Fitness For All, Laura Smith and Wheelie Fit (described as ‘I’ and ‘me’ below) takes your privacy seriously. Please read this Privacy policy, as it explains how any personal data collected from you or that you provide is used.
All activity on www.wheeliefitmum.co.uk (my website) is logged and monitored and the Third Party Website and Services I use comply with their obligations under the Data Protection Act 1998 (the DPA) and the General Data Protection Regulation (the GDPR) from May 2018.
By using my website and Third Party Website and Services you agree to the collection, use and transfer of the information you provide to us in line with the terms of this Privacy policy.
For the purposes of the DPA and the GDPR, the data controller is Laura Smith and I am also the Data Protection Officer who can be contacted on the following e-mail: Fitnessforall@live.co.uk
Changes to the policy
I may change the Privacy Policy from time to time. If or when changes are made I will include them here, so be sure to check back occasionally.
My principles
Your information will only be collected where lawful grounds and legitimate business reasons / interests exist to do so. I will be transparent in my dealings with you and tell you how I collect and use your information.
I will not ask for more information than I need for the purposes for which I am collecting it.
I will update your records when you tell me that your details have changed. I periodically review your personal information to ensure I do not keep it for longer than is necessary.
I will ensure that your information is securely disposed of at the end of the appropriate retention period.
I will observe your rights under applicable privacy and data protection laws and will ensure that queries relating to privacy issues are dealt with promptly and with transparency.
I will stay up to date on my privacy obligations and ensure I have appropriate physical and technological security measures to protect your information regardless of where it’s held.
What if You do not agree with this Privacy Policy?
If you do not agree to our processing of your data in the manner outlined in the Policy, please do not submit any personal data to me or the Third Party Services used.
Data Collected
Without limitation, the following Data may be collected:
· your name;
· contact number;
· email address;
· address and post code;
· emergency contact name;
· emergency contact number;
· physical activity readiness questions (PAR-Q);
· confirmation of understanding of PAR-Q questions;
· confirmation of informed consent within the PAR-Q;
· confirmation of how you would prefer me to communicate with you;
· confirmation of how you would prefer me to use images and videos of you;
· confirmation / agreement of the declaration within the PAR-Q;
How your Data collected is used
· To ensure you are able to undertake physical activity safely;
· To ensure we are able to contact someone on your behalf in case of an emergency;
· To ensure there is a record of your understanding of requirements before undertaking exercise;
· To ensure communication with you is how you wish it to be;
· To ensure images / videos of you are used as you wish them to be;
· To ensure that you have agreed to and understood all questions and statements included in the PAR-Q;
· To manage your bookings and payments
Who has access to your information?
I will not sell or rent your information to third parties.
I will not share your information with third parties for marketing purposes.
Your rights in respect of the data held
Under GDPR legislation effective from May 25th 2018 – the following rights are relevant to your dealings with Wheelie Fit relate to the you having rights under the following 5 areas relating to your personal data.
1. The right of access
2. The right to rectification
3. The right to erase
4. The right to restrict processing
5. The right to object
1. The right of access
You have the right to obtain confirmation that your data is being processed, and have a copy of your personal data.
A copy of this information will be provided free of charge, but reserve the right to charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive. You may also charged a reasonable fee to comply with requests for further copies of the same information.
Information will be provided without delay and at the latest within one month of receipt.
The period of compliance will be extended to two months where requests are complex or numerous. If this is the case, you will be informed within one month of the receipt of the request and explain why the extension is necessary.
2. The right to rectification
You are entitled to have personal data rectified if it is inaccurate or incomplete.
Where the personal data has been disclosed to third parties, they will be informed of the rectification where possible.
We will respond to a request for rectification within one month. Where requests are complex, a response will be within two months.
3. The right of erasure
The right of erasure is also known as ‘the right to be forgotten’. You can request the deletion or removal of personal data in specific circumstances. The right to erasure does not provide an absolute ‘right to be forgotten’. You have a right to have personal data erased:
3.1 Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
3.2 When you withdraw consent.
3.3 When you object to the processing and there is no overriding legitimate interest for continuing the processing.
3.4 The personal data was unlawfully processed (ie otherwise in breach of the GDPR).
3.5 The personal data has to be erased in order to comply with a legal obligation.
I will review any request for erasure on a case by case basis.
4. The right to restrict processing
You have a right to restrict processing of your personal data. When processing is restricted, I can store the personal data, but not further process it. We will keep just enough information about you to ensure that the restriction is respected in future.
If the personal data in question has been disclosed to third parties, they will be informed of the restriction on the processing of the personal data, unless it is impossible or involves disproportionate effort to do so.
If we decide to lift a restriction on processing, you will be told.
5. The right to object
You have the right to object to me processing your personal data where the processing is:
5.1 based on legitimate interests of the business;
5.2 for direct marketing (including profiling);
5.3 for purposes of scientific/historical research and statistics.
We will stop processing the personal data until we can demonstrate:
· compelling legitimate grounds for the processing, which override your interests, rights and freedoms;
· the processing is for the establishment, exercise or defence of legal claims.
Third Party Websites, Services and Operating Systems
I use Third Party websites, services and operating systems to gather and store the Data as detailed above.
Any Data is used only to the extent required by them to perform the services that I have requested. Any use for other purposes is strictly prohibited. Furthermore, any Data that is processed by third parties shall be processed within the terms of this Policy and in accordance with the Data Protection Act 1998 (the DPA) and the General Data Protection Regulation (the GDPR) from May 2018.
Security and safe storage of your personal information
Appropriate procedures and security features to try to prevent unauthorised access are used. Whilst every effort is made to keep your information secure I cannot guarantee against the occurrence of unauthorised or illegal access to your data.
The transmission of information using the Third Party websites and services is done via the internet which is not completely secure. Although we endeavour to protect your personal data, we can’t guarantee the security of data transmitted over the internet. Any transmission of data is at your own risk.
Should any breach of access to your data occur we will advise you as soon as I become aware of it happening.
Information supplied by you to me, or that I collect about you, may be transferred, and stored by myself and Third Party services for the purpose of providing services to you or for research purposes, outside the European Economic Area. We will use appropriate safeguards when transferring your data.
Links to Other Websites
I may, from time to time, provide links to other websites. I have no control over such websites and is in no way responsible for the content thereof. This Policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.
Changes of Business Ownership and Control
I may expand or reduce the business and this may involve the sale and/or the transfer of control of all or part of the business. Data provided by you will be transferred or removed as necessary. The new owner or controlling party will, under the terms of this Policy, only be permitted to use the Data for the purposes for which it was originally supplied to us.
In this event, you will be contacted in advance and informed of the changes.
Cookies
This website and the Third Party website provider uses cookies – these are small text files that are placed on your device to help this website to provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better.
However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. Consult the ‘Help’ section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.