- EGYM user accounts created through the Sites, Apps, or Equipment (“EGYM Accounts”); and
2. How We Collect Information
Information Collected through the Sites, Apps, and Equipment
We collect information you provide to us when you use the Sites, Apps, and Equipment, such as when you register an EGYM Account, sign up for a subscription, subscribe to or read our emails, enter a promotion or competition we sponsor, apply for a job, or otherwise interact with us. Certain of this information may identify you personally (whether alone or in combination).
The categories of information we collect include:
- Contact Data, including the name, email address, postal address, and telephone number of you or your business.
- Credentials, including your log-in and password details.
- Demographic Data, including your age and gender.
- Transaction Data, including your payment information (collected by our payment processors) as necessary to process your payments and details of any transactions you make.
- Profile Data, including your photo, personal description, and other information in your profile.
- Gym Data, including your gym membership ID, barcode, membership type, favorite gym locations, and gym check-ins.
- Training Data, including your training targets, training experience and exercises, preferred training days, weights used, training challenges, and preferred equipment.
- Physical Characteristics, including your height, body weight, and heart rate. Content, including communications or feedback you send to us, for example to report a problem or to submit queries, concerns, or comments regarding services or content.
- Job Applicant Data, including employment details if you send us a CV, resume, or other details of your employment history in connection with an advertised job vacancy or a general inquiry regarding employment opportunities with us.
In addition, we automatically collect information when you use the Sites, Apps, and Equipment. The categories of information we automatically collect include:
- Service Use Data, including data about features you use, pages you visit, emails and ads you view, products and services you view and purchase, the date and time you browse, and your referring and exiting pages.
- Device Data, including data about the type of internet browser or device you use, your device’s operating software, your internet service provider, your device’s regional and language settings and time zone, and device identifiers such as IP address and Ad Id.
- Imprecise Location Data, such as location derived from an IP address or data that indicates a city or postal code level).
With your consent, we also automatically collect the following categories of information:
- Precise Location Data, such as your latitude/longitude.
- Training Data, including frequency of your training sessions, running speeds, and related workout information.
- Physical Characteristics, including heart rate, work posture, and related information.
The tracking technologies we use to automatically collect information include:
- Log Files. We automatically collect information about you, and store that information in logs.
- Cookies. Cookies are small data files stored to your web browser that act as a unique tag to identify your browser. There are two types of cookies: session and persistent cookies. Session cookies exist only during an online session, and disappear from your device when you close your browser. We use session cookies to process your online transactions and requests, verify your identity, and help you move through our Sites. Persistent cookies remain on your device after you have closed your browser and may remain on your device for extended periods of time. We use persistent cookies to help personalize your experience, remember your preferences, support security features, track user activity and conversions, and bring you advertising.
- App Technologies. There are a variety of tracking technologies that may be included in our Apps, and these are not browser-based like cookies and cannot be controlled by browser settings. For example, our Apps may include third party SDKs, which is code that sends information about your use to a server. These technologies may be used to help personalize your experience, remember your preferences, support security features, track user activity and conversions, and bring you advertising.
- Location-identifying Technologies. GPS (global positioning systems) software, geo-filtering, and other location-aware technologies locate (sometimes precisely) you for purposes such as verifying your location, locating suitable gyms in your area, and delivering or restricting relevant content and advertising based on your location.
For further information on tracking technologies and your rights and choices regarding them, please see the “Other Parties” “Analytics and Advertising,” and “Your Rights and Choices” sections below.
Information Collected from Fitness Facility Customers and Trainers
EGYM provides branded app experiences and technology services for fitness facility customers. As part of our provision of services to fitness facilities, these customers may directly provide EGYM with information about you. For example, a gym to which you belong may share with us your contact data, gym membership ID and barcode, photo, training data, and physical characteristics with us as necessary for us to provide services to them. Similarly, trainers employed by fitness facility customers may provide data about you through the EGYM trainer app we offer to fitness facility customers.
