Why do we have a privacy statement?
If you have a Basic-Fit membership, want to get a Basic-Fit membership, visit our website, use our app or respond to our social media messages, we need certain personal information from you. We want to be transparent about the processing of your personal data by Basic-Fit and that is why we have produced this privacy statement. Basic-Fit handles your personal data with the utmost care and complies with the laws and regulations relating to the protection of personal data, including the General Data Protection Regulation (GDPR). Below we have listed which of your data we process, why we do it, and how we handle your personal data. In addition, it explains how you can change the processing of your personal data by Basic-Fit. Because we are a dynamic company in a rapidly developing environment, it is important that we update our privacy statement from time to time. We therefore reserve the right to change this privacy statement at any time. You can always find the most current statement on our website. We therefore advise you to visit this page regularly.
Which personal data are processed by us?
Basic-Fit processes personal data. According to the GDPR, personal data is "any information about an identified or identifiable natural person". These are any data that can be traced directly or indirectly to you as an individual. We receive the data directly from you, when you join Basic-Fit, you visit the website or when you contact via social media.
Data from our members
When becoming a member of Basic-Fit, we will as a minimum process your name, address, place of residence, telephone number and your email address, bank account number, gender and date of birth. If you already have a Basic-Fit membership, we will continue to process this type of personal data about you. When using Basic-Fit services, depending on which services are purchased, the following personal data are also processed: membership number, card number, language choice (country of the club), which club you have designated as a home club, channel through which you became a member, recorded club visits, last visit to a club, type of subscription, supplementary benefits, sports profile if survey was completed, information you may have given to our customer service, your financial status with Basic-Fit (purchased services and products and whether these have been paid), NPS score if you participated in a membership satisfaction survey.
Our app is meant to support our members in their fitness journey, to offer a self-service tool to manage your membership, make reservations and to inform our members about their gym, services and products. After activating an account, you can personalize the app as much as you want, depending on your own fitness goals. We can distinguish the following categories of personal data in our app:
1. Data to create and use an app account
If you are a Basic-Fit member, you can easily install and login the app by providing your membership credentials. The following data will be uploaded on your app (data you normally see within ‘My Basic-Fit’): Name, age, gender, country, language, contact details, type of membership, membership and card number, home club, reservations and club visits. If you are not a Basic-Fit member, you have to create an account by providing the following data: name, age, gender, country, language and email address.
2. Data to achieve your sports goals and personalize your app
Our app can help you to achieve your sport goals. Therefore you need to add some information like your length, weight, objectives, goals, sport preferences and planned and concluded workouts. Your BMI will be automatically calculated. You can also use the ‘smart scale’ in the club and the results will be visible in your app.
3. Connect with your Apple health app
You can connect your health app to our Basic Fit app to optimize your sports goals. The data from your health app will only be visible on the app on your own device. Basic-Fit will not view, collect or store this data on its own systems.
4. Other optional extra’s
Profile picture, personal coaching dashboard, virtual lessons, recommended products/sport nutrition, recommended dietary tips and recipes. We also offer the option ‘club finder’, where you can give permission to use your location data. Basic-Fit does not store this location data.
5. Invite friends
You can send friends an invitation to join you and become a Basic-Fit member. Therefore we will redirect you to our website from where we provide you a special link to send to your friends.
6. Analytical data
We analyze the use of the app for improving it’s functionality and security and for personalization and marketing purposes. We analyze by use of an unique identifier, only interpretable for Basic-Fit, and do not use any user or device data. Basic-Fit uses Google analytics and concluded a Data Processing Agreement with Google in this respect. Google uses device data like IMEI (not accessible for Basic-Fit) for identification purposes.
Basic-Fit never shares or sells any personal data from app users to third parties. The data from your app account will be deleted 2 months after cancelation of your membership. You can change your settings, personal information or marketing preferences in the privacy settings of the app. More information about your privacy rights can be found in the final part of this statement.
We have cameras in and around our clubs, but we use the images for limited purposes. We realize very well that camera protection also affects the privacy of our members and employees and therefore we monitor with the utmost care. For example, no camera protection takes place in changing rooms or sanitary facilities and, in principle, monitoring only takes place reactively. This means that images are viewed after an incident has been reported. For information about the nature and execution or our camera protection, we refer to our Regulation Camera Protection on our website.
