What is GDPR?
General Data Protection Regulation (GDPR) is the new European law that takes effect from 25 May 2018. The legislation will affect anyone living inside the EU and any organisation that holds the data of EU residents.
GDPR replaces the Data Protection Act 1998 (DPA). GDPR is designed to strengthen the DPA and to give EU citizens more control over how organisations use their data – with large fines introduced for organisations that do not comply.
Key rights from GDPR
•Right to be informed: You, as a client of Fitbod.ie, can ask about personal data, how it is used, and why it is being used at any time.
•Right of access: You, as a client of Fitbod.ie can request a copy of personal information we hold about you at any time.
•Right of rectification: You, as a client of Fitbod.ie can update (or request updates to) personal information at any time.
•Right of erasure: You, as a client of Fitbod.ie may request that we erase your personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.
•Right to object: You, as a client of Fitbod.ie can request that we cease to process your data based on legitimate interest or for direct marketing.
What we do with your information/Who we are
This a summary of what we do with your data in order to run our business and provide our customers with our services and products.
We aim to be clear when we collect your data and not do anything with it that you wouldn’t reasonably expect. Developing a better understanding of our customers and those that support us allows us to use the data that we gather to make better decisions about how we do things.
Legitimate Interest Assessment (LIA)
Fitbod.ie at all times endeavours to use a Legitimate Interest Assessment (LIA) to ensure that we have a valid reason for collecting and storing client data.
What information we collect?
We collect and process a variety of personal information such as name, contact information, date of birth, health and fitness check.
Most of the information we collect will have been provided by you or created through use of our services. We collect this information from you through our website and from training consent forms you fill out prior to our working together.
We keep a record of communications with you electronically or otherwise and may track whether emails are received or opened by you to ensure you receive the most up to date, relevant information.
Where is Data Held
All relevant client digital data is held by our software partner, securely. Any query emails sent through our website fitbod.ie are replied directly from one private computer operated by Alannah Dawson only. No details are saved from enquiry emails.
Credit Cards and AutoPay are not a function on our website at present.
How do we use your data?
We use your information mainly to provide you with information of up and coming fitness classes, promotions and discounted sessions and services we do not sell products, we do this in order to understand our customer needs and improve the services we offer, and for the day to day running of the business. We also use it to comply with the laws and regulations that apply to us and to protect the business and our customers.
We use profiling and segmentation to ensure communications are relevant and timely, and to provide an ever evolving experience to our customers and the community. When building a profile we may analyse geographic, demographic and other information relating to you in order to better understand your interest and preferences.
Unless you ask us not to, we will tell you about products and services we offer and about opportunities to support us. Occasionally, this may include information about partner organisations.
We keep your data for the minimum period required by law or our regulators. This is usually no longer than seven years. After this time, where appropriate, we will destroy/delete your data unless the relationship is still ongoing.
You have a number of legal rights with regard to your data. These include the right to request a copy of the data held by us, to request that mistakes and inaccuracies are corrected and to request that we stop processing some or all of your personal data for some or all reasons.
If you ask us to stop using your data for marketing purposes, we may still contact you for reasons relating to a product or service you have signed up to.
If your request requires all data to be removed, this could result in an end to the relationship and services provided by us.
If you would like more information on these rights or on how to do any of the above, please contact us as detailed below. We hope any issue can be resolved by contacting us but if not, you have the right to complain to the Data Protection Commissioner’s Office.
How we ensure the safety of your data
Your data will be held on our business systems (as noted above). Where possible we do not keep more than one record for each customer. All of your data is held securely, with strict access controlled in Ireland.
We may need to disclose your details if required to the police, regulatory bodies, specialist advisors or legal advisors.
Sensitive information is deleted when no longer needed and access is restricted to those who need to use it.
Physical Records and Health Sheets
Due to the nature of our business and the service we provide, it is of necessity, from time to time, that we keep written records of clients health issues and various pathologies they may have which have been disclosed to us in order for us to provide appropriate training via the services we provide. These written, physical records are, at all times, held securely on our premises in Swords and are accessed only by Alannah Dawson providing the services.
These records are never disclosed to third parties (except on receipt of advance written permission by you, the client) and you have the right, at any time, to request a copy of these files or that they be destroyed. If you cease to be a client of Fitbod.ie, you have the right, under law, to request that these personal health files be made available to you.
We will not share any of your information with any other third parties without your agreement unless required in order to fulfil our contract with you, required by our regulators or allowed by law.
Question and Queries