About this policy notice
AirFitness is committed to complying with privacy laws applying both to you and to AirFitness’ businesses and which set out standards for the processing of personal data. Privacy laws applying to you may give you the right to be informed about AirFitness’ collection and use of your personal data. This policy notice is to give you that information.
Such privacy laws may give you important privacy rights in respect of your personal data which are in addition to your rights referred to in this policy notice. Links to the websites of several countries’ privacy regulators are at the privacy contact details below – your country’s regulator may be able to give you additional information.
We may have additional terms relevant to AirFitness’ collection and use of your personal data. These are important. They may provide for certain contract commitments and consents from you to AirFitness and other legitimate bases for AirFitness’ personal data processing, depending on the nature of your dealings. AirFitness has separate policies concerning AirFitness’ employees – this policy does not apply to the personal data of employees in their capacity as such.
Personal data and personal information
This policy notice refers to “personal data”. In some places, the law refers to this as “personal information”. These terms are used interchangeably and have the meaning of the term for personally identifying information about individuals under the privacy law applicable to you in your country (the relevant country’s laws being referred to as “your privacy law”) for example, “personal data” under the UK Data Protection Act 1998 (UK Act) and the EU General Data Protection Regulation(GDPR) and “personal information” under the Australian Privacy Act 1988 (Cth) (Australian Act).
For the purpose of a provision in your privacy law which requires you to be made aware of the controller of your personal data, this is AirFitness Pty Ltd ABN 44 622 361 406.
Inthis policy notice AirFitness Pty Ltd ABN 44 622 361 406 and its related group entities are separately and together referred to as “AirFitness”, “us”, “our” or “we”. You can find out more about us by visiting https://www.airfitness.fit. AirFitness’ contact details are at the privacy contact details below.
Who we are
Lawful bases for processing
In collecting, holding and using your personal data, AirFitness generally relies on one or more of consent, contract and legitimate interests. Under “Why we collect, hold, use and disclose personal data” details of these bases are given. These are referred to in the UK Act and GDPR as “lawful bases”.
What kinds of personal data we collect and hold
The personal data we collect and hold is what we consider reasonably necessary for our business functions and activities. When we collect and hold personal data, it is generally of the kind we ask for in order to provide our goods and services and what arises from that. Specifically, we collect
- full name
- date of birth
- telephone numbers
- communication preferences
- languages spoken
- fitness industry registration
- fitness industry certificates
- insurance relevant to the purpose of your acquisition or supply of goods or services from to to us or via our online sites
- what is provided to us with consent. This may include health information provided in connection with health or fitness services transacted through our online sites. It may also include financial information to enable us to process payments for such services. See “Important information about consent” in this policy notice
- what is collected by us via cookies and which is described in our cookies policy. Our cookies policy is at https://morfus.fit/cookies/
- what is provided to us pursuant to a contract with us automatically collected information from visits to our online sites. This is generally the identifier of the device you are using (for example the Internet protocol (IP) address); login information; browser type and version; location and time zone settings; browser plug-in types and versions; operating system and platform and information about visits to the site. Examples of this are the uniform resource locators (URLs) of locations visited through and from AirFitness’ sites (including date and time), what was viewed or searched for, response times, download errors, length of visits to certain pages and page interaction information (such as scrolling and clicks). It may also include metrics used in in connection with some of the purposes for which we process personal data (as to which see “Why we collect, hold, use and disclose personal data” below), such as Google Analytics’ metrics such as sex, age, interests and general location.
Your obligation to provide your personal data
You generally have the option of not identifying yourself or of using a pseudonym when dealing with us, except where this is impractical, you have consented or agreed or where the law or a court order provides otherwise.
Collecting your personal data from others
We may collect your personal data other than from you directly. These sources are generally those in respect of whom we have a reasonable expectation of their lawful ability to provide us with the relevant personal data. Examples are those who support our data analytics activities and who may have a contract with you, and those who support our business operations. Examples of third party sources with whom we may have relationships from time to time are:
entities involved in fulfilment processes such as Stripe, Salesforce, SOS, DG3, WHSmith, Newslink, Apple, Kindle, Magzter and Eurostar and
entities involved in marketing and advertising technology such as OptinMonster, Schedugr.am, Social Drift, Sprout Social, Magento, Facebook, Twitter, Jellyfish, iSubscribe, Instagram, LinkedIn, Pardot, Chargify, Magshop, AppStore, Google (and Google Play) and Amazon
We collect personal data via cookies.
For detailed information on the cookies we use see our Cookies Policy at
How we collect and hold personal data
Collection of the personal data: When we collect personal data about you, we do so by making a record of it. We do this when:
- you communicate with us.
- you communicate with others via our online sites.
- you use our online sites to transact with us or with others, for example when you book any health and fitness classes or purchase any goods or services from suppliers who also use our online sites.
- you subscribe to our information services, such as our health and fitness updates.
- you express an interest in taking part in our events.
- you take part in any trade promotions, testimonials, surveys, focus groups and research we are involved in.
- you deal with us in other ways involving a need for personal data to be provided, such as when you make contact .with us or seek assistance from our customer services.