Where we act as a service provider for our fitness facility customers, our customers, and not us, determine what information is shared with us. If you wish to not have your information shared by a fitness facility customer, please contact the fitness facility customer directly. We are not responsible for any customer data practices, and you should carefully review the applicable customer’s policies.
Information from Other Sources
We also collect information from other sources. The categories of other sources from which we collect information include:
- Third party fitness trackers, wearables, and devices if you link the device with our Apps and/or your EGYM Account.
- Social networks with which you interact.
- Partners that offer co-branded services, sell or distribute our products, or engage in joint marketing activities.
- Publicly-available sources, including data in the public domain.
3. How We Use Information
- to manage and provide you with the Service;
- to administer your account and provide you customer service;
- to verify and carry out financial transactions in relation to payments you make online;
- to send you technical notices, updates, security alerts, information regarding changes to our policies, and support and administrative messages;
- to enforce our terms, conditions, and policies;
- to protect our Service (for example, for fraud monitoring and prevention);
- to carry out research and analysis;
- to improve the layout and/or content, marketing efforts, and services we offer and customize the Service for users;
- to save your training preferences;
- to analyze your training activity to give you feedback on your progress and to share that data with your fitness facility and trainers at your fitness facility so that they can recommend corrections in case of incorrect or harmful training behavior or target the training more effectively to your individual training targets;
- to administer prize draws and competitions when you voluntarily elect to participate in promotions;
- to develop and send you marketing, advertising, and communications we think you may find useful or which you have requested from us, including information about our products and services or those of carefully selected third parties;
- to serve you advertising;
- to fulfill any other purpose at your direction, such as linking third party fitness trackers, wearables, and devices with our Apps and/or your EGYM Account; and
- with notice to you and your consent.
Notwithstanding the above, we may use information that does not identify you (including information that has been aggregated or de-identified) for any purpose except as prohibited by applicable law. For information on your rights and choices regarding how we use information about you, please see the “Your Rights and Choices” section below.
4. How We Share Information
- Service Providers. We share information with our agents, contractors, and other service provider that process the information on our behalf for business purposes. Service providers assist us with services such as processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analyzing data, advertising, website hosting, and providing support services Our service providers are contractually prohibited from using your information for any purpose other than performing the services for us, although we may permit them to use information that does not identify you (including information that has been aggregated or de-identified) for any purpose except as prohibited by applicable law.
- Vendors and Other Parties. We share information with vendors and other parties for analytics and advertising purposes. Vendors and other parties may act as our service providers, or in certain contexts, independently decide how to process your information. For more information on advertising and analytics, see the “Analytics and Advertising” section below.
- Affiliates. We share information with our affiliates and related entities, including where they act as our service providers or for their own internal purposes.
- With Fitness Facility Customers. We share information with fitness facilities customers in connection with the services we provide to them. For example, trainers employed by fitness facilities where you are registered as a member may have access to training data in order to analyze the training and make recommendations in light of unhealthy or incorrect practices and, where required, to make personal recommendations allowing for the further optimization of personal fitness goals. We also share information with fitness facility customers in order to maintain services, respond to your questions and comments, comply with your requests, market and advertise to you, and otherwise comply with applicable law.
- Partners. We share information with our partners in connection with offering co-branded services, selling or distributing our products, or engaging in joint marketing activities
- Promotions. When you voluntarily enter a sweepstakes, contest, or other promotion, we share information as set out in the official rules that govern the promotion as well as for administrative purposes and as required by law (e.g., on a winners list). By entering a promotion, you agree to the official rules that govern that promotion, and may, except where prohibited by applicable law, allow the sponsor and/or other parties to use your name, voice and/or likeness in advertising or marketing materials.
- Merger or Acquisition. In the event that we negotiate or undergo reorganization or we or any of our assets are sold to a third party, you agree that the information we hold about you may be transferred to that reorganized entity or third party.
