At JMPT Limited T/A Tribal.fit, we are committed to protecting your privacy.
We collect and process personal data about you to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests.
Our Privacy Notice explains how we collect, use, share and protect your personal information. When we update this policy we will post any changes on our website.
In addition when visiting our website we will provide you with “just in time” notices at the moment of data collection.
If you have any queries about this Notice please contact us at JMPT Unit 8 Cheswick Village, Long Down Road, Bristol, BS16 1GU Alternatively send an email to email@example.com
IDENTITY OF DATA CONTROLLER
The Data Controller in respect of this Privacy Notice is JMPT Limited.
WHEN DO WE COLLECT INFORMATION?
We collect your personal information when you:
- Complete an Online Membership Agreement
- Register interest for upcoming JMPT Ltd opening locations
- Book or attend an exercise class or lesson
- Ask us for more information about a product or service, or contact us with a question or complaint
- Take part in a competition, prize draw or survey
- Visit or browse our website.
- Contact our Member Services support team through telephone, email or online chat
- Send an email to firstname.lastname@example.org email account
- Scan your card into one of our gyms
- You have an accident in our gyms or there was an incident where you were a witness or personally affected
- When you use equipment in the gym or when you obtain a drink from one of the Water stations
- When you book classes, courses and inductions
- CCTV – when you are using our gyms.
The use of closed circuit television (CCTV) to comply with the GDPR Version 2: 25th May 2018
- The images obtained from the system which include recognisable individuals are personal data and are covered by the applicable Data Protection legislation. This Policy should therefore be read in conjunction with the JMPT Ltd Data Protection Policy available by emailing email@example.com
- CCTV systems are operated throughout JMPT Ltd sites, monitoring dedicated areas defined by a CCTV layout proposal and following a specific ‘Brand Standard’.
- Use of a surveillance camera system must always be for a specified purpose which is in pursuit of a legitimate aim and necessary to meet an identified pressing need. This includes giving confidence to staff and visitors that they are in a safe and secure environment, protecting the integrity of the site by deterring criminals and to provide evidence to assist with the detection and prosecution of criminal offences.
- When deciding to use CCTV in a certain area JMPT Ltd must take into account its effect on individuals and their privacy and perform regular reviews to ensure its use remains justified.
- JMPT Ltd will be transparent in the use of a surveillance camera system, provide a CCTV notice, which could be an image, and publicise a contact point on the website for access to information and complaints in line with our Data Protection Policy.
- JMPT Ltd is the Data Controller for the Personal Data captured by our CCTV systems. Some shared sites require that we use both, our systems in local areas and landlord’s systems in extended areas.
- The CCTV systems which are under JMPT Ltd control are managed by the Head of Risk. The recordings are confidential and available only to those directly connected with operating the system. Copies of recorded information are strictly controlled and only made in relation to incidents under specific restrictions and require the approval described in point 10.
- The Head of Risk will produce and communicate clear rules and procedures with regards to operating, processing and releasing CCTV images.
- No more images and information should be stored than that which is strictly required for the stated purpose of a surveillance camera system, and such images and information should be deleted once their purposes have been discharged.
- Access to retained images and information should be referred to firstname.lastname@example.org and there must be clearly defined rules on who can gain access and for what purpose such access is granted; the disclosure of images and information should only take place when it is necessary for such a purpose or for law enforcement purposes. And always require previous written approval of all of the Head of Risk.
- CCTV operators should be trained to an adequate standard and such standard must be maintained at all times.
- Surveillance camera system images and information should be subject to appropriate security measures to safeguard against unauthorised access and use.
- There should be effective and periodic review mechanisms to ensure legal requirements, policies and standards are complied with in practice and to ensure that the system is working properly and produces the required images.
- When you use the JMPT app
- When our teams take photos of your attendance at the gym, part of an event or in a class (Your permission will be asked beforehand)
- When using our gyms CCTV is being recorded 24 hours a day and actively monitored between 6am and 10pm by our internal CCTV team. CCTV is permanently erased after 31 days.
- We may also collect, match or acquire information about you from other organisations such as Google and Facebook.
WHAT INFORMATION DO WE COLLECT?
The information we collect is required for the purpose of creating your Member Account and for you to enroll in our gyms. Such information allows you to be identified as a member of tribal.fit and includes:
- Name, date of birth, gender, e-mail address, postal address, telephone number, health declaration and whether you require disabled access
Credit or debit card information, information about your bank account number and sort code or other banking information. Note that we do not store your bank or credit card details on our web servers
- Your usage records and duration of visits
- Your preferences for particular products or services or interests when you tell us what they are – or when we assume what they are, depending on how you use our products and services
- Your contact with us, such as a note or recording of a call you make to our contact centre, an email or other records of any contact you have with us
- Your membership information – such as dates of payment owed and received, the services you use and any other information related to your account
HOW DO WE USE THIS INFORMATION?
