This policy was last updated on 30th November 2021 to tell you about how Promotions work on Gymcatch.
Gymcatch Data and Privacy Policy
Gymcatch Limited (Gymcatch) is a UK-based company. We are registered with the Information Commissioner’s Office in the UK. This data and privacy policy sets out how personal information on Gymcatch (which includes all of the Gymcatch applications and gymcatch.com) is collected and retained in accordance with UK data protection laws including GDPR.
All the data process and store is held in the UK using industry best practice practices and infrastructure.
Gymcatch’s principle business is to enable fitness and wellness businesses (Business) to sell their services to their clients (Consumers).
To do this Gymcatch collects and retains information from Businesses and Consumers. For some of this information Gymcatch is the data controller, for other information, Gymcatch is the joint data controller with the Business with which a Consumer interacts.
Gymcatch also collects data to allow us to maintain and improve the service and to provide customer support.
Information Consumers provide to Gymcatch
Gymcatch is the data controller for your registration information, generic information, technical data and Gymcatch services information. This is the information you provide to create a Gymcatch account and any interactions you have directly with Gymcatch features such as rewards or a shop. For this information Gymcatch controls the data collected.
Registration information
At registration we collect the following information:
Your name
Your email address (account user name)
Your country
How collected: entered by the user at registration.
Reason for collection: contract / consent / legitimate interest.
This information is necessary for us to create an account, interact with Gymcatch services, facilitate relationships with Businesses, allow us to provide customer support and allow Business customers to create Business accounts on Gymcatch. We may also ask you which country you live in so you can search Businesses in your country and so we can present you with services relevant to your country.
We may also need to contact you directly by email with important service announcements or issues regarding your account.
In addition we may contact Business customers more regularly with updates on the service and for other reasons such as requesting feedback and providing support.
Generic information
This information can be added by a user:
Email address (notifications) – we automatically pre-populate this with your account email. You can remove or change this at any time rom your profile.
Photo
Bio text
Home/work location
How collected: provided by the Consumer in-app
Reason for collection: consent.
This information is collected to enable you to receive information and to help facilitate the relationship between Consumers and Businesses (which is where we send notifications triggered by a Business you have a relationship with – for example booking confirmations, cancellation notifications etc.). This information is optional and can be updated or removed at any time.
Technical data
In order to maintain and improve our systems we collect data from Consumers and Businesses such as the Gymcatch application being used, the user’s operating system, session time, IP address, browser-type, error reports, crash reports. This information also contains an internal Gymcatch identifier.
We may also log analytical data about which features you use in Gymcatch and how you navigate our apps.
How collected: automatically from a user of Gymcatch.
Reason for collection: legitimate interest / contract.
This information enables us to maintain, operate and improve Gymcatch and provide customer support. It also allows us keep the platform safe and secure.
Most technical data is kept for up to 90 days. Error and crash reports may be kept longer so we can continually fix bugs and improve the service.
We use a number of third party services for operational purposes to help us collect and manage technical data which do not receive any personally identifiable information about Consumers or Businesses.
Gymcatch services
Gymcatch may provide in-app services like rewards, a shop and other direct-to-consumer services where you are transacting and interacting with Gymcatch. If you interact with these services we will use your registration information to identify you. We also may require that you provide additional information in order to provide those services.
Sometimes these services may be provided by third party providers such as retailers. We’ll make it clear to you if you are visiting or interacting with third party services.
Promotions is a feature that allows Businesses on Gymcatch to opt-in to showing their Consumers in-platform promotions from Sponsors offering, services or offers relevant to Consumers.
Gymcatch and the opted-in Business have a legitimate interest in providing this service to Consumers as promotions are relevant and additive to their participation at the businesses and the service being provided.
These offers are not targeted to individual users. They will be the same offers as any other user of the platform will see.
No additional personal data is processed in connection with Promotions. Gymcatch will record when a user views or clicks on a promotion link but this information is immediately anonymised and aggregated so the Gymcatch database does not record any personally identifiable data in connection with Promotions.
No personal data is transferred by Gymcatch to any third party (including the party offering the promotion or the Business at which the user sees the promotion).
When a user clicks on a promotion link they will be sent to a third party website. While we will endeavour to work with third parties operating a data and privacy best practice, neither Gymcatch nor the Business is responsible for the data processing on the third party site and the user interacts with that third party at their own risk.
The link to a promotors website may contain metadata which enables the promotor to identify that a visitor to their website originated from clicking a link on Gymcatch and or/a specific business on Gymcatch. This will not contain any personally identifiable information.
Information Consumers provide to Businesses they interact with on Gymcatch
This section applies to personal information that is provided to Businesses by Consumers on Gymcatch. Businesses may have their own privacy policies which Consumers should be aware of.
