Here at Ultimate Health and Fitness we take privacy seriously and will only use your personal information to administer your account.
Who we are
Our website address is: https://www.ultimatehealth-fitness.co.uk
What personal data we collect and why we collect it
When you submit a form on our website, we collect your name, email address and telephone number so that we can correspond with you.
When you submit a form on our website, to find out more information about our services, we collect your name, your email address and telephone number so that we can correspond with you.
When you subscribe to our mailing list we collect your name and your email address so that we can correspond with you.
Your personal data will not only be stored in our email database – Pipedrive but also in Mailchimp, the application we use to send our newsletters and campaigns.
We use the CRM – Pipedrive to manage our email database. We only store your name, email address and telephone number(s). We use that information to contact you if we need to provide or obtain information; to send you information you’ve requested, to send you sign up information, other information or if we have any queries about your account/membership or payments, and to check that our records are correct.
We don’t rent or trade email lists with other organisations and businesses.
We use Mailchimp for our newsletter and campaigns.
Mailchimp is a marketing automation platform and is GDPR compliant.
In Mailchimp we only store your name and email address and your membership status (if applicable). When you sign up to our mailing list, we may send you emails about our services, offers and other updates. When you create an account and/or buy a membership with Ultimate Health and Fitness, we may send you newsletters, informative articles and other updates. The information we send helps us to improve your experience at Ultimate Health and Fitness.
We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter.
You can unsubscribe to general mailings at any time clicking the unsubscribe link at the bottom of any of our emails or by emailing firstname.lastname@example.org
Teamup is the management software we use to manage memberships and online bookings and is GDPR compliant.
We collect the following information:
- Your name
- Your email address
- Emergency Contact Information
- Telephone Number
- Health Conditions*
We use the information to contact you if we need to obtain or provide information.
You can view and edit your personal data and notifications within your account settings. You can view and edit your contact details and health data answers under forms and waivers. The administrators can also view and edit your data, apart from your login password.
*Whilst we do not generally collect sensitive information unless it is volunteered by you, we do specifically collect health data to the extent that it is required to assess your readiness for physical exercise.
We use Typeform to collect your name, email address and telephone number when you apply for any of programs via our facebook ad campaigns.
We may also use Typeform for online surveys or payment forms.
We use Jotform for our Lifestyle Questionnaire.
Jotform is an online form builder and form creator and is GDPR compliant.
Sensitive information is volunteered by you. The information we gather helps us to improve your experience at Ultimate Health and Fitness; understand your needs and provide you with a better service.
We store your name and telephone number so that we can correspond with you. We use that information to contact you if we need to provide or obtain information; to send you information you’ve requested, to send you sign up information, other information or if we have any queries about your account/membership or payments, and to check that our records are correct.
UHF Online Portal
When you purchase a membership on Ultimate Health and Fitness, your payments and mandates are processed via GoCardless.
This information is only processed in a way which does not identify anyone.
This privacy notice tells you about the information we collect about you via CCTV when you use our gym. In collecting this information, we are acting as a data controller and, by law, we are required to provide you with information about us, about why and how we use your data, and about the rights you have over your data.
What personal data do we collect?
Our gym is monitored by CCTV 24 hours a day. Ultimate Health and Fitness reserves the right for its staff and contractors to review footage as required and by entering our gym you consent to your image being recorded and reviewed and waive any and all claims in relation to the same.
All cameras are located in prominent positions within public and staff view and do not infringe on sensitive areas. All CCTV surveillance is automatically recorded and any breach of this siting policy will be detected via controlled access to the CCTV System and auditing of the CCTV System.
The images produced by the equipment will as far as possible be of a quality that is effective for the purpose(s) for which they are intended. Upon installation, all equipment is tested to ensure that only the designated areas are monitored and suitable quality pictures are available in live and play back mode.
Prior to any camera installation we will ensure that the installation complies with this policy and that the use of any camera is justified, necessary and proportionate. We will regularly assess whether the use of any camera and the CCTV System as a whole continues to be justified, necessary and proportionate.
Why do we collect this information?
The purpose of the use of the CCTV Systems and the collection and processing of CCTV images is for:
- the prevention or detection of crime or disorder,
- apprehension and prosecution of offenders (including use of images as evidence in criminal proceedings),
- interest of public and employee Health and Safety,
- protection of public health
- the protection of the our property and assets.
What do we do with your information?
Recorded CCTV footage will be stored securely and retained in compliance with the GDPR. All images are digitally recorded and stored securely within the system’s hard drives. Viewing of images within the system is controlled by the Data Protection Officer or a person nominated to act on their behalf. Only persons trained in the use of the equipment can access data. How long do we keep your information for? Images are stored for a minimum of 14 days, and stored for no more than 30 days.
Where the images are required for evidential purposes or disciplinary proceedings, a copy file will be moved to an access controlled confidential location on the network and held until completion of the investigation.
Who has access to my information?
Access to, and disclosure of, the images recorded by our CCTV System and similar surveillance equipment is restricted and carefully controlled. This ensures that the rights of individuals are preserved and the continuity of evidence remains intact should the images be required for evidential purposes e.g. a police enquiry or an investigation being undertaken as part of an internal procedure. Access to the medium on which the images are displayed and recorded is restricted to the Data Protection Officer, staff authorised by them and third parties as authorised from time to time for specific purposes. Access to and disclosure of images is permitted only if it supports the purpose for which such images were collected.
Your rights over your CCTV data
You have the right to request access to CCTV images which contain your personal data. This access request must be submitted formally in writing, with sufficient details to identify the section of footage with which you are concerned and to enable Ultimate Health & Fitness to satisfy itself that the person making the request is the data subject of that specific recording. Upon receipt of the request, the Data Protection Officer, or another member of staff authorised by them, will determine whether disclosure is appropriate and whether there is a duty of care to protect the images of any third parties. If the duty of care cannot be discharged then the request can be refused. A written response will be made to the individual, giving the decision (and if the request has been refused, giving reasons) within 31 days of receipt of the request.
To assist with marketing the business on social media, we may take photographs of the gym with our clients present, we will endeavour to make sure everyone is happy with this, but please be aware we may use your image for this purpose.
How long we retain your data
If you created an account and/or purchased a membership with us, your information will remain on the system as long as you are an active member. If you cancel your membership, you can request your personal data be deleted. If your account/membership is inactive, your personal data will be deleted 12 months after it was created, unless you request that your personal data be kept on our system.
What rights you have over your data
If you have an account on with us, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we amend, erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Email your request to our data protection officer Yvonne Melhuish at email@example.com
Only those who need to see your information to fulfill the business requirements will see your information.
This will be the owner, administrators and instructors.
Personally identifiable information will not be shared with parties except as required by law.
Your data is stored online via the systems high-lighted above. To protect your personal information, we take reasonable precautions to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
Changes to this Privacy Notice
If you have any questions, please contact us at firstname.lastname@example.org