PHFitness is committed to ensuring that your privacy is protected and will treat all information held about you in accordance with this policy which is in line with current UK legislation. For these purposes PHFitness is a ‘data controller’ meaning that we decide how and why the personal data that we collect is used.
- How we collect personal information.
- How we use the information we collect.
- Your rights and how you can manage the use of your personal information.
- Procedures that we have in place to safeguard your privacy.
- How you can make a complaint or contact us.
The following is a broad description of the way PHFitness processes personal information. To understand how your own personal information is processed you may need to refer to any personal information communications you have received, check any privacy notices we have provided to you or contact us to ask about your personal circumstances.
The personal data we collect
Reasons/purposes for processing information
We process personal information to unable us:
- To provide safe and effective health, fitness, nutrition and sports massage services to our clients
- To maintain our own accounts and records
- To promote our services
- To support and manage our employees
Who the information is processed about
We process personal information about:
- Advisers, consultants, other professional experts
The information we collect
We only gather the personal information we need for business purposes in order to provide you with the services you have requested, including providing appropriate news and information to our members and interested prospective customers, or to comply with our regulatory obligations.
The personal data we collect will be the information that you provide and may also include information about you from the e-mails, letters and other communications you send and documents you provide to us.
We may also collect information about your usage of our website (please refer to our Cookies Policy).
Type/classes of information processed
- Personal details, including contact information
- Special category details such as your medical conditions, date of birth, height and weight
- Emergency contact details, including your GP contact information
- Goods and services
- Financial details (if required where Go Cardless is not used)
In providing you with our services, PHFitness will handle your personal information. Personal information is information about you from which you can be identified, such as your name and contact details. As part of our personal training, nutritional guidance and sports massage services you receive from us, this will include sensitive/ special category personal information such as medical information.
If we make a change to any of the ways in which we process personal information, we will update our privacy notices and website.
Confidential and medical information
The confidentiality of your personal information is of paramount concern to us and we comply with UK data protection law and all the applicable confidentiality guidelines issued by professional bodies such as the Information Commissioner’s Office (ICO).
Your confidential medical information will only be disclosed:
- To those involved with your treatment or care if required in the event of an injury to you or cardiac rehabilitation
- In accordance with UK law and guidelines from professional bodies
- For the purposes of your medical screening assessment (unless you object)
Basis for processing and use of your data
PHFitness collects this information in a variety of ways. We obtain personal data about you, for example, when:
- You use our services
- You meet with us or submit a query for us, for example by email, telephone or social media, including where you reference PHFitness in a public social media post
- You participate in any marketing activity.
Using your information
We use personal information to provide you with our services, and to improve and extend our services. This may include:
- Responding to your queries and communicating with you
- Supporting your fitness, nutrition or sports massage plan/ treatment
- Internal record keeping and administration within our business
- Responding to requests where we have an obligation to do so
- Assessing the fitness, nutrition and sports massage service you have received and any concerns or complaints you raise, so that these can be properly investigated.
We need to process data for purposes necessary for the performance of our contract with you and to comply with our legal obligations. This may include processing your personal data where you are an employee, supplier or our client/member.
Where you enquire about becoming or where you become a client of PHFitness, for example, the basis for our processing of your personal data will be to enter into and perform the contract between you and us.
We may process your personal data for the purpose of our own legitimate interests provided that those interests do not override any of your own interests, rights and freedoms which require the protection of personal data. This includes processing for business development, marketing, security and management purposes. You are always free to withdraw from this data processing at any time.
On the grounds of legitimate interest, from time to time we may send you information about company news or other matters that we believe will be of interest to you. This could involve us seeking your thoughts and opinions on the services we provide and us notifying you of any changes.
Other information processed by PHFitness as part of its legitimate interests include: network and information security, cloud storage, updating customer details, due diligence involving risk assessment and fraud prevention.
We may also process your personal data for certain additional purposes with your consent, and in these limited circumstances where your consent is required we will seek your clear and unambiguous consent prior to processing your data. You have the right to withdraw your consent to processing for such specific purposes at any time.
Please note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data.
Do any third parties have access to my data?
We will only share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
We do not share your personal information with anyone outside of PHFitness to use for their own purposes, unless:
- We have your permission or you are signed up to the third-party (such as in the case of social media)
- We are permitted or obliged to do so by law (safeguarding).
- We must protect the rights, property or safety of PHFitness, our clients, or others.
- We are detecting, preventing and helping prosecution of financial crime. For example, we may share information with fraud prevention or law enforcement agencies, and other organisations if we suspect fraudulent activity.
Your personal information will be shared with third parties to help administer the working relationship with you in the context of system maintenance support, hosting of data, and facilitating communication. In this instance, “third parties” who are employed by us to provide services will have access to the personal information needed to perform their functions and not for any other purpose. The following activities are carried out by third-party service providers: IT (and cloud services), professional advisory and support services (such as accounting), marketing communications services and banking services.
The requirement for us to keep in regular contact with clients is part of our Members Service. To administer this working relationship we will use the communication platform of your choice. This may require us to share your data with the following third parties: mobile phone providers; Facebook Messenger; WhatsApp; Signal and Google Hangouts.
Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
How secure is my information with third-party service providers?
