obligations, or to deal with complaints and queries, and to protect our legal rights in the event of a claim being made.
In general, this means that we will likely keep your Personal Data for as long as your User Account is open. Following closure of your User Account, however, we may still retain a limited portion of your Personal Data so that we can maintain a continuous relationship with you if and when we are in contact with you again, and to comply with our internal processes and any legal obligations.
When we no longer need your personal data, we will securely delete or destroy it. We will also consider if and how we can minimize over time the personal data that we use, and if we can anonymize your personal data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.
- Who do we share your Personal Data with?
- other companies and members within the FITXSYD group;
- our trusted third party ancillary partners (identified on our website), who may offer products and services on or through our Platform. If you choose to purchase products or services offered on our Platform by third parties, you may be a customer of both FITXSYD and these third parties, and we and our partners may collect and share information about you, such as your contact details and your billing information. We are not responsible for third parties’ use of your personal data where such use is permitted for their own purposes. You should consult their privacy policies for further information;
- third party social media platforms in various circumstances, including where:
- you are able to access third party social media services through our Platform or before coming to our Platform;
- you connect your User Account to your social media account, in which case we will receive from the social media platform the Personal Data you choose to share, based on the preferences and settings on your social media account. We will use this information in order to improve and personalize your use of our Platform; and
- we use social media plugins on our Platform (e.g. a “share” or “like” button), and your use of these plug-ins, may result in the disclosure of certain of your information to the social media platform in question, and possibly presented on your social media profile, to be shared with others in your network – however, we will only share your Personal Data with these social media platforms if you have provided your express consent for us to do so.
- other companies, contractors or agents that assist us in providing services to you, including our online e-commerce platform that allows us to sell and deliver our products and services to you (which may include Shopify), support ticketing (which may include Zendesk), legal services, debt collection, administration services, customer services and information technology support;
- only where you have provided consent, other companies, contractors or agents in connection with our marketing efforts, or marketing platform providers.
- government authorities, law enforcement bodies and regulators for compliance with legal requirements, or where otherwise required by applicable Data Privacy Law; and
- our legal and other professional advisers in order to enforce our legal rights in relation to our contract with you.
We may also transfer your Personal Data to potential buyers in the event that we sell or transfer all of a part of our business or assets (including in the event of a reorganization or dissolution / liquidation), under strict non-disclosure restrictions, and solely in order to allow a buyer to determine whether to proceed with the transaction, or where such a determination is made, to complete it.
- Your Rights and Choices
6.1 Under certain circumstances, by applicable Data Privacy Law you may have the right to:
- Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it;
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see (e) below);
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes;
- Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your personal information or profiling of you;
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it;
- Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format; and
- Withdraw consent. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes to which you originally agreed, unless we have another proper and legitimate basis for doing so.
6.2 If you wish to exercise your rights related to your Personal Data (including the rights set out above), please contact the FITXSYD team using the details in Section 9.
6.3 While you will generally not be required to pay a fee to access your Personal Data or to exercise any of your other statutory rights, we may charge a reasonable fee if your request for access is clearly completely unfounded or excessive or decline to comply with such requests where permitted by applicable Data Privacy Law.
6.5 We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it and to prevent unauthorized modification of your personal information.
6.6 You also have the right to lodge a complaint about our processing of your Personal Data with the body regulating data protection in the country or state / province in which you live.
- Your Rights and Choices
Our Platform may provide links to other websites for your convenience and information. These websites may operate independently from us. If you visit any website linked to our Platform, you are subject that website’s own privacy policies. Linked websites may have their own privacy notices or policies, which we strongly suggest you review. To the extent any linked websites are not owned or controlled by us, we are not responsible for their content, any use of the websites, or the privacy practices of the websites.
How to contact us?
If you wish to provide feedback or if you have questions or concerns or wish to exercise your rights related to your Personal Data, please contact the FITXSYD team at the following email address: firstname.lastname@example.org.
2.9 We will not discriminate against you for exercising any of your rights under the CCPA. Specifically, unless permitted by the CCPA, we will not:
deny you access to goods and/or services provided by us on the Platform;
charge you different prices or rates for the goods and/or services provided by us on the Platform, or imposing penalties on you;
provide you with a different level or quality of goods and/or services than otherwise generally provided by us on the Platform; or
suggest that you will receive a different price or rate for, or a different level or quality of, the goods and/or services generally provided by us on the Platform.