- To Protect Rights and Safety. We share information to comply with the law or if we believe that such action is necessary to prevent fraud or cybercrime, enforce our Terms, or protect the Service or the rights, property or personal safety of any person. We must disclose information about you in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
- Facilitating Requests. We share information at your request or direction, such as to link third party fitness trackers, wearables, and devices with our Apps and/or your EGYM Account.
- With your Consent. We share information with notice to you and your consent.
Notwithstanding the above, we may share information that does not identify you (including information that has been aggregated or de-identified) except as prohibited by applicable law. For information on your rights and choices regarding how we share information about you, please see the “Your Rights and Choices” section below.
5. Sharing Activity
If you have an EGYM Account, you may be able to share certain information about your account activity with other Service users. For example, you may be able to share your name, photo, activity points, gym ranking, ranking and progress in challenges, when and what workout you completed, and overview of workouts, such as calories burned and miles ran. You may also be able to comment on other user workouts.
You should think carefully about what information you choose to disclose – EGYM is not responsible for the conduct of other users with whom you decide to share your information and those users may choose to make that information public. You may change your settings at any time through your EGYM Account settings as further set out in “Your Rights and Choices” below.
6. Other Parties
7. Analytics and Advertising
We use analytics services, such as Google Analytics, to help evaluate usage of our Sites and Apps, and improve our services, content, performance, advertising, and user experiences. In addition, we work with agencies, advertisers, ad networks, and other technology services, such as Facebook and Google, to place ads about our products and services on other websites and services.
As part of this process, we may incorporate tracking technologies from us and other parties into our own Sites and Apps (including our emails) as well as into our ads displayed on other websites and services. These tracking technologies may collect data across time and services for purposes of measuring conversions or actions you take, associating the various devices you use, and serving ads and/or other content targeted to your interests (“Interest-based Advertising”). For instance, we incorporate pixels and SDKs from Facebook and Google in the Sites and Apps, and may share information with them for these purposes as well as to provide you with other functionality.
We also use audience matching services (which is a type of Interest-Based Advertising) to reach people (or people similar to people) who have visited our Sites or Apps or are identified in one or more of our databases (“Matched Ads”). This is done by us sharing a list of hashed emails with an ad partner or incorporating a pixel or SDK from an ad partner into our own Service, and the ad partner matching common factors between our data and their data or other datasets. For instance, we use Facebook Custom Audiences to serve ads to our users and similar users on Facebook.
8. Your Rights and Choices
You may access, update, and remove certain information that you have voluntarily submitted to us through your EGYM Account through your account settings or by emailing us at email@example.com. We may require additional information from you to allow us to confirm your identity. Please note that we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you link our Apps and/or your EGYM Account with third party fitness trackers, wearables, and devices with our Apps and/or your EGYM Account, you can unlink such devices through your device and/or account settings.
Most web browsers automatically accept cookies, but if you prefer, you may be able to edit your browser settings to block them in the future. If you use multiple browsers on your device, you will need to instruct each browser separately. Your ability to limit cookies is subject to your browser settings and limitations.
Currently, unless and until the law is interpreted to require us to do so, our systems do not monitor or take action with respect to browser “Do-Not-Track” requests. You may, however, disable certain tracking as discussed in this section (e.g., by disabling cookies); you also may opt-out of targeted advertising by following the instructions in the “Analytics and Advertising Choices” section below.
With respect to our Apps, you can stop all collection of information via an App by uninstalling the App. You may also turn off location-based functions through the location settings on your device. You can also reset your device Ad Id at any time through your device settings, which is designed to allow you to limit the use of information collected about you.
Analytics and Advertising Choices
In addition, we work with companies that participate in the Digital Advertising Alliance (“DAA”) and/or the Network Advertising Initiative (“NAI”). To learn more about the targeted ads provided by these companies, and how to opt out of receiving certain targeted ads from them, please visit: (i) for website targeted ads from DAA participants, https://www.aboutads.info/choices; (ii) for app targeted ads from DAA participants, https://www.aboutads.info/appchoices; and (iii) for targeted ads from NAI participants, https://www.networkadvertising.org/choices.
