For the purposes of the Data Protection Act 1998 or any successor national or supra-national data protection legislation (“the Act”), the data controller is The Gym Limited of 5th Floor, One Croydon, 12 - 16 Addiscombe Road, Croydon, CR0 0XT. The term ‘The Gym Limited’ or ‘us’ or ‘we’ refers to the operator of The Gym Group gyms and the owner of the Website whose registered office is 5th Floor, One Croydon, 12 - 16 Addiscombe Road, Croydon, CR0 0XT. Our company registration number is 05659669 (United Kingdom). The term ‘you’ refers to the user of one of the gyms that we operate or any other visitor to this Website, as the context dictates.
What information do we collect?
If you are a visitor to our Website, even an anonymous visitor, we may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information internally and externally. This statistical data about browsing actions and patterns does not identify any individual. Nevertheless, to the extent that such information falls to be treated as personal data, and you do not wish us to process it, you should change the settings on your internet browser to prevent collection of this information.
When you sign-up to become a member of The Gym we will know who you are, and the activities you perform on this Website or undertake at the gyms that we operate.
We may collect and process the following data about you:
- Any information that you provide by filling in forms on this Website including but not limited to your name, address, email address and telephone/mobile number, for the purposes of informing you about the services that we offer, of entering into a contract with you and thereafter of delivering the services which we have agreed to provide under that contract.
- Any financial information provided to the Website as may be required for direct debits, and/or credit and debit card payments, or other types of electronic payment. Details of any transactions you carry out through the Website will be recorded.
- Further general information about you, including your personal or professional interests, experiences with our products and services or other products and services and your contact preferences to ensure that you receive services in the manner which is most convenient to you, to deliver a satisfactory service under the terms of our contract with you and to improve the services that we offer for the benefit of you and of other existing and future members.
- The Gym Limited may from time to time ask you to complete surveys via this Website or the website of one of our selected suppliers, and any information you provide in same will be recorded, though you are not obligated to take part. If you are going to submit personal data, your consent will be specifically obtained to the processing of that data at the time.
- Details of your visits to the Website, including, but not limited to, traffic data, location data, weblogs and other communication data. This will assist us in managing the website and generating generalised and anonymised information about usage and about our membership.
We may also retain copies of any correspondence you send to us and details of your membership history, for as long as it is appropriate to do so, and (as with all the personal data we process) subject to appropriate technological and organisational safeguards to protect its integrity.
We may collect information about your computer, including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical information about the browsing actions of users of the Website and does not identify any individual. As indicated above, you may be able to change settings on your internet browser to prevent collection of this information, to the extent that it may in future be considered by law to be personal data.
What do we do with the information we collect?
We use collected information:
- for internal record keeping;
- for product development;
- to provide you with information on our products and services which we feel may interest you;
- to notify you about changes to our products and services;
- to answer your queries; and/or
- to contact you for market research and marketing;
The Gym Group may contact you in relation to the nature of your attempted transaction, even if you don't confirm the transaction. This will be an operational email to enquire as to why the transaction was not completed. The data will not be used for any other purpose and certainly not shared with any other company other than the company that initiates the operational email (if this is not The Gym Limited). Our aim is simply to provide you with the highest level of service that we can.
Your personal data may be transferred abroad for any of the purposes explained in this policy and such transfer may be to a country outside of the EEA. If we transfer your personal data outside the EEA, it will only be to recipients who offer an adequate level of protection and who have appropriate safeguards in place to protect your personal data.
The period of use of the personal data supplied by you will not be longer than we deem necessary to carry out the purpose for which such data was collected, provided that we may store and process your personal data for longer periods solely for archiving or statistical purposes where we have appropriate safeguards in place to protect your rights.
Who do we share this information with?
We may share your personal information with certain companies performing services on behalf of The Gym Limited (such as direct marketing agents) who will only use the information to provide a service that The Gym Limited has asked them to provide.
Those selected companies will perform a function for us, such as agencies and suppliers whom have been instructed to assist us to more effectively deliver services, manage and conduct promotion and offers, provide technical assistance and support and perform other functions to support marketing activities.
Although this is not an exhaustive list, the following third parties process data on The Gym Limited’s behalf which may include your personal data, for the specific purposes identified. We have obtained assurances from these organisations that they have standards of technical and organisational security of at least an equivalent level to that which we provide, in connection with the personal data which they process:
- Sage Pay Europe Limited – payment payments
- Salesforce.com EMEA Limited – marketing services
- Harlands Services Limited – payment and member services
- Feefo Holdings Limited – survey services
- Service Management Group, Inc – survey services
- Nomical Limited – information technology services
All selected companies may have access to personal information if needed to perform such functions but will only be permitted by us to use personal information for the purpose of performing that function and not for any other purpose.
