Please contact firstname.lastname@example.org with any questions or requests about the personal information we process.
What are your legal rights?
We are committed to protecting your rights to privacy. They include:
Right to be informed about what we do with your personal data
Right to have a copy of all the personal information we process about you
Right to rectification of any inaccurate data we process, and to add to the information we hold about you if it is incomplete
Right to be forgotten and your personal data destroyed
Right to restrict the processing of your personal data
Right to object to the processing we carry out based on our legitimate interest
Why do we collect information about you?
We may collect information about you because you are client of ours.
We process the data because it is in our legitimate interests as a personal training company to do so. We need to see and hold documents containing this information in order to carry out an assessment of your health and safety and to deliver a safe fitness training programme.
Another lawful reason for us processing your data may be Legal Obligation. If we are processing “special category data” about you, this is our second lawful reason to do so. As a client of Bourne Fitness our lawful reason for processing “special category data” is that it is necessary for the purposes of the provision of health treatment.
What information do we collect about you?
We collect information about you that may include personal or sensitive information, such as:
Identity data (including title, first name, surname, date of birth, gender)
Contact data (including email address, addresses (home and billing), telephone numbers
Special Category data (including information about your health)
Financial data (including payment card details, for subscription-based programmes).
Transaction data (including details about payments made to and from you and details of purchases)
To make sure that you are assessed and/or treated safely and appropriately, we record your personal information, such as your name, address, as well as all contacts you have with Bourne Fitness such as appointments and the results of assessments relating to your care. Your data is kept confidential within the company at all times and is only shared with staff when they need it to carry out their job.
We also process personal data pursuant to our legitimate interests in running our business such as:
• Invoices and receipts
• Accounts, VAT and tax returns
When you are a client of Bourne Fitness we record details of your personal training programme and details of your appointment so that your trainer can plan your sessions correctly. In addition to the personal information above, we may also collect information regarding:
Medical conditions (if relevant)
Financial information, including bank account details
We will collect this information directly from you, or from your insurance company, if you have one.
In many cases, an individual has consented to the transfer of their personal data to us. Where an individual has consented, he or she may easily withdraw it by notifying us at the email address above.
How do we store the information about you?
We take your privacy very seriously.
We are committed to taking reasonable steps to protect any individual identifying information that you provide to us. Once we receive your data, we make best efforts to ensure its security on our systems.
All personal information provided is stored in compliance with EU General Data Protection Regulations (GDPR) rules.
How long do we keep your information for?
We do not keep your data for longer than is necessary.
Administrative data is retained for up to six years as necessary, in the unlikely event there are queries from HMRC and the VAT commissioner. Where it is not necessary to retain the data for six years, it is destroyed as soon as possible.
Personal data in legal cases is retained, where necessary, for six years in compliance with our professional indemnity obligations. Where this is not necessary, it is destroyed on the conclusion of the case.
Who do we share your personal information with?
Your information is kept confidential within the company at all times and is only shared with staff when they need it to carry out their job. All staff are required to work to strict professional and contractual codes of confidentiality and where possible we will anonymise information so that individual clients cannot be identified.
If we become aware of your intent to cause harm to another person/organisation (e.g. terrorism), the law may require that we inform an authority without seeking your permission. In such a situation, the law may require that we share your personal information without your knowledge.
Special category data and personnel files held electronically are encrypted with restricted access. We do not collect or store special category or other personal data other than electronically – we do not hold this information as hard copies.
In most circumstances we will not disclose personal data without consent.
Your information may be shared with outside organisations if they are directly involved in your care, for instance, your insurer if they are funding your fitness or training programme, your GP, or others involved in your health care. We will discuss with you who we would discuss your care with, and what details we would share with them.
If your health is at risk we may share your contact information with an emergency healthcare service.
When we investigate a complaint we may need to share personal information with other relevant bodies.
If we do need to share your information, we will always try and ask for your permission for this first. We may not be able to ask your permission under special circumstances where we are legally required to do so.
How you can access your information, and correct it, if necessary?
Bourne Fitness tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘Subject Access Request’ or ‘Right of Access’ under the Data Protection Act and the General Data Protection Regulation. We will then supply to you:
A description of all data we hold about you
Inform you how it was obtained (if not supplied by you)
Inform you why, what purposes, we are holding it
What categories of personal data is concerned
Inform you who it could be disclosed to
Inform you of the retention periods of the data
Inform you around any automated decision making including profiling
Let you have a copy of the information in an intelligible electronic form unless otherwise requested
To make a request to Bourne Fitness for any personal information we may hold you will need to put the request in writing. We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate, please address these changes to email@example.com.
Complaints or queries
Bourne Fitness tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures. If you do have a complaint, please email us at firstname.lastname@example.org.
If you are not satisfied with the response from Bourne Fitness or believe we are not processing your personal data in accordance with the law you have the right to raise your complaint with the Information Commissioner’s Office (ICO).
Who we are and how to contact us
Bourne Fitness is the company that you are supplying your personal information to.