PERSONAL DATA PROCESSING PRINCIPLES INFORMATION FOR CLIENTS AND BUSINESS PARTNERS

Fitness Place s. r. o.
ID: 05785880
with the registered office at Plzeňská 233/8, Praha 5 – Smíchov

INTRODUCTORY INFORMATION

Dear clients, business partners and visitors,

these principles inform you on how Fitness Place s. r. o. (hereinafter „Company“) collects, processes, uses and transmits your personal data (hereinafter “personal data processing”).

Personal data mean information relating to a certain person who can be identified based on this information or in connection with other information.

The most common examples of personal data processed by the Company within its everyday business activity are identification data of clients and business partners (natural persons), or representatives, employees, coworkers or members of statutory bodies of business partners (natural persons), information on your membership or a concluded contract, contact details (in particular residence address, email address and phone number) and also records of visitors of Company premises.

Content

Who is the controller of your personal data?

The controller of your personal data is Fitness Place s. r. o., with the registered office at Plzeňská 233/8, Praha 5 – Smíchov, ID: 05785880, incorporated in the companies register kept by C under file No. 270769.

The Company defines in what manner and for what purpose your personal data will be processed. You can find the Company´s contact details in the chapter “Inquiries and Contacts” below.

The Company and other connected companies from the Fitness Place group are collectively designated herein as “Fitness Place Group”.

What personal data about you and for what purpose does the Company process?

In the below table you will find what personal data, for what reason and for what purpose the Company processes in relation to clients, business partners and visitors.

a) Clients

Personal data
(Categories and examples)
Purpose of processing Legal ground for processing
Basic identification and contact data:
  • name and surname,
  • date of birth,
  • e-mail, phone number,
  • address.
  • Conclusion and performance of contract and related communication,
  • fulfillment of legal obligations,
  • records and enforcement of eventual claims.
  • Conclusion and performance of contract,
  • justified interest of Company in enforcing claims.
Data relating to contract with client:
  • membership type,
  • membership duration,
  • financial and invoicing terms.
  • Performance of relevant contract,
  • fulfillment of legal obligations.
  • Conclusion and performance of contract.
Data relating to personal training:
  • name,
  • profession,
  • age,
  • e-mail, telephone,
  • experience in personal training,
  • personal training goals,
  • health problems affecting configuration of personal training.
  • Performance of relevant training contract, personal training management.
  • Conclusion and performance of contract,
  • client´s consent.
Photography
  • Using photography for entry card
  • Relevant person´s consent.
Security data:
  • camera system records,
  • access system records.
  • Protection of Company property, clients and other persons,
  • protection against thefts and other criminal activity,
  • escape route check.
  • Justified interest of Company in providing entry check and protection of Company property, clients and other persons.
Data for marketing purposes
  • name and surname,
  • e-mail, telephone number, address,
  • information on current membership,
  • entitlements to discounts and benefits.
  • Promotion and support for sale and Company services,
  • sending information on new services and products or other marketing/commercial messages.
  • relevant person´s consent with receiving commercial messages and with processing for marketing purposes,
  • justified interest in addressing clients via direct marketing and sending commercial messages.
Data about visits on our website:
  • IP addresses or cookies.
  • Records of visitors and improvements to our services and for statistical and analytical purposes. More information in „What are cookies?“ chapter below.
  • Justified interest of Company concerning information on visits on our website,
  • consent with such processing if required.

b) Business partners

Personal data
(Categories and examples)
Purpose of processing Legal ground for processing
Basic identification and contact data:
  • name and surname,
  • position, company,
  • e-mail, telephone number,
  • address,
  • payment and delivery data.
  • Conclusion and performance of contract and related communication,
  • records and enforcement of eventual claims.
  • Conclusion and performance of contract,
  • justified interest of Company in enforcing claims
Data for marketing purposes
  • name and surname,
  • position, company
  • e-mail, phone number,
  • information current membership business cooperation and communication
  • entitlements to discounts and benefits.
  • Promotion and support for sale and Company services,
  • sending information on new services and products or other marketing/commercial messages.
  • relevant person´s consent (even with giving business card) or granted consent with receiving commercial messages and processing for marketing purposes,
  • justified interest in addressing clients via direct marketing and sending commercial messages.

c) Company visitors

Personal data Purpose of processing Legal ground for processing
Security data:
  • camera system records,
  • records of visitors.
  • Protection of Company property, employees and other persons,
  • protection against thefts and other criminal activity,
  • checking persons staying in Company premises.
  • Justified interest of Company in providing entry check and protection of Company property, employees and other persons.

What sources does the Company use to obtain your personal data?

The Company obtains personal data which are subsequently processed directly from its clients or from business partners, eventually from publicly available sources (such as OR or ARES) or from
visitors staying in Company premises.

Does the Company share your personal data with other persons?

a) External service providers

The Company uses external service providers which ensure in particular bookkeeping, accounting, claims administration, marketing and promotion and IT. In order to be able to fulfill their duties the Company must give them certain personal data of clients, business partners and/or visitors to the external service providers.