Basic Fit included in its General Terms and Conditions that it is not permitted to grant another person illegal access to the club by letting him or her walk through the turnstile. A fine (the value of a day pass) will be charged for this, or when repeatedly, the membership can be terminated. Specially equipped cameras are placed at the turnstiles that can recognize access fraud. In case the camera detects fraud, the images are always verified by an authorized employee to determine whether access fraud has occurred. The violation will be recorded and connected to the registered owner of the specific card number. This person receives an email from us with the request to pay the fine at the kiosk. You always have the right to request for access to the relevant photo moment, but you are responsible yourself for informing the other person visible on the photo or asking its permission. Upon request, the photo can also be sent anonymously (blurred faces). After payment of the fine, or termination of the membership, the photo will be deleted after 28 days. You can request the photo via the following email address: For the Netherlands: firstname.lastname@example.org For Luxembourg and Belgium: email@example.com For France: firstname.lastname@example.org For Spain: all email addresses above can be used.
App users can use an online coach of their choice who guides you for 12 weeks in achieving your sports goals. This functionality is not yet in operation in all countries. A chat function is available for the coaching. These chats are only intended for the online coaching period and will not be used for other purposes. The chat messages will be deleted 2 months after termination of the coaching period. Only when complaints arise about the coaching period chats can be kept a little longer, namely up to 2 months after the complaint has been handled.
Website visitors' data
The personal data of visitors to our website are also processed. This concerns personal data that you enter on the contact page or the web shop itself, such as your email address, name, address, place of residence, current location or a telephone number.
What are the bases for processing? We may only process your personal data if there is a legal basis for it.
The following principles are:
• when you have given permission for this. The permission can always be withdrawn again;;
• the execution of the agreement that you have entered into with Basic-Fit;
• compliance with a statutory obligation of Basic-Fit;
• to protect vital interests of you, and;
• to fulfil a task of general interest or exercise of public authority; and
• for the representation of the legitimate interests of Basic-Fit.
What is the purpose of processing your data?
Basic-Fit processes your data to provide you with our fitness services. To create a membership card that gives you access to the Basic-Fit clubs, handling and answering questions and complaints, preparing, sending and collecting invoices, and communicating in the right language. In addition, we process the data you provide for specific services in order to effectuate that specific service. An example is the data that you enter in the Basic-Fit app so that we can help you achieve your exercise goals.
Basic-Fit processes your data in order to keep you informed, mainly by email (or, very occasionally, by letter or by telephone). You will receive information about your subscription: you are not able to unsubscribe from these messages. You will also receive information about similar products and services from Basic-Fit, such as confirmation of training schedules and new group lessons. You can unsubscribe from these messages at any time.
Marketing and sales activities
When you register you will also be asked if you want to receive information about other Basic-Fit products and services, products and services of third parties, and whether we may use your data for profiling to send you information in line with the interests you have expressed. If you indicate that you would prefer not receive this type of information, you will not receive this information. You can unsubscribe from this information at any time, as well as indicate and change your choice via the appropriate link or via mybasic-fit.com. To clarify: we do not sell the personal data of our members to third parties for their direct marketing activities.
Analysis & (market) research
We may use your personal data for research and analysis, with the aim of improving Basic-Fit services and those of its affiliates. We may also ask you if you would like to participate in a no-obligation customer or market research survey in order to improve our services. You decide whether you want to participate in this by giving/not giving your consent.
Basic-Fit processes member data for statistical analysis and management reports. Decisions are made on the basis of these analyses and reports, products and services are evaluated, and campaigns are assessed to see whether they are effective. Members' data is used for this purpose at an aggregated level. Aggregated means that the data does not contain information about individual members, but only contains information about specific groups based on usage, age or new membership.
Contact with member
If you contact us or we contact you by phone, email, social media, chat or in any other way, your data will be recorded. This allows Basic-Fit employees to see at a later point that you have been in touch and what you got in contact about. This will help us deal with your enquiry more quickly and effectively. This could include enquires about services, complaints, invoices or payments, if you participate in market research, and sales discussions. Recordings of telephone calls between members and Basic-Fit may be stored to allow them to be listened to again and for training purposes. If a call might be recorded, you will first hear a message telling you that the call may be recorded. For completeness sake, we inform you that it is no longer possible in the Netherlands to contact us by phone.
