Greg Jones Personal Trainer Ltd ("We") are committed to protecting and respecting your privacy. We will comply with all applicable requirements of the Data Protection Legislation. This policy is in addition to, and does not relieve, remove or replace, our obligations under the Data Protection Legislation.
Any reference to Data Protection Legislation in this policy means (i) unless and until the GDPR is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 1998.
Data Controller, Data Processor and Personal Data have the meanings as defined in the Data Protection Legislation.
For the purpose of the Data Protection Legislation, the data controller is Greg Jones Ltd whose registered office address is Unit 2, Withey Dyffryn Court, Dyffryn Business Park, Ystrad Mynach, CF827TT
Information we may collect from you
We may collect and process the following data about you:
Information you give us. You may give us information about you by filling in forms on our website or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to any of our services, subscribing to newsletters or other updates, search for a product or service, place an order with us, make an enquiry, participate in social media functions on our site, enter a competition, promotion or survey and when you report a problem with our site. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, personal description and employer.
Information we collect about you. With regard to each of your visits to our site we may automatically collect the following information:
Information we receive from other sources:
We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this site. We may receive information about you when we send you an electronic communication, such as clicks on links. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
Uses made of the information
We use information held about you in the following ways:
Information we collect about you. We will use this information:
Disclosure of your information
We may share your information with selected third parties including:
We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in NP11). We may make use of the personal data we have collected from you to enable us to:
We may disclose your personal information to third parties:
Where we store your personal data
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We will ensure that we obtain all necessary appropriate consents to enable lawful processing and transfer of your Personal Data.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at firstname.lastname@example.org
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
We will ensure that we have in place appropriate technical and organisational measures, reviewed and approved by us regularly, to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of our systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by us);
We will ensure that all personnel who have access to and/or process Personal Data are obliged to keep the Personal Data confidential.
We will not transfer any Personal Data outside of the European Economic Area unless the following conditions are fulfilled:
(i) we and the Provider have provided appropriate safeguards in relation to the transfer;
(ii) you have enforceable rights and effective legal remedies;
(iii) the Provider complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any Personal Data that is transferred; and
(iiii) the Provider complies with reasonable instructions notified to it in advance by us with respect to the processing of the Personal Data;
We will ensure we comply with our obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
We will notify you without undue delay on becoming aware of a Personal Data breach;
At your written direction, we will delete or return Personal Data and copies thereof to you unless required by Applicable Law to store the Personal Data.
We will maintain complete and accurate records and information to demonstrate our compliance with this policy