Privacy policy.

Introduction

Pantheon Plymouth respects your privacy and is committed to protecting your personal data. Our Privacy Notice applies to the personal data that Pantheon collects and uses. References in this Privacy Notice to “Pantheon”, “we”, “us” or “our” means Pantheon Health and Fitness Ltd. (a company registered in England and Wales with registration no 12003551 and registered office at Pantheon Plymouth, Cambridge Road, Plymouth, PL2 1PU). We control the ways your personal data are collected and the purposes for which your personal data are used and are therefore the “data controller” for the purposes of the GDPR 2018, UK Data Protection Act 2018 and any other applicable European data protection legislation.

It is important that the personal data we hold about you is accurate and current, so please keep us informed if your personal data changes.

You can delete your account at any time.

The data we collect

Essential data

The list below shows some of the data we may collect.

·      Full name

·      Date of birth

·      Gender

·      Contact details (email address, phone number)

·      Membership purchased

·      Other purchase details and history

·      CCTV

Note:

We do not keep a record of your credit card information, we use a secure 3rd-party service to process payments.

Optional data

We may also collect information that is considered “special categories of personal data” e.g. customer surveys, or completion of the client profile section of the Pantheon mobile application. We only collect this information where you have given your explicit consent, it is necessary to protect your vital interests, or you have deliberately made it public. If you do not allow us to process any special category personal data, this may mean we are unable to provide all or parts of the services you have requested from us.

Mobile App

We utilise technology embedded within our custom mobile application (“App”) and website to offer members the opportunity to enhance their training experience.  Use of these services is optional, and you are in control of your data via use of the App (see the service provider’s privacy notice for more information).  Pantheon can only view the data you give us permission to and communicate with you via the App (if permission is given) e.g., to invite you to join Gym challenges.

 

How we may use the data

We will use your personal data to:

  • Fulfil contractual obligations

  • Provide you with our products and services

  • Maintain client records and manage our relationship with you

We may need to contact you by email, phone, letter and/or SMS for administrative, customer service or operational reasons, E.g. changes to pricing structure, or unplanned Gym closures. Please be aware that these communications are not made for marketing purposes and as such, you will continue to receive them even if you choose not to receive marketing communications.  

  • Understand your needs to ensure we are providing you with appropriate and up-to-date products and services

  • Improve and customise our products and services

Your opinion is very important to us, so we may send you an email or push notification to seek your feedback to improve our services and experiences for other members and guests.

  • To inform our marketing strategy

We may also collect information on how you use our website, which pages of our website you visit most, what services you use/purchase, to understand what you like. We may use this information to tailor the content and offers that you see on our website and to send you relevant messages, Gym news and special offers that we think you might like.

  • Provide you with targeted promotions or offers, etc.

We will also use your personal data to contact you after you have visited the Gym as a guest, made a booking for, a class, sent us a request, filled in a web-form through our website or contacted us on social media.

If you attempt to join online or make a booking, then you leave our website before this has been finalised, we may contact you in order to help you easily complete your transaction.

Former members, may be contacted up to 24 months after your membership end date if we have a re- joining offer exclusive to previous members.

If you have not made any purchase from us, we will only contact you email with updates, such as offers and events IF you have consented to this (except for a direct response to a query). You can ‘unconsent’ to contact at any time choosing the ‘opt out/unsubscribe’ option present on our email.

  • Comply with any legitimate business / legal obligations.

The business purposes for which we will use your information include for law enforcement, legal compliance, accounting, budgeting, billing and audit, credit or other payment card verification, safety, security, statistical and marketing/profiling analysis, systems testing, maintenance, ordering of supplies, planning and development.

  • CCTV.

Pantheon Plymouth has CCTV installed in public areas (not changing areas).  Recordings are stored on a secure server for a maximum of 2 months for the purpose of security and public safety. 

 

We will only use your personal data when the law allows us to. We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to provide you with the service, or product you requested.  We will notify you if this is the case.

 

Sharing data

We share some data with third parties in order for us to provide our services and deliver an efficient customer service experience.

·      Coaches – we may share some of your personal information with any coach that you engage with in order for them to provide you with the best service

·      Secure Payment Provider – a payment processor who stores and manages all our online payment transactions. We will send them information relating to your order details and the payment required in order for them to process your payment. Note: We do not keep a record of your payment card information.

·      Social Media – E.g. Facebook, Instagram, etc. To raise awareness and enable you to share your achievements with others, we post photos and/or videos on social media, of any special events or challenges that we organise.  Please be aware that if you take part, you may be included in these.

We may provide further data to third parties not listed above (e.g. for Law Enforcement/Legal Compliance, accountants, insurers etc.), but before we do, we ensure that all data is anonymous meaning it cannot be used to identify you.

All third parties are required to respect the security of your personal data and to treat it in accordance with the law.

Your personal data may be disclosed to a third party who acquires us. We may also share some of your personal data with, or obtain your personal data from, the following categories of third parties: An individual who pays for your membership on your behalf – to administer your membership on an ongoing basis. Postal or digital mailing company/app – to send out communication to you on our behalf. Specialist survey company/app – to send out surveys to you on our behalf (you are not obliged to respond to them). Bank/credit or debit card companies – to process your payments for services. Credit control company – with prior notification, should contracted membership subscriptions or payment for goods or services become overdue (as per our T&C’s). Web servers/website providers – hosting/storing some personal data.IT support company – able to access some information to assist with IT issues. Social media site – hashed email matched to account to create custom audience file. Till and booking apps. Profiling company – some of your data may be temporarily shared to ensure relevance of marketing communication and profiling to enhance our targeting. In addition to the categories of recipient listed above, we may disclose your personal data when this is required by the law of any jurisdiction to which Pantheon may be subject.