We will use your personal information to provide you with the services, products or information that you have requested, for administration purposes, to improve your website experience, and marketing. We may need to share your information with our service providers, associated organisations and agents for these purposes. We may use your information to:
- Carry out an identity check as part of your membership application. This is carried out by Legend Leisure and Sage Pay and is NOT a credit check
- Process your membership application through Brightlime Limited, our chosen membership software
- Bill you for using our services as part of your membership
- Keep you informed about our services including operational matters relating to your Membership
- Provide relevant services to you
- Confirm your attendance to exercise classes or lessons
- To allow you to monitor your gym usage in your members area
- To share gym event photos on our internal social media platform called workplace (Your permission will be asked first before a picture is taken)
- Contact you with offers or promotions based on our analysis of how you use our services and what we think will be of interest to you (unless you choose not to receive our marketing messages)
- Respond to any questions or concerns you might have about our services
- Understand how you use our services, to help us develop relevant and updated services
- Carry out research and statistical analysis to monitor how customers use our services
- Prevent and detect fraud or other crimesWhere we process your personal data based on your consent you have the right to withdraw consent at any time, for example your consent to receive direct marketing. If you no longer want to receive marketing messages from us, please visit your profile section within the Member’s Area of the website where you can opt out. You can choose to opt out of all marketing or select your marketing preferences. Alternatively, if you are no longer a member, and wish to remove your consent to receive marketing content please contact by email to email@example.com
We’ll store your information for as long as you are a Member of tribal.fit, or following cancellation and to meet legal requirements including financial audit, anti-fraud and money laundering regulations we will store your information for no more than 6 years from the last activity on the account. An ‘activity’ can be classified as access into a gym, a payment made on the membership account or a comment added to the membership following contact with Tribal.fit. We may contact you about tribal.fit services during this 6 years if you haven’t opted out of receiving marketing communications from us.
This, in turn, helps us make our website relevant to your interests and needs. We may use a persistent cookie (a cookie that stays linked to your browser) to record your details so we can recognise you if you visit our website again.
Please note however that if you disable our cookies you may not be able to access certain services or facilities on our sites and your use of our sites may be restricted. This could include joining or logging in to your members area.
KEEPING YOUR PERSONAL INFORMATION SECURE
We have a dedicated team whose function is to secure our clients’ information and also take appropriate measures to ensure that the information we collect and maintain is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used.
We ensure the organisations that provide us with services related to your membership have appropriate security measures and only process your information in the way we have authorised them to. These organisations will not be entitled to use your personal information for their own purposes.
Communications over the internet (such as emails) aren’t secure unless they’ve been encrypted. Your communications may go through a number of countries before being delivered – as this is the nature of the internet. We can’t accept responsibility for any unauthorised access or loss of personal information that’s beyond our control.
WILL WE DISCLOSE THE INFORMATION WE COLLECT TO OUTSIDE PARTIES?
We may share information about you with:
- Service providers, agents and associated organisations to allow us to service your membership and communicate with you; for example, financial institutions to process payments, and freelance personal trainers when you sign up to classes
- Law enforcement agencies, regulatory organisations, courts or other public authorities where we have a legal obligation to do so
- We’ll release information if it’s reasonable for the purpose of protecting us against fraud, defending our rights or property, or to protect the interests of our customers.
- If we’re reorganised or sold to another organisation, we may transfer any personal information we hold about you to that organisation. We will inform you if we do.
USE OF PERSONAL DATA FOR AUTOMATIC DECISION MAKING
We do not intend to use your personal data for automatic decision making.
THIRD PARTY TRACKING
We use tools such as Google Analytics for collecting personal data about our website visitor’s online activities over time and across different web sites for marketing purposes. This is so we can ensure our website gives you the best possible experience. For more information and how to opt out from this please visit google online.
DO NOT TRACK (DNT)
The tribal.fit website does not respond to DNT signals.
COLLECTION OF CHILDREN’S DATA
tribal.fit does not collect or process children’s data.
YOUR PRIVACY RIGHTS
You have the following rights in relation to your data privacy: the right of access; the right of rectification; the right of erasure (the “right to be forgotten”); the right to restriction of processing; the right to be notified; the right to data portability; the right of objection; and the right to not be subject to automated profiling.
Access. You have the right to ask for a copy of the information we hold about you and to have any inaccuracies in your information corrected. Please contact us through email to firstname.lastname@example.org, the contact us section of the website or writing to the address below. There is not normally a fee for this service.
Rectification. If you believe we’re holding inaccurate information about you, or your personal details change, please update your profile on the tribal.fit website in the member’s area. Debit, Credit and Bank account changes can be made in your members area on the tribal.fit website.
Erasure. You have the right to the erasure of the data we hold on you, when it is no longer needed for the purposes of your Membership, or when you withdraw your consent for our processing (and we have no other lawful basis to hold your data).
Restriction. You have the right to ask us to place restrictions on processing your data in certain circumstances.
Notification. You have the right to be notified of any rectification, erasure or restrictions in relation to your personal data.
Portability. You have a right to receive the data we hold on you electronically in a format that allows it to be easily transferred to another data controller.
Object. You have the right to object to data processing of your personal data for direct marketing or profiling purposes.
Profiling. You have the right not to be subject to any decision based on automatic processing of your personal data.
The address to be used to obtain a copy of your personal information is: JMPT Unit 8 Cheswick Village, Long Down Road, Bristol, BS16 1GU Alternatively send an email to email@example.com
CHANGES TO THIS PRIVACY NOTICE
We will update this privacy notice to reflect the way in which we process and protect your data. If we do so, we will post notice of the change on our website and you will have the opportunity to adjust your communications preferences via your Member Profile within the Members Area of the website.