Opting out only means that the selected participants should no longer deliver certain targeted ads to you, but does not mean you will no longer receive any targeted advertising or content. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browser is configured to reject cookies when you opt-out on the DAA or NAI websites, your opt-out may not be effective. We are not responsible for the effectiveness of, or compliance with, any opt out options or programs, or the accuracy of any other parties’ statements regarding their opt out options or programs.
To opt out of us sharing your hashed email address for Matched Ads, please contact us at firstname.lastname@example.org and specify that you wish to opt out of Matched Ads. We will remove your email address from any subsequent lists shared with other parties for purposes of Matched Ads.
Please note that if you opt out using any of these methods, the opt out will only apply to the specific browser or device from which you opt out. We are not responsible for the effectiveness of, or compliance with, any opt out options or programs, or the accuracy of any other entities’ statements regarding their opt out options or programs.
Where required by law in the applicable jurisdiction, we will obtain opt-in consent prior to sending you promotional emails. For all jurisdictions, you can unsubscribe from our promotional emails, including our newsletters, at any time by following the instructions as provided in our emails to click on the unsubscribe link or emailing us at email@example.com. Please note that your opt-out is limited to the email address used, will only affect the subscription you indicate, and will not affect non-promotional communications, such as those about your account, transactions, servicing, or EGYM’s ongoing business relations.
If you have an EGYM Account, you may change at any time how you share certain information about your account activity with other Service users. Visit your EGYM Account settings for more information. Please note EGYM is not responsible for any public information shared by you prior to limiting your settings.
Our Service is not designed for children under 13 and we do not knowingly collect personal information (as defined by the U.S. Children’s Privacy Protection Act or “COPPA”) from children. If you are a parent or guardian and believe we have collected personal information from you child in a manner not permitted by COPPA, please contact us as set out in the “Contact Us” section below. If we discover that we have collected personal information from a child, we will delete such information from our systems. We do not knowingly “sell” the personal information of minors under 16 years old who are California residents.
We have security measures in place designed to safeguard information about you against loss, destruction, misuse, or unauthorized access or disclosure. For example, we periodically review our internal security measures and policies, and implement measures designed to restrict unauthorized personnel from accessing information about you. Nevertheless, you should bear in mind that transmission of information over the internet is never entirely secure, and we cannot guarantee the security of information about you.
11. International Transfer and Privacy Shield
EGYM has applied to participate in the EU-U.S. Privacy Shield Framework and Swiss U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from the EEA, the United Kingdom, and Switzerland. EGYM has certified or will certify to the Department of Commerce that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability. For purposes of this section, EGYM refers to the following U.S. legal entities: EGYM, Inc.
In accordance with our obligations under Privacy Shield, and subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission, we hereby affirm our commitment to subject to the Privacy Shield Principles all personal data transferred from the EEA, the United Kingdom, and Switzerland in reliance on the Privacy Shield. This means that, in addition to our other obligations under the Privacy Shield Principles, we shall be liable to you for any third party agent to which we transfer your personal data in reliance on Privacy Shield and that processes such personal data in a manner that violates the Privacy Shield Principles, unless we can demonstrate that we are not responsible for the resulting damages.
You have the right to ask us not to disclose your personal data to a third party (except where the third party is acting as an agent to perform tasks on our behalf and under our instruction) or purposes materially different than for which the personal data was originally collected or subsequently authorized by you.
For inquiries or complaints regarding our compliance with Privacy Shield, or to exercise your rights, please contact us as set out in the “Contact Us” section below. If we are unable to resolve your complaint directly, you may submit your complaint at no cost to you to JAMS at https://www.jamsadr.com/eu-us-privacy-shield. In the event there are residual complaints that have not been resolved by JAMS, or any other means, you may seek a non-monetary remedy through binding arbitration to be provided to you in accordance with the Privacy Shield Principles.