Data Transferred Outside The EU

Some of the companies we use for our apps are situated in third countries; therefore, some data may be transferred to countries outside the European Economic Area (EEA).  Transfers of data to these companies are either based on adequacy, or subject to appropriate safeguards.

 

How long we may store the data

We keep your information for as long as it is necessary to uphold our obligations to: deliver your services, maintain your historic training / purchase data, fulfil our obligations to you regarding our service, meet government regulations (e.g. relating to accountancy, tax or contract law), improve our service to you, prevent fraud and for law enforcement purposes.

If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also hold of some of your information as required, even after you have closed your account.

You can request deletion of your personal data at any time.

CCTV recordings are stored on a secure server for a maximum of 2 months for the purpose of security and public safety.

We usually keep financial records (including information about orders & transactions) for 7 years. We may keep top-level information (for example relating to the total quantity of sales in any year) for as long as we as a business deem it useful.

 

How you may control your data

You have the following rights when it comes to your personal data (noting that these rights don’t apply in all circumstances):

  • The right to request access to the personal information we store about you. A small fee will be payable if you would like a copy of the information held

  • The right to request the correction of inaccurate or incomplete information. It is your responsibility to ensure that you supply us with true, accurate and complete information.  You can change certain information via your online account (such as email and address).

  • The right to object to use of your personal data for marketing purposes. If you do not wish to receive this marketing information, you can; opt out, choose the ‘opt out/unsubscribe’ option present on our emails.

  • The right to restrict the processing of your data. You can do this in a number of ways; you can choose the ‘opt out/unsubscribe’ option if present on our email, you can reply STOP or UNSUBSCRIBE to any email, you can advise a team member if they call, or you can email hello@pantheonplymouth.co.uk

  • The right to Data Portability – move, copy or transfer your personal data.

  • The right to request deletion of your account and all personal data we hold about you.

  • The right to complain to the data protection regulator

If you want to exercise your rights or have any questions or concerns please contact us at hello@pantheonplymouth.co.uk.

 

Links to other websites

Our website may contain links to other websites of interest. If you choose to follow any of these links, you will leave our site and we do not have control of the other website. We can not be held responsible for the security and privacy of any information which you provide whilst visiting the other site, and other websites are not governed by this privacy policy. You must exercise caution and check the relevant privacy policy for the other website.

Cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use cookies when you visit our site. By using our site, you agree to us placing these sorts of cookies on your device and accessing them when you visit the site in the future.  If you do not agree to our use of cookies in this way, you should set your browser settings accordingly or not use the Pantheon site. If you disable the cookies that we use, this may impact your user experience while on the Pantheon site.
There are three main types of cookies – here’s how and why we use them. Site functionality cookies – these cookies allow you to navigate the site and use our features. Site analytics/performance cookies* – these cookies allow us to measure and analyse how our visitors use the site, to improve both its functionality and your experience. These cookies don’t identify you as an individual. *One of the type (2) cookies we use is ‘Hotjar’.  We use Hotjar to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g., how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices (in particular device’s IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link. You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.

Marketing cookies* – used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers. They also limit the number of times that you see an ad and help us measure the effectiveness of our marketing campaigns.
*The marketing cookies we use on the Pantheon website are Facebook and Google. Facebook marketing cookies on our site let Facebook know that you have visited the Pantheon website; this allows Facebook to match your user info to your Facebook account (where applicable) and allow targeted advertising from Pantheon.   We also use our Facebook cookies to review how our generic adverts on Facebook are performing – to log a user reaching our website via clicking on a Pantheon advert on Facebook.  As well as Facebook, we use Google AdWords to re-engage visitors that are likely to convert to members based on online behaviour across websites. If you want to delete any cookies that are already on your computer, the “help” section in your browser should provide instructions on how to locate the file or directory that stores cookies. Further information about cookies can be found at https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/
Please note that by deleting or disabling future cookies, your user experience may be affected and you might not be able to take advantage of certain functions of our site, and the complete Pantheon web experience.

We may occasionally include links to third party websites on our emails and/or website, and/or App.  We do not take any responsibility for these sites, the cookies they use or how they manage any data you may provide to them.

 

Data Security

We are committed to ensuring that your information is secure. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed in an unauthorised way. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

As described in this Privacy Notice, we may in some instances disclose your personal data to third parties. Where Pantheon discloses your personal data to a third party, we require them to have appropriate technical and organisational measures in place to protect your personal data; however, in some instances we may be compelled by law to disclose your personal data to a third party, over which we have limited control.

 

Privacy policy review

We keep our privacy policy under regular review.

We may update this Privacy Policy to reflect changes to our information practices or in line with new legislation. We encourage you to periodically review the Privacy Policy on our website for the latest information on our privacy practices.

If you have any questions or concerns about this Privacy Policy, or the way Pantheon is processing your data, or would like to exercise your rights in relation to your personal data, please contact hello@pantheonplymouth.co.uk. 

If you have a complaint or concern about how we are processing your personal information, please contact Pantheon in the first instance and we will endeavour to address your concern(s).

However, if you would like to direct your complaint/concerns to a Data Protection Authority, the contact details for your local Data Protection Authority are as follows: https://ico.org.uk/global/contact-us/