Here at OneTake Fitness & Nutrition, we are committed to maintaining the trust and confidence of the visitors to Our Websites, Our clients and Our members. In particular, we want you to know that OneTake Fitness will not sell, rent or trade Personal Information with other companies/businesses. We just don’t do that sort of thing; after all we hate spam just as much as you do.
We respect and value the privacy of everyone who visits Our Websites and who trains with Us, therefore we will only collect and use Personal Information in ways that are useful to you and in a manner consistent with your rights and Our obligations in accordance with the relevant legislation.
So grab a cuppa and read on...
1. Definitions and Interpretations
“Account” means any account(s) required to access and/or use certain areas and features of Our Websites.
“Cookie” means a small text file placed on your computer or device by Our Websites when you visit certain parts of Our Websites and/or when you use certain features of Our Websites. Details of the Cookies used by Our Websites are set out in section 10, below.
“GDPR” means EU Regulation 2016/679 – the General Data Protection Regulation.
“Our Websites” means Our Websites: OneTakeFitness.com and martinwhitaker.co.uk, and any sub-domains of these sites, unless expressly excluded by their own terms and conditions.
“Personal Information” means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to Us via Our Websites and from attendance at Our classes and sessions. This definition shall, where applicable, incorporate the definitions provided in the GDPR.
“UK and EU Cookie Law” means the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended in 2011 and 2015.
“We/Us/Our” means OneTake Fitness and Nutrition of Unit 10B, Concept 2000, Sunderland Road, Gateshead, NE10 9LQ.
2. What Does This Policy Cover?
3. What Personal Information Do We Collect?
3.2 We may also be required to collect Personal Information under the “special category data” conditions as listed in Article 9(2) of the GDPR, for example, when applying to train with us. This Personal Information could include:
Please Note: Any financial information, such as credit and debit card numbers used to purchase any of Our goods and/or services are collected via a payment gateway service, either Stripe or PayPal, depending upon your choice at checkout. We do not receive this data.
4. Your Individual Rights
4.1 Under the GDPR you have the following rights:
4.3 You will not have to pay a fee to access your Personal Information (or to exercise any of your other rights). However, We may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or We may refuse to comply with your request in these circumstances.
4.4 We may need to request specific information from you to help Us confirm your identity and ensure your right to access your Personal Information (or to exercise any of your other rights). This is a security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up Our response.
4.5 We try to respond to all legitimate requests within thirty (30) calendar days. Occasionally it may take Us longer than this if your request is particularly complex or you have made a number of requests. In this case, We will notify you.
4.6 We handle subject access requests in accordance with the GDPR. If you have any concerns with the way We are handling your Personal Information, or Our response to your application of rights under GDPR, you also have the right to complain to the Information Commissioners Office [www.ico.org.uk].
5. How Do We Use Your Personal Information?
5.1 We will only process your Personal Information lawfully, fairly and transparently and where at least one of the following conditions, specified under Article 6 of the GDPR apply;
5.2 In some cases, Our collection of Personal Information may be a statutory or contractual requirement; this may include Personal Information designated “special category data” as listed in Article 9(2) of the GDPR. Without your consent for Us to collect and process such Personal Information, We will be restricted in the products and services which We can provide you with. For example, when applying to join one of Our programmes.
5.3 We store and process all Personal Information securely and in line with the reason(s) for which it was originally collected. Specifically, We may use your Personal Information for the following purposes:
6. Do We Share Your Personal Information?
6.1 We’re serious when We say we’re committed to protecting your privacy – we want to earn and maintain your trust, so We do not, and will not, sell any of your Personal Information to any third party for any purpose.
6.2 As an essential part of being able to provide Our products and services to you, We may contract and work with key partners to assist Us in the delivery and support of these products and services and allow Us to run Our business effectively and safely. In some cases, they may require access to some of your Personal Information. These may include:
6.3 We require all third parties with whom We contract to respect the security of your Personal Information and to treat it in accordance with relevant legislation. We do not allow our third party service providers to use your Personal Information for their own purposes and We only permit them to process your Personal Information for specified purposes and in accordance with Our instructions. We only contract with third party service providers who can demonstrate compliance with GDPR.
6.4 Where We use a third party to process your payments on Our behalf, We only use payment processors who comply with the Payment Card Industry Data Security Standard (PCI DSS) service provider level 1 standard - the most stringent level of certification available in the payment industry. All web browsers interact with Our payment processor securely using Transport Layer Security (TLS) so that they make use of an HTTPS connection.
7. Where Do We Store Your Personal Information?
7.1 Sometimes We may need to store or transfer some or all of your Personal Information to third party service providers outside of the European Economic Area (EEA) – for example, this may be required where the service provider uses a “cloud based” service. We will take all reasonable steps to ensure there are appropriate safeguards in place to make certain that your Personal Information receives the same protection as it would if it was being processed inside the EEA and under the GDPR. Where Our service providers require us to transfer your Personal Information outside of the EEA we will ensure that at least one of the following safeguards are in place:
7.2 We are committed to keeping your Personal Information secure and We have put in place physical, electronic and procedural systems to safeguard the Personal Information collected through Our Websites and in person at Our facility.
7.3 It is important to remember that the transmission of information via the internet is not completely secure. Although We will do Our best to protect your Personal Information, We cannot guarantee the security of your Personal Information transmitted to Our Websites; any transmission is at your own risk. We therefore advise you to take suitable precautions when transmitting to Us via the internet.
8. How Long Will We Store Your Personal Information For?
8.1 We will only retain your Personal Information for as long as necessary to fulfil the purposes We collected it for, as described in section 5, including for the purposes of satisfying any legal, accounting, or reporting requirements that We may have.
8.2 Details of retention periods for different aspects of your Personal Information are available in Our data retention policy which, is available on request, by contacting Us using the information in section 11.
9. What happens If Our Business Changes Hands?
9.1 In the event that We sell or buy any business or assets We may be required to disclose some or all of your Personal Information to the prospective seller or buyer of such business or assets.
10.2 We use the following cookies:
10.3 You may block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of Our Website.
10.4 Except for essential cookies, all cookies will expire after 180 days.
11. Contacting Us
11.2 If you are contacting Us regarding the Personal Information We hold about you, please ensure your query is as clear and detailed as possible to assist Us in responding.
Written: May 25th 2018, last updated: February 2021