PRIVACY POLICY 

Last revised: April 3, 2024 
Effective: May 3, 2024 

1. Introduction 

  1. This privacy policy (“Privacy Policy”) applies to personal information provided to GymSales Software Pty Ltd. (the “Vendor,” “we,” “us,” or “our”) through the services we make or offer (“Services”), including the GymSales software-as-a-service platform as well as any associated website, application, or widget that links to this Privacy Policy.  
  1. This Privacy Policy covers how our Services process information relating to identified or identifiable individuals and households (“Personal Information”). (We use the term “process” to refer to the collection, use, storage, and sharing of Personal Information.)  
  1. We process Personal Information on behalf of our customers (“GymSales Customers”), which include various kinds of individuals and businesses who provide fitness training, coaching, or other fitness center services to individuals (“End Users”). For instance, our customers include a wide variety of personal trainers, coaches, studios, and fitness facilities. We also process certain Personal Information of our customers on our own behalf, and this kind of processing is also described in this Privacy Notice.  
  1. Your Personal Information may be shared with third parties. For example, if you use the Services as an actual or prospective gym customer as part of your fitness facility membership, your Personal Information may also be provided to your fitness facility and/or your trainer. This Privacy Policy does not cover collection and use of Personal Information by third parties, and we are not responsible for the actions of third parties with respect to your Personal Information. You are encouraged to review the privacy practices of your fitness facility and/or trainer prior to providing Personal Information. 
  1. We shall revise this Privacy Policy when our Personal Information processing practices change. The most current version of which shall always be available at https://www.Gymsales.io/privacy-policy.  

2. Processing of Personal Information 

  1. Our Services collect the following categories of Personal Information: 
    • Information you submit to us
      • Identity information: in the event that you choose to register as a user of the Services, you will be asked to create a unique username and private password (collectively, the “Access ID”) which will be used to create and activate an account through which we can make the Services available to you (the “Account”). We may require certain information such as your name, address, telephone number, GymSales Customer Entity Name, and email address to make the Services available to you.  
    • Information we collect from your use of the Services 
      • Log and usage data: we collect log data and usage information relating to your use of the Services. For example, we collect information about how you interact with the Services, such as when you log into your Account, how you navigate the Services, and what functions you use in the Services. We also collect information about the devices used to access the Services, such as the device type, operating system, and IP address. 
    • Information we collect from third parties  
      • Consumer profile information: Information used to create a GymSales Customer profile about you reflecting your preferences, market segments, likes, favorites and other data or analytics provided about you or your account by the applicable GymSales Customer. 
  2. We use Personal Information for the following purposes: 
    • to respond to any request for customer service or technical support; 
    • to make the Services available to you and to other users of the Services; 
    • to improve the quality of the Services; 
    • to assess service levels, monitor traffic patterns and gauge popularity of different features, functionalities, and service options of, or related to, the Services; 
    • to create and manage your Account, and to verify access rights to the Services; 
    • to bill, or render invoices relating to, your Account, and to collect any debt owed to us; 
    • to facilitate payments between you and other users of the Services; 
    • to communicate with you, including for the purpose of providing you with notifications, content, and information about the Services; 
    • to communicate with you for marketing purposes with your consent; 
    • to administer, maintain, monitor, and secure the Services; 
    • to respond to claims of any violation of our rights or those of any third party;  
    • to protect the rights, property, or personal safety of you, our personnel, other users, and the public; 
    • as required to comply with any applicable laws, or as authorized by any applicable laws; and 
    • for any other purpose pursuant to your consent or direction. 
  3. You may at any point withdraw your consent to receive the marketing communications set out above. We provide an “opt-out” function within all email and SMS communications of this nature, and/or will cease communications of this nature if you inform us that you would like to opt-out. 
  4. We retain each category of Personal Information above in accordance with the instructions and contracts of our GymSales Customers, and thereafter for as long as may be reasonably to achieve the purposes for which it was collected or as may be required or permitted by law, after which time we will delete the Personal Information or aggregate or anonymize the information so that it no longer relates to an identified or identifiable person or household. We generally consider the following factors when we determine how long to retain Personal Information: (1) retention periods established under our contracts with GymSales Customers and/or applicable law; (2) industry best practices; (3) whether the purpose of processing is reasonably likely to justify further processing; (4) risks to individual privacy in continued processing; (5) applicable data protection impact assessments; (6) IT systems design considerations/limitations; and (7) the costs associated with continued processing, retention, and deletion. For more information about our retention periods, please contact us using the information in the “Contact Us” section, below.

