Maximum Potential Calisthenics Privacy Notice
1. INTRODUCTION AND PURPOSE
We are Maximum Potential Calisthenics (‘MP’, ‘we’ or ‘us’). Welcome to our Privacy Notice. We hope you find it useful.
We respect your privacy and are committed to protecting your personal data. This Notice explains how we protect your personal data when you visit our website (www.mpcalisthenics.com) or contract with us to provide you with personal training Services (Services).
We are primarily located in Australia but we also have operations in the United Kingdom and provide online training to clients all over the world. For those clients that reside or otherwise engage with from within the European Union, we are the controller under the General Data Protection Regulation (GDPR).
We regularly review this Notice to ensure it is up-to-date and reflects best practice. This Notice was last updated in September 2018.
PURPOSE OF THIS PRIVACY NOTICE
This Notice aims to give you information on how we process your personal data through the use of our website, including any personal data you provide through this website when you sign up for our newsletter, engage with us to provide you with Services, or connect with us in any other way, including via social media.
It is important that you read and understand our Notice so that you fully understand how we are using your personal data.
We have appointed a data protection representative who is responsible for overseeing questions in relation to this Notice. If you have any question about this Notice or how we process your personal data, please contact us at [email protected].
2. PERSONAL DATA WE COLLECT FROM YOU AND HOW IT IS COLLECTED
Personal data or personal information means any information about you from which we can identify you. We collect, use and store different kinds of data depending on how you engage with us.
When we provide you with Services, either online or in-person
In order to provide you with our Services we need to collect certain information. This might be collected from you when you make an enquiry via our website (including filling in a PARQ form), or when we meet you in person.
This includes your name, contact information, including email and home address and your telephone number, and gender. We need this information to perform our contract with you. We may also need to collect sensitive or special categories of personal data (normally in the form of health information) so that we can understand whether you are able to undertake exercise and so that we can best tailor our Services to your needs. We do this via our consultation form: https://www.mpcalisthenics.com/consultation-form
When we collect this type of data from you, we always get your explicit consent. You provide this consent when you tick the box at the bottom of the page.
Data we automatically collect from you
We also collect data automatically from you when you visit our website. This includes technical data (IP address), your login data, browser type and version, time zone setting and location, operating system and platform and other technology on the devices you use to access our website.
We also collect user data so that we can better tailor our site to you and make it as user friendly as possible.
Where you leave a comment on our site
If you leave a comment on our site, we collect the data shown in the comments form, and also your IP address and browser user agent string to help spam detection.
If you upload images to our website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
We may want to upload photos of you on our website. For example, if you have achieved a particular skill or met a target. When we do this, we always ask for your permission. You can withdraw your consent at any time.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
We may ask you if you would like to receive marketing from us about our Services that might be of interest. For example, we might share videos or pictures of you on our website or via one of our social media platforms. When we do this, we always ask for your consent and you can always opt-out from receiving future communications. However, we will still need to contact you by email about our Services, for example to arrange personal training times and dates.
IF YOU FAIL TO PROVIDE US WITH YOUR PERSONAL DATA
Where we need to collect personal data under the terms of a contract we have with you and you fail to provide us with that information, we may not be able to perform our Services. In that case, we may need to cancel providing our Services but we will always notify you about that as soon as possible.
Our website many include links to third party websites including plug-ins. Clicking on those links may allow third parties to collect your personal data. We do not control how they use your data so you should ensure that you read and consider their privacy notices carefully
3. DISCLOSING YOUR PERSONAL INFORMATION
We share your personal data with the parties set out below:
Xero: Xero providing accounting services to us. You can find a copy of their privacy notice here: https://www.xero.com/au/about/terms/privacy/
We require all the third parties we share your personal data to keep in secure and process it in accordance with the law.
4. INTERNATIONAL TRANSFERS
If you are based in the EEA
If you are engaging with us from within the EEA, we may share limited personal data with our head office in Australia but we normally anonymise this information so that you cannot be identified. Some of our service providers are also based overseas, including in the United States or Australia. When we transfer your personal data outside the EEA, we always ensure that we have appropriate measures in place to secure the personal data.
If you are based in Australia
If you are contacting us or otherwise engaging with us from within Australia, we may transfer your data overseas as many of our providers are based in other countries, including the United States. When we do this we always ensure that the recipient country respects your privacy and that we have appropriate contractual measures in place.
5. DATA SECURITY
We have put in place appropriate security measures to prevent your personal data from being accidently lost, used or accessed in an unauthorised way, altered or disclosed. In additional, we limit access to your personal data to those employees, agents contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and where they are subject to a duty of confidentiality.
6. DATA RETENTION
HOW LONG WILL YOU USE MY PERSONAL DATA FOR?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes for which we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting purposes. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of legal action.
When considering how long to keep your personal data for, we consider the amount nature and sensitivity of the personal data, the potential risk of harm due to any unauthorised disclosure. and our legal and compliance obligations.
By law, we have to keep basic information about our customers for six years after they stop being customers for tax purposes.
We normally keep prospect information (i.e. information about potential clients) for up to two years from when we last heard from you.
Where we have automatically-collected data from you, we normally only keep this for 12 months from when you last contacted or otherwise engaged with us.
7. YOUR LEGAL RIGHTS
Under certain circumstances and depending on whether you are located within the EEA, you have certain legal rights in respect of your personal data. If you are within the EEA you can:
request to access your personal data
request correction of your personal data
request erasure of your personal data
object to processing of your personal data
request restriction of processing your personal data
request transfer of your personal data; and
right to withdraw consent.
If you would like to contact us about any of the above rights, you should email us at [email protected]
8. CONTACTING US AND MAKING A COMPLAINT
If you have any questions about how we process your personal data, you can email us at [email protected]
If you are located in the UK, you also have a right to make a complaint to the Information Commissioners Office.