Gymcatch and any Business you interact with on Gymcatch are the joint data controllers for the data collected interactions between a Consumer and a Business on Gymcatch. This information is only collected in relation to Businesses that you interact with on Gymcatch and so that those Business can provide their services to Consumers.
While a Business has an account on Gymcatch, that Business is in ultimate control of the personal information listed in this section. If information exists after a Business has terminated its Gymcatch account, the information is retained for Consumers’ own records (e.g. what they have paid for and booked etc.) and Gymcatch will assume control of it on behalf of the Consumer.
Gymcatch may use personal information generated in this section in order to provide customer support, maintenance, security and for operational purposes.
Following a business
When you elect to follow a Business, the Business can see your name and picture.
How collected: by customer opt-in in the apps.
Reason for collection: legitimate interest / contract.
This information is required for the Business to identify you in order for it to supply services such as adding you to a session or gifting you a package.
When you become a customer at a Business (when you book or are booked on to a service, or when you buy or receive a Package) you become a customer and a customer record is created at that Business. If you have a correspondence email address in your profile, the Business will have access to this in order to contact you.
If a Consumer un-follows a Business, and have had no other interaction with that Business, then that Business will no longer be able to see a Consumer’s name and picture.
Participation Information
How collected: this information is submitted by the consumer in-app and can be entered directly by the Business.
Reason for collection: consent / contract / legitimate interest / legal obligation.
The Business may require you to complete participation information in order to responsibility operating a fitness and wellness business and supply services to Consumers. This might be to comply with laws, regulations and in order to comply with important responsibilities such as their professional insurance policies and professional licenses.
This includes contact details, emergency contact details, records of which waivers and participation questionnaires you have completed. Businesses collect this information in order to provide their services safely and responsibly in accordance with laws and regulations, and in order to comply with their responsibilities to operate safely and to meet external requirements such as maintaining insurance policies and professional licenses.
Gymcatch processes this information on the Business’s behalf but does not use this information in any way.
Booking, attendance and transaction history
When a Consumer buys or books on Gymcatch, or where a Business books or gifts services on Gymcatch for a client, records of these transactions are created on Gymcatch.
This will include what the transaction was, the price, payment method, the time of the transaction, the attendees attendance etc.
How collected: in app and/or entered by the Business when managing transactions with the Consumer.
Reason for collection: contract / legitimate interest / legal obligation.
This information is collected and retained because the Business needs to know the interactions and transactions occurring at the Business. This may be due to legal requirements and/or in the responsible course of operating a business and so that it can supply services to the Consumer.The Business will decide how long it reasonably requires this information to be kept.
Gymcatch processes this information on the Business’s behalf. We may use the information to enable us to provide customer support, to maintain and enhance the service and for operational purposes.
Saving card details
Neither Gymcatch nor the Business from which you make purchases store your card details. These are securely stored by the payment processor, Stripe.
Direct Messages
Consumers and Business can message using Gymcatch messaging. These messages are stored for each party’s records.
How collected: in app when a Business and Consumer message each other.
Reason for collection: consent / legitimate interest.
The parties have elected to communicate via Gymcatch messaging. The information is retained so that the Consumer and Business have a record of the conversation.
Gymcatch processes this information but does not use this information in any way.
Responsibility of Businesses on Gymcatch
Businesses should only collect and retain Consumer personal information as set out in this agreement and in compliance of all relevant data and privacy laws. The permissions which Consumers grant Business to collect and retain information under this agreement are limited to uses for theresponsible uses required of a fitness or wellness business for the Consumer to be able to use the Business’s services.
Businesses should not retain customer information for longer than necessary and should not share it outside of its organisation without consent.
Team members with access to personal data at Businesses should be properly trained in respect of data protection requirements.
If Businesses want to collect Consumer data for purposes not set out in this agreement it should be done with a separate Consumer opt-in and opt-out, outside of Gymcatch.
Businesses should only share Consumer data collected on Gymcatch with the consent of the Consumer or in compliance with applicable laws.
Sharing information with third parties
Gymcatch only shares personal information with third parties services where it is necessary to to facilitate your use of Gymcatch. We do not share personally identifiable information with third party services except as follows.
Service providers
Stripe are our payment processor. When you make a payment by card in Gymcatch, this is done using Stripe. In order to process card transactions and to enable Businesses to identify transactions in they Stripe account. This will include your name, the item you are purchasing and the time and date of the transaction. Sharing this information with Stripe is necessary to enabling Businesses to keep accurate records when taking card payments. Records of transactions will be retained in the relevant Business’s and Gymcatch’s Stripe Connect account.
When a Business terminates with Gymcatch, the Stripe account is unconnected.
Intercom provide us with customer service tools like live chat. Customers can provide us with name and email address so we can handle their queries. For Business customers, when you are logged into Gymcatch we will automatically share your email address and name with Intercom to make it quicker and more efficient to deal with your query.