Basic-Fit may be required under the law or regulations to process your personal data and/or provide it to third parties. For example, if a competent authority such as the police requests this in the context of a criminal investigation.
If Basic-Fit wants to use personal data for a purpose other than that already described, it will ask you for permission.
How do we safeguard your data?
Basic-Fit has appropriate technical and organizational security measures in place to protect personal data against loss, destruction or damage, unauthorized access, or any other form of unlawful processing of your personal data. We do this by having in place physical and organizational measures for access security, protecting all desktops with user name, password, and authorization management so that your data cannot be viewed by all Basic-Fit employees. But also by keeping software up-to-date and regularly testing our security systems.
How long do we keep your data?
We will retain your data so long as is necessary for the purposes for which we process your data and for no longer than legally permitted. The actual retention period will differ depending on the type of personal data. If you have a Basic-Fit membership, we will keep your details for at least the term of your membership. Once the retention period has come to an end, your personal data will be anonymized or deleted.
Do we use third-party services when processing data?
Basic-Fit uses the services of other parties. This only happens after screening in relation to security and privacy and only after the company has signed an agreement with respect to the use and protection of personal data. Actions involving third parties include: offering introductory classes, (online) marketing, market research, debt collection, advertising and analysing the effectiveness of advertisements, web analysis and applications/SaaS services used in the context of recruitment and selection, membership administration, customer service and marketing, mobile app, telephone contacts and banking transactions.
Do we provide information to third parties?
In principle, Basic-Fit does not provide or sell data to third parties. Basic-Fit may be required under the law or regulations to process your personal data and/or provide it to third parties. For example, if a competent authority such as the police requests this in the context of a criminal investigation.
What influence do I have over the processing of my personal data?
Data subjects have a number of rights under the GDPR. Everyone has the right to view, correct, or add to their personal details, to have them corrected or added to, to have them deleted, to request a restriction to processing, to have them transferred, and to object to the processing of his or her personal data. Below is a brief explanation of the various rights.
Access to data
You have the right to inspect your personal data and to receive a copy of it.
Rectification of data
You have the right to have your personal data corrected if these are incorrect and have them added to if they are incomplete.
Deletion of data
You can request that your personal data be deleted and this request must be complied with in the following cases: because the data is no longer necessary for the purposes for which it was collected or processed, because you withdraw your consent, because you have successfully objected to its processing, because the personal data have been processed unlawfully, or to comply with a legal obligation.
Restriction to processing
You have the right to request and be granted a restriction to processing in a number of specific cases: during the period of dispute as to the correctness of personal data and the checking thereof, if the processing turned out to be unlawful but you do not want the data to be deleted, if Basic-Fit does not need the data anymore but you have need the data for a legal claim, and when you object to the processing and you are awaiting a reply to the objection. You request that your personal data be blocked (temporarily locked) with the aim of restricting processing in the future.
Portability of data
You have the right to have your data transferred. This means you can request and receive a copy of your personal data that could then be used by another service provider, for example. The data will be provided in a structured, current, and machine-readable form. This might mean an Excel file, CSV file, or otherwise downloadable format. This right only applies if the processing of the data is based on consent or an agreement and if the processing is carried out via automated procedures.
Objections to processing
You have the right at all times, on the grounds of reasons relating to your specific situation, to object to: the processing of your personal data on the grounds of a general public service or a service assigned to Basic-Fit in the context of exercising official authority and if the processing is necessary for the protection of the legitimate interests of Basic-Fit or a third party, when your interests weigh more heavily. If your personal data are processed for direct marketing, you may also object to this processing at any time as well as to any profiling that relates to direct marketing.
File a complaint
You have the right to file a complaint about how we handle your data. When you have a complaint, we prefer to solve it directly with you. In addition, you always have the right to contact the competent authority that supervises the protection of personal data with your complaint. If you want to exercise one of your rights, you may do so as follows.
You can submit your request via mybasic-fit.com,send your request by email to email@example.com or send your request by post to:
Basic-Fit Attn: the Privacy Officer
Wegalaan 60 2132 JC Hoofddorp
Always state the nature of your request: "Inspection request", "rectification request", etc., stating your name, membership number and card number. You will receive a response within one month at the latest of receipt of your request. For questions about this privacy statement and the Basic-Fit policy, please contact firstname.lastname@example.org.