To learn more about the Privacy Shield Framework, please visit http://www.privacyshield.gov.
13. Contact Us
By email: firstname.lastname@example.org
Attention: Privacy Compliance
2530 Frontier Avenue
Boulder, CO 80301
14. Additional Disclosures for Nevada Residents
Nevada law (NRS 603A.340) requires each business to establish a designated request address where Nevada consumers may submit requests directing the business not to sell certain kinds of personal information that the business has collected or will collect about the consumer. A sale under Nevada law is the exchange of personal information for monetary consideration by the business to a third party for the third party to license or sell the personal information to other third parties. If you are a Nevada consumer and wish to submit a request relating to our compliance with Nevada law, please contact us as at email@example.com.
15. Additional Disclosures for California Residents
The California Consumer Privacy Act of 2018 (“CCPA”) provides additional rights to know, delete and opt out, and requires businesses collecting or disclosing personal information to provide notices and means to exercise rights. These additional disclosures apply only to California residents and where EGYM processes your personal information as a business.
If personal information about you has been processed by us as a service provider on behalf of a fitness facility customer and you wish to exercise any rights you have with such personal information, please inquire with our customer directly. If you wish to make your request directly to us, please provide the name of our fitness facility customer on whose behalf we processed your personal information. We will refer your request to that customer, and will support them to the extent required by applicable law in responding to your request.
Notice of Collection.
In the past 12 months, we have collected the following categories of personal information enumerated in the CCPA:
- Identifiers, including name, postal address, email address, and online identifiers (such as IP address).
- Customer records, including phone number, billing address, and credit or debit card information.
- Characteristics of protected classifications under California or federal law, including gender.
- Commercial or transactions information, including records of products or services purchased, obtained, or considered.
- Internet activity, including browsing history, search history, and interactions with a website, email, application, or advertisement.
- Geolocation data.
- Employment and education information.
- Inferences drawn from the above information about your predicted characteristics and preferences.
For further details on information we collect, including the sources from which we may have collected personal information in the past 12 months, review the “How We Collect Information” section above. We collect and use these categories of personal information for the business purposes described in the “How We Use Information” section above.
Right to Know and Delete.
You have the right to know certain details about our data practices in the past 12 months. In particular, you may request the following from us:
- The categories of personal information we have collected about you;
- The categories of sources from which the personal information was collected;
- The categories of personal information about you we disclosed for a business purpose or sold;
- The categories of third parties to whom the personal information was disclosed for a business purpose or sold;
- The business or commercial purpose for collecting or selling the personal information; and
- The specific pieces of personal information we have collected about you.
In addition, you have the right to delete the personal information we have collected from you.
To exercise any of these rights, please submit a request through our Online Support Form or call our toll free number at 866-621-0307. In the request, please specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within 10 days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests to know or delete.
Right to Opt-Out.
To the extent EGYM sells your personal information as the term “sell” is defined under the CCPA, you have the right to opt-out of the sale of your personal information by us to third parties at any time. You may submit a request to opt-out by clicking Do Not Sell My Personal Information on www.egym.com.
You can designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly.
Right to Non-Discrimination.
You have the right not to receive discriminatory treatment by us for the exercise of any your rights.
Shine the Light.
California’s “Shine the Light” law permits customers who are California residents to request certain details about how certain types of their information are shared with third parties and, in some cases, affiliates, for those third parties’ and affiliates’ own direct marketing purposes. To exercise a request, please write us at the email or postal address set out in “Contact Us” above and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.
If you are a California resident under 18 years old and registered to use the Service, you can ask us to remove any content or information you have posted on the Service. To make a request, email us at firstname.lastname@example.org with “California Under 18 Content Removal Request” in the subject line, and tell us what you want removed. We will make reasonable good faith efforts to remove the post from prospective public view, although we cannot ensure the complete or comprehensive removal of the content and may retain the content as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Last Updated: August 2020