Our Privacy Policy

This is the privacy policy for CrossFit Initiate (‘we’, ‘our’, ‘us’). This policy explains how and why we collect and use personal information, and what we do to ensure it is kept private and secure.

1. WHO WE ARE

CrossFit Initiate offers fitness facilities and classes by CrossFit Initiate, Unit 41 Gelli Industrial Estate, Gelli, Pentre, Rhondda Cynon Taf, CF41 7UW. For the purposes of data protection law, Steven Davies is the controller of the personal information we hold about you.

If you have any questions about our Privacy Policy please write to CrossFit Initiate, Unit 41 Gelli Industrial Estate, Gelli, Pentre, Rhondda Cynon Taf, CF41 7UW,  telephone 07908 732002 or email getfit@crossfitinitiate.co.uk.

2. THE PERSONAL INFORMATION WE COLLECT

We collect the following types of personal information:

Information you give us

When you book a session, we will ask for the following personal information about you:

* your name
* your contact details (e-mail address, mobile phone number), and
* your home address

When you contact us, we may keep a record of that correspondence.

Details of your purchases, the fulfilment of your lessons, and any communications by telephone, in person or by any other means relating to those transactions could also be stored. We will keep a record of all your sessions with us.

When you make a purchase a session through our platform, the information you have given to us is passed to our payment processing partner to process according to our instructions. We do keep a copy of this. However, we will never store your card details – these are held by our third-party payment provider.

Finally, if you have interacted with us via social media e.g. by liking our Facebook page, or connecting with us on Instagram, we may contact you via those platforms.

Technical data

When you visit our Website, we may collect technical data about the device you are using, including where available your IP address, operating system and browser type. This is used for system administration and to improve the look and feel of our web presence.

3. COOKIES

A cookie is a small file of letters and numbers that we store on your browser or device if you agree. We use the following types of cookies:

  • Strictly necessary cookies. These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our Website or add tickets to your basket.
  • Analytical/performance cookies. These cookies allow us to recognise and count the number of visitors and to see how visitors move around our Website. This helps us to improve the way both sites work, for example, by ensuring that users are finding what they are looking for easily.
  • Social Media Sharing Buttons. We do use sharing buttons in order to make it easier for you to follow our content via your social media pages. These buttons are third-party cookies which are placed onto your device when you visit our Website. Even without you clicking on the relevant sharing button, these sites are aware that you have visited our Website, and may use this information when building their profile of you, and deciding what advertisements you might like to see. You should check the respective policies of each of these social networks to see how exactly they use your personal information. This process does not involve us collecting or storing any of your personal information ourselves.

4. HOW WE USE YOUR PERSONAL INFORMATION

We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

  1. with your consent;
  2. where we need to perform a contract with you e.g. when you purchase a session from from us;
  3. where it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests (see the “Legitimate Interests” section below); or
  4. where we need to comply with a legal or regulatory obligation.

If you make a purchase from us, we may send you periodic e-mails about upcoming news and other events that we think you might be interested in. You can opt-out of receiving these e-mails at any time by clicking the appropriate link in the e-mail itself

We may use personal information held about you in the following ways

  1. to fulfil the orders you place with us;
  2. to advise you of forthcoming products or other events;
  3. to ensure that content from our Website is presented in the most effective manner for you and for your device;
  4. to respond to queries you send us.

When contacting you for any of the above purposes we may do so by phone or email, unless you tell us otherwise. Your data will be treated in accordance with applicable data protection law. It will not be disclosed to anyone outside of CrossFit Initiate, i.e. only Steven Davies and other CrossFit Initiate staff has directed by Steven Davies will have access to this information.

5. KEEPING YOUR PERSONAL INFORMATION SAFE

We employ a variety of physical and technical measures to keep your personal information safe and to prevent unauthorised access to, use or disclosure of it. We control who has access to your data (using both physical and electronic means).
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. We cannot absolutely guarantee the security of the internet, external networks, or your own device, accordingly any online communications (e.g. information provided by email or through our Website) are at your own risk.

6. STORAGE AND RETENTION

Where we store your personal information

Electronic data and databases are stored on secure servers in the United Kingdom.

7. DISCLOSING YOUR PERSONAL INFORMATION

We may need to disclose your personal information to our web hosting company or our payment processing company. Where we do so, any such disclosure will be on the basis that these third parties are required to keep the data we give them confidential and secure, and will not use it for any other purpose than to carry out the services they are performing for us.

8. DISCLOSURES REQUIRED BY LAW

We are subject to the law like everyone else. We may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.

9. YOUR RIGHTS

We want you to remain in control of your personal information. Part of this is making sure you understand your legal rights, which are as follows:

1. where your personal information is processed on the basis of consent, the right to withdraw that consent;
2. the right to confirmation as to whether or not we are holding any of your personal information and, if we are, to obtain a copy of it;
3. from 25 May 2018, the right to have certain data provided to you in a portable electronic format (where technically feasible);
4. the right to have inaccurate personal information rectified;
5. the right to object to your personal information being used for marketing or profiling, or on the basis of our or a third party’s legitimate interests;
6. the right to restrict how your personal information is used; and
7. the right to be forgotten, which allows you to have your personal information erased in certain circumstances (though this is not an absolute right and may not apply if we need to continue using it for a lawful reason).

If you would like further information about any of your rights or wish to exercise them, please contact us using the details given in section 1.

Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so (for example, because the information no longer exists or there is an exception which applies to your request).

If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you should contact the UK Information Commissioner’s Office, which oversees data protection compliance in the UK.

Information Commissioner’s Office – Wales
2nd Floor, Churchill House
Churchill Way
Cardiff
CF10 2HH
Tel: 029 2067 8400
wales@ico.org.uk

UPDATING THIS POLICY

We may update this Policy at any time. When we do, we will post a notification on our Website and we will also revise the updated date at the bottom of this page. We encourage users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we hold.

This policy was last updated on 11th June 2018.