External service providers are cleared by the Company and they provide sufficient guarantees regarding privacy and protection of personal data of clients, business partners and/or visitors. The Company concluded written contracts for processing personal data processing with all these providers which undertook (within these contracts) to protect personal data and maintain Company standards for protecting personal data.

b) Fitness Place Group companies

The Company may share personal data within the Fitness Place Group (more information on Fitness Place Group members is available at www.formfactory.cz website). Each time the Company needs to share your personal data, it will do so only when it is necessary and it will share them only with selected employees from the Fitness Place Group for fulfilling their work duties.

The Fitness Place Group adopts suitable measures to ensure that these selected employees shall be bound by the obligation to maintain these personal data in confidentiality.

c) Disclosure of personal data to third parties

in accordance with legal regulations concerning personal data protection, under certain circumstances the Company is obliged to share personal data of clients, business partners and/or visitors with third parties which are not the mentioned service providers or members of the Fitness Place Group.

These third parties include in particular:

  • administrative and similar bodies (financial authorities),
  • financial institutions (banks, insurance companies),
  • police, prosecution office,
  • external advisors.

Does the Company transmit personal data to countries outside EEA?

The Company does not transmit your personal data outside the European Economic Area.

How are your personal data secured?

In order to ensure confidentiality, integrity and availability of your personal data, the Company uses modern IT security systems. The Company maintains suitable technical and organizational security measures against illegal or unauthorized personal data processing and against accidental loss or damage of personal data.

The access to your personal data is provided only to persons who need them to fulfill their work duties and they are bound by legal or contractual confidentiality obligation.

How long will the Company store your personal data?

The Company stores your personal data only for the period for which it needs them for the purpose for which they have been collected, eventually for the protection of Company´s justified interests or for the period for which consent with processing has been granted.

If the Company processes data based on your consent, it will do so for the period of 10 years after the consent with processing has been granted or until it is recalled.

What are your rights connected to personal data processing?

You can asserts any of the below listed rights under the set conditions. These rights are given to you by legal regulations concerning personal data protection, in particular by the General Data Protection Regulation (GDPR):

  • the right to clear, transparent and comprehensible information on how your personal data are used and what your rights are;
  • the right to recall the granted consent with personal data processing at any time and free of charge, either by mail, email or in person at our address listed below;
  • the right to access to personal data and provision of additional information related to their processing by the Company, or processors;
  • the right to rectification of incorrect or incomplete personal data;
  • the right to deletion of personal data, in particular if (i) they are no longer necessary for further processing; (ii) the consent with their processing has been recalled; (iii) the data subject justifiably objected against the processing, (iv) they were processed illegally; or (v) they must be deleted under legal regulations;
  • the right to limitation of personal data processing, if (i) the data subject contests the integrity of personal data, for the period until the Company verifies their integrity; (ii) the processing is illegal; (iii) the Company no longer needs them but the personal data are needed by the data subject for the purposes of asserting his legal claims and (iv) the data subject objects against personal data processing, until the Company verifies whether its justified interests prevail over data subject´s interests;
  • the right to lodge objections against personal data processing if the data are processed for the purposes of Company´s justified interests. If you lodge an objection against further processing for direct marketing purposes, your personal data will no longer be processed for these purposes;
  • the right to obtain his personal data and transfer them to other controller while adhering to legal conditions;
  • the right to file a complaint with the Office for Personal Data Protection with the registered office at Pplk. Sochora 27, 170 00 Praha 7; uoou.cz, if you believe the Company is violating the obligations resulting from legal regulations for personal data protection.

We will react to your requests for assertion of rights within the statutory period, usually at the latest within 1 month following delivery of your request. If our reaction requires longer time in exceptional cases, we will inform you.

What are cookies?

Cookies are small data files necessary for correct functioning of pages and we therefore place them in your computer just as the majority of websites. Cookies are text files that websites place in your computer or mobile device when you start using a website. For a certain period, the websites can remember actions and settings you made on those websites. Thanks to this you do not need to enter these data again when you re-visit the website and go through individual sections of the web.

We use cookies mainly for marketing purposes, collection of statistical data and web traffic analysis so we can continue to improve our website and perfect our services we offer. The information on how you use our web is thus shared with our partners in the field of advertising and analysis, namely Google. To see how Google hands cookies, read the following document at https://www.google.com/policies/technologies/cookies/.

Inquiries and contacts

If you want to use any of your rights in relation to processing of your personal data or if you have other inquiry or complaint regarding their processing, contact us, please, by mail, phone or email using the below listed contact details.

Fitness Place s.r.o.

Plzeňská 233/8, Praha 5 – Smíchov
e-mail: czech@jatomi.com

Amendments to these principles

It is possible that the Company decides to amend or update these principles. The current version of the principles will always be available at Company´s website www.jatomifitness.cz, in the Personal Data Protection section.

Please, keep in mind that we will never make any amendments with retroactive effects and we will never amend our principles that affect handling of data that were collected before the amendments.