We may also collect personal data by accessing personal or other data from the other sources referred to at “Collecting your personal data from others” above then analysing that data together with the information we already hold about you for the purposes outlined under “Why we collect, hold, use and disclose personal data” below.
Holding of personal data: Personal data we hold is generally stored in computer systems. These may be operated by us or by our service providers.
Why we collect, hold, use and disclose personal data
For your personal data sourced from you, third parties or from us, we have a range of processing purposes. These purposes may apply to any or all of the personal data we collect, hold, use and disclose.
These are generally as follows:
· responding to requests or enquiries regarding our goods and services for example facilitating bookings for health and fitness services or facilitating fulfilment of purchases of any goods or services from those using our online sites
· sending information, such as our health and fitness updates and information about events
· marketing to you: This may be direct marketing to you by ourselves or by third parties we select. This may promote our goods or services or those of third parties. It may take a variety of forms, for example electronic communications (such as email and SMS), telephone or regular mail. It may take the form of advertising which has been facilitated by cookies used when you are visiting our, or third parties’ online sites.
Our Cookies Policy is at http://subaclass.com/cookies
- administering our sites, for example troubleshooting, data analytics, testing, research, statistical and survey activities;
- improving our online sites to present content in an effective manner;
- facilitating participation in any interactive features of our services;
- measuring and understanding the effectiveness of our marketing and to deliver relevant marketing;
- making suggestions and recommendations about goods or services that may be of interest;
- combining some of the personal data we hold with other personal data about you sourced from others and using the combined information for the above purposes;
- communicating with actual or prospective sellers or buyers of businesses or assets in which we have an interest; In the event of a sale, the personal data we hold about you may be included in the transferred assets;
- complying with any legal obligations;
- enforcing or applying contract terms;
- protecting the rights, property or safety of our businesses, customers or others; This may include exchanging information with others for the purposes of fraud protection and credit risk reduction.
Important information about your opt out rights for direct marketing: Regardless of our source of your personal data and of the basis on which we collect or hold it, it is our policy to observe your rights under your privacy law to opt out of our direct marketing to you. Our direct marketing materials will generally tell you how to do this, but if you are not sure, a member of our privacy team will help you. Contact details for our privacy team are below.
Where we store your personal data
In respect of your personal data of which we are the controller, we hold this on our servers or those of our third party processing service providers. Any payment transactions will be encrypted using the technology of our payment processing service provider such as Stripe. Where we have given you (or where you have chosen) a password which enables you to access parts of our online sites, you are responsible for keeping this confidential. We ask you not to share a password with anyone. The transmission of information, electronically, is not secure and we cannot guarantee the security of your personal data transmitted to or from any of our sites. Please bear this in mind when deciding whether or not to allow your personal data to be processed by us.
How you may access, correct or enquire about your personal data
Access: We will provide you with access to any of your personal data we hold (except in limited circumstances recognised by law). Before we provide you with access to your personal data we may require some proof of identity.
Correction: if you need to correct personal data we hold, please contact one of our privacy team – see contact details below.
Enquiries: please direct any enquiries you may have about our processing of your personal data to the privacy team whose contact details are below. Where your privacy law includes the California Civil Code, Section §1798.83 of that Code permits users of our sites that are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please send an email to our privacy team – see contact details below.
How you may complain to us regarding your personal data
If you wish to complain about our processing of your personal data, you may contact our privacy team – see contact details below. We may ask you to put your complaint in writing and to provide details about it. We may discuss your complaint with our personnel and our service providers and others as appropriate. Our privacy team will investigate the matter and attempt to resolve it in a timely way. Our privacy team will inform you in writing about the outcome of the investigation. If our privacy team does not resolve your complaint to your satisfaction and no other complaint resolution procedures are agreed or required by law, our privacy team will inform you that your complaint may be referred to a privacy regulator for further investigation. Links to some privacy regulators’ websites are under Privacy contacts below.
Our sharing of data overseas
We may allow your personal data to be shared with those who are in countries other than your own location.
We do this:
· where we have made a business decision to store our data with a trusted service provider who is in the business of providing data storage and processing services. Examples are those who store and process our email and mobile application data. These services commonly involve diverse geographic locations which change from time to time for reasons which include data protection and processing efficiency.
· where these services are used by us, it is not practical for us to notify you of which country your personal data may be located in for disclosures between our group companies. Our main business location is in Australia but we do business in a number of countries and some of our group companies may be based in other countries from time to time; and when our business which collected your personal data is in a different country to your location.
How long we keep your personal data
We will hold your personal information on our systems only for as long as required to provide you with the goods or services you have requested or as we consider reasonably appropriate having regard to the purpose of our processing.
Contact details of our privacy team are:
PO BOX 440 Rose Bay 2029 NSW Australia
Australian Information Commissioner https://www.oaic.gov.au
Information Commissioner https://www.ico.org.uk
European Commission https://ec.europa.eu/info/law/law-topic/data-protection
There is no single, comprehensive federal (national) law regulating the collection and use of personal data but various agencies administer various aspects of US privacy law, for example the Self-Regulatory Principles for Behavioural Advertising https://www.ftc.gov/
The Personal Information Protection Commission http://www.ppc.go.jp/en/
Personal Data Protection Commission https://www.pdpc.gov.sg/
Last updated: 10 September 2019