Where you have given specific consent, your information may be shared with independent self-employed trainers for them to contact you to inform you of personal training services which they would like to offer you.
We may disclose your information to our subsidiaries or ultimate holding company and its subsidiaries, as defined in Section 1159 of the Companies Act 2006.
In the event we seek to sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer, subject to satisfactory assurances that the data will be processed securely by them.
Save for this, we do not sell, transfer or disclose personal information we have collected from you in connection with our website activities to third parties outside The Gym Limited.
How to get copies of or amend the information we have collected
You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee may be payable, where permitted by law. If you would like a copy of the information held on you, please contact us by email to email@example.com or in writing to The Data Protection Officer, The Gym Group, 5th Floor, One Croydon, 12 - 16 Addiscombe Road, Croydon, CR0 0XT.
If you think any information we have about you is incorrect or incomplete, please e-mail or write to us and we will correct or update any information as soon as possible.
Where we have given you a password to access certain areas of the Website you are responsible for keeping this confidential and we ask that you do not share this password.
Our Website may, from time to time, contain links to other websites which are not within our control. Once you have left our Website, we cannot be responsible for the protection and privacy of any information which you provide. You should exercise caution and look at the privacy statement applicable to the website in question.
System cookies are created each time you visit us and are automatically deleted when you close your browser. They remember the fact you're logged in and remember the selections that you make as you use the Website and Mobile Application.
Identification cookies help us remember who you are when you come back to visit us and allow you to access your favourite journeys before you log in.
Tracking cookies track any information or warning messages we've shown you, so that we don't show them again. If you express preferences about whether or not to receive certain types of cookie, we'll also use a cookie to store this preference.
Web analytics / Marketing effectiveness cookies collect anonymous data to help us understand customer behaviour so we can make thegymgroup.com better. They tell us which bits of the Website and Mobile Application customers use the most and flag up any problems so we can fix them quickly. They also tell us how customers find the Website and Mobile Application (for example via online adverts and search engines), so we know how effectively we are marketing.
Cookies for personalising your experience...
Cookies for optimising the content shown on our website
We may wish to test a change or new feature on the site to see if it is effective before rolling it out to all our users. Cookies allow a random sample of site visitors to see it one way, and a different group another and ensure that you consistently get the same experience on repeat visits.
If you would prefer us not to set cookies on our Website, you can disable them by changing your internet browser settings. How to do this will depend on the browser you are using, but the following is a step-by-step guide to the most popular browsers:
Microsoft Internet Explorer:
Click on the "Tools" menu
Select "Internet Options"
Click on the "Privacy" tab
Select the desired setting
Click on the Customisation menu at the top right of the page
Select "Show Advanced Settings" and then "Content Settings"
Select the desired settings under the "Cookies" heading.
Click on the "Tools" menu
Click on "Options"
Choose the desired options under the "Cookie" menu.
For all other browsers, please follow the instructions provided by the relevant browser, usually located within the "Help", "Tools" or "Edit" facility.
If you only disable third party cookies, you will still be able to use this Website, but some of its content will not be as relevant to you. If you disable all cookies, this will result in our Website not working properly.
If you do choose to disable cookies, this choice will only apply to the device you are using at the time. If you want to stop cookies being set on other devices, you will need to follow the relevant steps on each device. Please note that disabling cookies does not delete cookies from your browser, you will need to do this from within your browser.
Some sections of our Website (for example those covering hotels, theatre, car hire, insurance and international rail) are provided by third parties.
Online Behavioural Advertising
We and those third parties may use this data to:
- help make the advertising you see on our Website and Mobile Application and elsewhere on the internet more relevant to you;
- tailor content on the Website and Mobile Application; and
- measure the effectiveness of advertising on the Website and Mobile Application and elsewhere on the internet.
How to opt out of third party online behavioural advertising
Cookies we use
Double Click floodlight
Double click bid manager
Facebook Custome Audience
Google Dynamic retargeting
Google Tag Manager
This section sets out the appropriate actions and procedures which The Gym Limited follows in respect of the use of CCTV (closed circuit television) surveillance systems (“CCTV Systems”) at Our premises.
Please note that all Our gyms are monitored by CCTV 24 hours a day. The Gym Limited reserves the right for its employees and contractors to review footage as required and by entering onto our sites you consent to your image being recorded and reviewed and waive any and all claims in relation to same. Recorded CCTV footage will be stored securely and retained in compliance with the Data Protection Act 1998. The Gym Limited is registered as a Data Controller with the ICO, Registration Number: Z2810154.
In drawing up this policy, due account has been taken of the following:
- The Act and any other relevant Data Protection legislation;
- The CCTV Code of Practice produced by the Information Commissioner (“Code of Practice”); and
- The Human Rights Act 1998.
