Who are we?
Stealth Gym provide sports & leisure facilities. Stealth Gym act as a “data controller” of your personal data for the purposes of UK data protection legislation including the General Data Protection Regulation 2016/679 (GDPR). This means that we exercise control over the processing of your personal data and carry data protection responsibility for it.
Our Contact Details
Post: Stealth Gym, The Leasing.com Stadium, London Road, Macclesfield, SK11 7SP
Data we collect
We collect personal data, and may collect special category personal data, as part of providing our facilities to our clients. You provide information about yourself when you register with the gym, and by filling in forms at an event or online, or by corresponding with us by phone, e-mail or otherwise. We may also monitor or record calls, emails, SMS messages or other communications in accordance with UK law. Sometimes, specific products and services, such as apps, may be offered by different entities associated with the gym, in which case the entity providing the product or service will be the data controller, so you should check the individual privacy information published with each service.
Types of data we may collect
Personal data consists of any information which enables you to be identified as a living individual. Examples of personal data we may collect include:
- Names and titles
- Physical address and address history
- Contact details including telephone numbers and email address
- Date of birth
- Special Category Personal Data
- Special category personal data consists of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data which is used to uniquely identify a natural person, concerning health or a natural person’s sex life or sexual orientation.
Examples of special category personal data we may collect include:
- Medical history
- Criminal convictions
We may record details of any disability or health needs you may have at the time of booking an event or service to help us make reasonable adjustments for you and to ensure your safety. We will usually ask your consent to do this, unless there are other legal grounds on which we need to use the information.
In some limited circumstances, we may process information about criminal convictions, where this is necessary for public order and the prevention of crime, and there are adequate protections in place.
We may monitor or record calls, emails, SMS messages or other communications for:
- Business purposes such as quality control and training
- Processing necessary evidence for entering into or performance of a contract
- Prevention of unauthorised use of our telecommunication systems and websites
- Ensuring effective systems’ operation
- Meeting any legal obligation
- Prevention or detection of crime
- For our own legitimate interests
When data is collected
When you purchase products and services, we may collect personal information from you, such as your name, address, delivery address, email, telephone number and payment card details. We will use this information to supply you with products and services, to recover debt, to help us to prevent fraud, and keep records about your purchases.
When you register an account to use certain parts of our websites or apps. When you register an account, you will need to provide basic information about yourself. This will vary depending on which part of our websites or apps you are registering for, but will usually include your email address and may also include other relevant information such as your name, date of birth and/or location. If you do not want us to record this this information about you, please do not register.
When you log in using social media depending on how you log in, we may collect your profile name/user name, profile picture, email address and date of birth. The social media information you consent to share with us will be combined with the other information you provide to us or that we collect about you. We will also collect information about your comments, posts and ‘likes’.
When you move around our sites or use our apps, we will collect information about your visit, such as which pages you visit, how often you visit and which competitions you enter.
We will also automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our sites (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
You can exercise control over some of this information, for example by adjusting your settings via your website browser.
Where we obtain data from?
We collect information from the Membr system and any other data collection services we use to manage your membership and payment preferences.
Why do we collect and use this information and what are the legal grounds for us doing so?
We collect this information to (i) provide you with products and services you request; (ii) make our website available and improve its performance and presentation; (iii) to improve and enhance our services and make them more personal to you; (iv) to provide consistency when using the services offered to you by companies in our group; (v) to administer lottery, competitions and prize draws you enter; (vi) for the purposes of undertaking our business; and (vii) safety and public order and the prevention of crime.
The legal grounds for this processing are:
- our legitimate interests (in carrying on our business, making our website available, and providing our customers with content which is appropriate for them);
- for the performance of our contract with you (where you purchase goods or services from us or via a third-party partner or one of the members of our group);
- to comply with our legal obligations (for example, where we are required to record information in relation to health and safety, or safety and public order at match days as well as age sensitive content).
- In respect of limited categories of data, we may record and use this with your consent (for example, in relation to sending you direct marketing). You can withdraw your consent at any time, but this will not affect any processing undertaken before that point.
- Where we develop a new feature or product (such as an updated ticketing website), if a separate account is required to access this, we may for your convenience automatically create a new account for you using the details associated with your existing account. In this case we will email you to let you know.
Who has access to your data?
Apart from us, other individuals or organisations that may have access to your data include:
- In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party and any organisation appointed to carry out due diligence on their behalf, subject to them signing confidentiality agreements.
- Auditors of our business, for example for accounting or tax purposes or where necessary under contract such as with our Insurers.
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
- Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others.
- Analytics and search engine providers that assist us in the improvement and optimisation of our sites and apps.
- CCTV footage providers
It is our policy to deal only with the person, as our client, for whom we act. In exceptional circumstances, we may, on a case-by-case basis agree to communicate with someone acting on your behalf as ‘authorised caller’, once your consent has been given.
We collect data about you through the use of technology such as cookies.
Your cookie preferences
Managing, Disabling and Enabling Cookies
You have the ability to accept or decline cookies from any website by modifying the settings in your browser. If you wish to restrict or block the cookies which are set by our website, you can do this through your browser settings.
Confidentiality and disclosure of your data
We will endeavour to treat your personal data as private and confidential. From time to time we may employ agents and subcontractors to process your personal data on our behalf. The same duty of confidentiality and security will apply to them and all processing will be carried out under our instruction and with benefit of signed agreements.
We would like to bring to your attention our obligations to disclose data in the following four exceptional cases permitted by law, and the other situations set out below. These are:
- Where we are legally compelled to do so
- Where there is a duty to the public to disclose
- Where disclosure is required to protect our interest
- Where disclosure is made at your request or with your consent
Under the terms of data protection legislation, you have the following rights:
- Right of access; You have a right to access the personal information we hold about you and be told why we use it.
- Right of rectification; You can ask us to correct or update your information to ensure it is accurate and complete.
- Right to erasure and right to restrict processing; You can ask us to stop processing and to delete your data in certain circumstances (for example where it is processed with your consent, or it is no longer necessary for us to process it).
- Right to object; You have a right to object to our processing of your information.
- Rights: profiling and automated decisions; You have a right not to be subject to automated decisions which have a legal effect and to be protected by safeguards in respect of any profiling.
- Right to object to direct marketing; Where you have consented to receive direct marketing, you can change your mind at any time as described in the marketing section above. Please allow a few days for us to action your request.
You can find out more or exercise the above rights by contacting us. Further information is also available from the ICO’s website ( https://www.ico.org.uk).
Fees, information requirements and time limits
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We use industry standard security to encrypt sensitive data in transit to our servers.
It is not anticipated that we will need to transfer your personal data to other companies or service providers located outside of the European Economic Area. The data protection and other laws of these countries may not be as comprehensive as those in the UK or the EEA – but in the event that this is necessary we will take steps to ensure that your data is given an equivalent level of protection as it is in the EEA.
Please be aware that communications over the Internet, such as emails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered – this is the nature of the Internet.
We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control. Additionally, you can protect your system by installing anti-virus and running scans as recommended by the vendor. You should also run any security updates / patches you receive for your system from the supplier.
Never respond to unsolicited emails from unfamiliar sources. Such emails may be fraudulent and attempt to get you to provide your personal details or payment information.
Questions and comments regarding this Privacy Notice should be sent to our Data Protection Officer at The Leasing.com Stadium, London Road, Macclesfield, SK11 7SP or via email at email@example.com
Alternatively, you have the right to lodge a complaint with the Information Commissioner’s Office who may be contacted at Wycliffe House, Water Lane, Wilmslow SK9 5AF or https://ico.org.uk