All our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal information in line with our policies and European law. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
When you or PHFitness uses third-party service Facebook Company Products such as Facebook Messenger and WhatsApp, they may receive information about what you share with them. For example, if you use a data backup service integrated with them (like iCloud or Google Drive), they will receive information you share with them such as your contact list. By interacting with these third-party services, all users may be providing information directly to such a third party in this way. Please note that when you use third-party services or Facebook Company Products, their own terms and privacy policies will govern your use of those services.
Facebook data policy – https://www.facebook.com/full_data_use_policy
How does PHFitness protect data?
PHFitness takes the security of your data seriously. We have internal policies and controls in place in respect of security that are regularly reviewed to ensure that they are commercially reasonable and appropriate, to prevent data from being accidentally lost or destroyed, used or accessed in an unauthorised way, altered or disclosed. Our policies and controls are designed to limit access to those employees and other third parties who have a business need to know.
Where PHFitness engages third parties to process personal data on its behalf, they do so on the basis of written instructions and are obliged to implement appropriate measures to ensure the security of data.
All employees, contractors and other third parties are subject to a duty of confidentiality.
We are committed to keeping your personal information secure and therefore store it in a range of secure places, including in relevant files, and within email and IT systems.
We have put physical, electronic and operational procedures in place to safeguard and secure the information we collect. PHFitness staff also have a legal duty to respect the confidentiality of your information, and access to your confidential information is restricted only to those who have a reasonable need to access it.
How long does PHFitness keep data?
We employ appropriate security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage.
We will only retain your personal data for as long as the law requires or as long as it is necessary to fulfil the purposes for which it is collected, taking into account the nature of the information and purpose for which it has been obtained and is used or held.
We will keep information for a reasonable amount of time in order to perform the purposes listed above.
We generally keep personal information for seven years after last contact with you. However PHFitness reserves the right to keep information for longer if we feel that this is in our legitimate interests.
When assessing what retention period is appropriate for your personal data, we take into consideration:
- the requirements of our business and the services provided;
- any statutory or legal obligations;
- the purposes for which we originally collected the personal data;
- the lawful grounds on which we based our processing;
- the types of personal data we have collected;
- the amount and categories of your personal data; and
- Whether the purpose of the processing could reasonably be fulfilled by other means.
Keeping information confidential and secure
We achieve this by:
- Training all staff members
- Robust methods of breach detection
- Proper password policy and procedures
- Proper storage of digital and non-digital data
- Proper destruction of data that we no longer need
- Ensuring that staff are aware of their individual responsibilities for data handling and processing
- Following best practice as advised by the ICO
- Having an effective working relationship with people/companies who have access or share our data
Under certain circumstances individuals have certain rights over their personal data. These include:
- requesting access to and thereby receiving details of personal data held;
- requesting correction of personal data, where appropriate;
- requesting erasure of personal data, where appropriate;
- objecting to the processing of your personal data where PHFitness is relying on its legitimate interests as the legal ground for processing; and
- requesting the restriction of processing of your personal data for a period if data is inaccurate or there is a dispute about whether or not your interests override PHFitness’s legitimate grounds for processing;
- Requesting the transfer or your personal data where processing is based on consent, is carried out by automated means and is technically feasible.
If you believe that any information we are holding on you is incorrect or incomplete, please write to us or email us as soon as possible. We will promptly correct any information found to be incorrect.
What if you do not provide personal data?
If you refuse to provide us with certain information when requested, we may not be able to perform the contract we have entered into with you. Alternatively we may be unable to comply with our legal or regulatory obligations.
Changes to how we protect your privacy
Where we undergo substantial changes to our privacy statement we will endeavour to inform you directly about them.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide whilst visiting other sites even if you access them using links to or from our website. You should exercise caution and look at the privacy statement applicable to the website in question.
PHFitness tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention and welcome any suggestions for improving our procedures.
If you believe that PHFitness has not complied with your data protection rights please contact us accordingly. We will look into any complaint carefully and promptly and do all we can to explain the position to you.
You also have the right to complain to the ICO (https://ico.org.uk/)
How to contact us
We always want to hear from our customers. If you:
- Have any questions or feedback
- Would like us to stop using your information
- Want to exercise any of your rights as set out above or have a complaint.
Please don’t hesitate to contact us and we will be happy to answer any questions you may have.
You can contact us at email address: firstname.lastname@example.org or else through the PHFitness website. Or if you’d like to, you can write to us at: PHFitness Ltd, Unit 1, 229 Derby Road, Spondon, Derby, DE21 6SY.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated on 18 April 2019.
The information contained in this website is for general information purposes only. The information is provided by PHFitness and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.
Through this website you are able to link to other websites which are not under the control of PHFitness. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, PHFitness takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.
Website usage terms and conditions
The term ‘PHFitness’ or ‘us’ or ‘we’ refers to the owner of the website whose registered office is 80 Meadow Lane, Chaddesden, Derby, DE21 6ES.. The term ‘you’ refers to the user or viewer of our website.
- The content of the pages of this website is for your general information and use only. It is subject to change without notice.
- Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
- Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.
- This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
- All trademarks reproduced in this website, which are not the property of, or licensed to the operator, are acknowledged on the website.
- Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
- From time to time, this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).
- Your use of this website and any dispute arising out of such use of the website is subject to the laws of England, Northern Ireland, Scotland and Wales.
This website and its content is copyright of PHFitness – © PHFitness 2019. All rights reserved.
Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following:
- you may print or download to a local hard disk extracts for your personal and non-commercial use only
- you may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material
You may not, except with our express written permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any other website or other form of electronic retrieval system.