Businesses can integrate with Gymcatch with their Zoom accounts with Gymcatch we store the following information received from Zoom:
Your Zoom User ID, the name you use on your Zoom account, Personal Zoom meeting ID,
Zoom access tokens that allow us to manage meetings on your behalf. We use this information on an ongoing basis while your Zoom account is linked to your Gymcatch account so that you can create your Zoom meetings in Gymcatch to make creating your online sessions more efficient.
When you chose to disconnect your Zoom account(s) from Gymcatch we will delete the above information from our database within 10 working days.
We use gravity forms on the website for taking information from Business customers wishing to book a demo.
Change of control
In the event of a change of control of Gymcatch Limited or sale of all or part of the Gymcatch business, some or all personal information may be transferred to the new controlling entity.
Cancellation and revoking consent
If you would like to request to cancel your account and revoke your consent for Gymcatch to process your data, you can do this by contacting support@gymcatch.com.
If you cancel your account we Gymcatch will terminate your account and remove your generic information and registration information. If you have used any Gymcatch services we may hold records of those transactions separately and you will have options to opt out of those services independently.
Consumer’s booking, attendance and transaction history and participation information and message records at any Business with which you have interacted will be retained in line with their policies.
If a Consumer wishes their booking, attendance and transaction history and participation information and message records to be removed then they should make that request to the relevant Business who will decide if and when they are able to comply with that request. Consumers should contact their Business directly to make this request but please note that Businesses may require to keep some or all of this information for a period of time for the legitimate reasons set out above.
When a Business terminates its account with Gymcatch it will lose access to all booking, attendance and transaction history and participation information and message records as well as their own personal Gymcatch accounts.
Consumers will continue to have access to their accounts, including booking, attendance and transaction history, participation information and message records after a Business that it has interacted with has terminated its Gymcatch account. Gymcatch can, on request, remove a Consumer’s booking, attendance and transaction history and participation information and message records at a Business which has terminated its Gymcatch account.
At any time, upon request, we will provide a list of Businesses that have access to your personal data and the information you have provided directly to Gymcatch. If you would like to revoke your consent for a Business to process your data please submit this request to the Business you have interacted with.
Retention
Gymcatch uses industry standard backup procedures and will retain backups of our database for up to 30 days.
Future opt-in
If at any time Gymcatch wishes to share your personal data with third parties or offer third party services we will provide you with an opt-out or opt-in choice before we share your data with third parties or before we use it for a purpose other than which it was originally collected.
Notifications
All users can set their notifications from their profile in app at any time. This applies to push notifications and emails. We default email notifications to being on as they contain important information for Consumers like booking confirmations and notifications of cancellations.
Children
Gymcatch is not intended for use by people aged under 16.
Information provided by Businesses
Content published by Businesses is made public on Gymcatch consumer applications. This includes your schedule, newsfeed posts, your business information, your public team members and their profiles. You have the ability to edit and remove this content in the Gymcatch platform but some of this information may be stored locally on Consumer devices after you do.
Brand Affiliation
When businesses affiliate with Brand you do so opting in to the service and agreeing the terms of that affiliation. Some information, like your schedule, and anonymised and aggregated booking figures at a brand may be shared with the Brand. You can opt-out of an affiliation at any time.
In App Privacy
Consumers and Businesses can find their privacy settings from their profile and control their privacy settings there.
Cookies & similar technologies
We use Cookies for the following reasons on Gymcatch.
We use a token+ local storage technology to perform your request to “keep me logged in” to our apps. You can untick this at anytime.
We use Google Analytics on our www.gymcatch.com to track usage and analytical data.
Facebook use a cookie on our website which is a requirement of the Facebook SDK to enableFacebook log in. This will be removed in the course of 2021.
We have our Facebook Business Pixel which helps us re-target Facebook advertisements to business customers: https://www.facebook.com/business/learn/facebook-ads-pixel
We use this GDPR Cookie Consent: https://www.webtoffee.com/category/documentation/gdpr-cookie-consent/
Changes to this policy
We will update this policy from time to time. Please check this policy regularly for changes.If we make material changes to how we handle personal data we will notify you via email.Your continued use of Gymcatch will constitute acknowledgement and acceptance of this policy.
Location, governing law and jurisdiction
All data processed and stored on Gymcatch is in the United Kingdom. For users outside of the United Kingdom this means that data is being transferred into the United Kingdom. This agreement is governed by English law and under the jurisdiction of the courts of England and Wales.
Contact
If you need any further information or want to request an account cancellation please contact us at support@gymcatch.com.
Gymcatch Limited is a private limited company registered in England and Wales with registered number 8545573. Our registered office is at ℅ Bright Grahame Murray, Emperor’s Gate, 114a Cromwell Road, London, SW7 4AG.