This policy will cover all employees and persons providing a service to The Gym Limited, visitors and all other persons whose image(s) may be captured by our CCTV Systems.
In processing CCTV surveillance data, Our staff will consider carefully the type of personal data being processed and in particular whether there is any personal data which falls within the definition of “sensitive personal data” or “special category personal data” as defined in the Act. Such data includes:
- Ethnic origin or race;
- Political opinion;
- Religious and philosophical beliefs;
- Trade Union membership;
- Health – mental or physical;
- Sexual life or sexual orientation
- Genetic data; and
- Biometric data for the purpose of uniquely identifying a natural person.
We will also ensure that the personal data is only processed in accordance with the following requirements:
- It will be processed fairly, lawfully and in a transparent manner;
- It will only be collected for specified, explicit and legitimate purposes and not further processed in any manner incompatible with those purposes;
- It will be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- It will be accurate and, where necessary, kept up to date;
- It will not be kept for longer than is necessary for the purposes for which the personal data are processed; and
- It will be processed in a manner that ensures appropriate security of the personal data.
Initial Assessment Procedures
The Gym Limited’s CCTV Officer has the legal responsibility for the day-to-day compliance with the requirements of this policy.
The purpose of the use of the CCTV Systems and the collection and processing of CCTV images is for the prevention or detection of crime or disorder, apprehension and prosecution of offenders (including use of images as evidence in criminal proceedings), interest of public and employee Health and Safety, protection of public health and the protection of the Our property and assets.
Prior to any camera installation the CCTV Officer will ensure that the installation complies with this policy and that the use of any camera is justified, necessary and proportionate. The CCTV Officer will regularly assess whether the use of any camera and the CCTV System as a whole continues to be justified, necessary and proportionate.
Siting the Cameras
The location of the equipment is carefully considered, because the way in which images are captured needs to comply with the Act.
All cameras are located in prominent positions within public and staff view and do not infringe on sensitive areas. All CCTV surveillance is automatically recorded and any breach of this siting policy will be detected via controlled access to the CCTV System and auditing of the CCTV System.
Quality of the Images
The images produced by the equipment will as far as possible be of a quality that is effective for the purpose(s) for which they are intended. Upon installation, all equipment is tested to ensure that only the designated areas are monitored and suitable quality pictures are available in live and play back mode. All CCTV equipment is maintained under contract.
Processing the images
Images which are not required for the purpose(s) for which the equipment is being used will not be retained for longer than is necessary. While images are retained, it is essential that their integrity be maintained, whether it is to ensure their evidential value or to protect the rights of people whose images may have been recorded. Access to and security of the images is controlled in accordance with the requirements of the Act.
All images are digitally recorded and stored securely within the system’s hard drives. Images are stored for a minimum of 14 days, and stored for no more than 31 days.
Where the images are required for evidential purposes or disciplinary proceedings, a copy file will be moved to an access controlled confidential location on the network and held until completion of the investigation. Viewing of images within the system is controlled by the CCTV Officer or a person nominated to act on their behalf. Only persons trained in the use of the equipment and authorised by the CCTV Officer can access data.
Access to and disclosure of images to third parties
Access to, and disclosure of, the images recorded by our CCTV System and similar surveillance equipment is restricted and carefully controlled. This ensures that the rights of individuals are preserved and the continuity of evidence remains intact should the images be required for evidential purposes e.g. a police enquiry or an investigation being undertaken as part of an internal procedure.
Access to the medium on which the images are displayed and recorded is restricted to the CCTV Officer, staff authorised by them and third parties as authorised from time to time for specific purposes. Access to and disclosure of images is permitted only if it supports the purpose for which such images were collected.
Access to images by individuals
The Act gives any individual the right to request access to CCTV images which contain their personal data.
Individuals who request access to images must submit this formally in writing, with sufficient details to identify the section of footage with which they are concerned and to enable The Gym Limited to satisfy itself that the person making the request is the data subject of that specific recording. Upon receipt of the request, the CCTV Officer, or another member of staff authorised by them, will determine whether disclosure is appropriate and whether there is a duty of care to protect the images of any third parties. If the duty of care cannot be discharged then the request can be refused.
A written response will be made to the individual, giving the decision (and if the request has been refused, giving reasons) within 31 days of receipt of the request.
The Information Commissioner’s Office has the power to bring enforcement actions against companies where it considers that there’s been a breach of one or more of the Data Protection principles.
If you have any complaints relating to this CCTV policy or our use of your personal data, please contact us: The Data Protection Officer, The Gym Group, 5th Floor, One Croydon, 12 - 16 Addiscombe Road, Croydon, CR0 0XT, or by email at firstname.lastname@example.org. You also have the right to make a complaint to the Information Commissioner’s Office. Further information can be found at https://ico.org.uk/.
How to Contact Us