3. When Gyms Interact with Our Service 

  1. Depending on the settings elected by the applicable GymSales Customer you are associated with, the Services may include recording calls for the following purpose: 
    • To improve the quality of customer support and services. 
    • To ensure compliance with legal and regulatory requirements. 
    • To resolve disputes and address issues related to your interaction with the GymSales Customer you are associated with. 
  2. When the GymSales Customer selects this option, you consent by using the services and engaging in calls.  You consent to the recording of those calls for the purposes mentioned above.  You may choose not to engage in the recording of calls by informing the representative or hanging up. 
  3. Recorded calls may include information such as the conversation, the date and time of the call, the phone numbers involved, and any other information you may provide during the duration of the phone call.  
  4. Recorded calls will be used for the purposes mentioned in Section a(i-iii). 
  5. We will retain recorded calls for the specified period of time set forth above in this Privacy Policy, after which they will be securely deleted or anonymized to protect your privacy. 
  6. You have the right to access and, if necessary, request the correction or deletion of recorded calls that may contain personal information about you.  Please contact Privacy@Gymsales.net for assistance with this type of request.  

4. The Legal Basis for Processing Your Personal Information 

  1. For users of our Services in the EU and UK, the legal bases for our processing of Personal Information is primarily that the processing is necessary for providing and supporting the Services for which you, as an actual or prospective gym customer, or GymSales Customer have requested. 
  2. We may also process Personal Information in accordance with our legitimate interests, as outlined in this privacy policy, or because of a non-contractual legal obligation that applies to us, such as legally compelled disclosures.  
  3. We may also, on occasion, process Personal Information on the basis of your consent. Under such circumstances, you have the right to withdraw your consent. 

5. Disclosure of Personal Information 

We disclose Personal Information as described below.  

  1. If you are an actual or prospective gym customer, Personal Information you provide may be shared with the GymSales Customer. 
  2. If you are a gym member or prospective member, Information you provide may be shared with the GymSales Customer with which you are associated. 
  3. We may share Personal Information of data subjects to third parties who act as sub-processors, or are fulfilling a legal, regulatory, or compliance obligation to which we and or GymSales Customers’ are obliged to comply with.  
  4. We may also share Personal Information with third parties when needed to comply with a legal obligation that we are subject to. 
  5. We may share Personal Information to a successor or potential successor to all or a part of our business. 
  6. We share Personal Information with our partner organizations, such as the GymSales family of companies, which includes parents, corporate affiliates, subsidiaries, business units and other companies that share common ownership. 
  7. If you are a consumer, we may share your Personal Information with third parties who act as sub-processors, or are fulfilling a legal, regulatory, or compliance obligation to which we and or GymSales Customers’ are obliged to comply with. 
  8. At your direction, we share Personal Information with third-party partners in connection with your use of the functionality of the Services. This includes companies that collect, analyze, process, and/or store data. 

6. Children’s Privacy 

We do not direct the Services to children under the legal age of majority in their jurisdiction, typically age 13, or knowingly collect Personal Information from children under that age. If you have not reached the legal age of majority in your jurisdiction, our Terms of Service do not allow you to use our Services. If we learn that Personal Information has been collected on the Services from persons under that age, we will promptly delete this information. If you are a parent or guardian and discover that your child has provided Personal Information, then you may alert us as set forth in the “Contact Us” section, below, and request that we delete your child’s Personal Information from our Services. 

7. Rights to Your Information 

In some situations, you may be entitled to exercise rights relating to your Personal Information, including: (i) the right to withdraw consent to processing; (ii) the right to access your Personal Information and certain other supplementary information, under certain conditions; (iii) the right to object to data processing premised on our legitimate interests, a third party’s legitimate interests, the public interest, or official authority vested in us; (iv) the right to erasure of Personal Information about you, under certain conditions; (v) the right to demand that we restrict processing of your Personal Information, under certain conditions, if you believe we have exceeded the legitimate basis for processing, processing is no longer necessary, are processing, or believe your Personal Information is inaccurate; (vi) the right to data portability of Personal Information concerning you that you provided us in a structured, commonly used, and machine-readable format, under certain conditions; (vii) the right object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you, under certain conditions; (viii) the right to lodge a complaint with data protection authorities; (ix) the right to request that we rectify or correct inaccurate Personal Information; and (x) the right to appeal the action we take in response to your request to exercise any of your other rights.  If you contact us to appeal, please tell us why you believe we erred in responding to your request. We will respond to your appeal in accord with the timelines set forth in applicable law. To exercise your rights, please submit a request by contacting us through any of the means outlined in the “Contact Us” section, below. 

8. Do Not Track and Global Privacy Control Signals 

Because no consensus has emerged on how to handle “Do Not Track” signals, the Services do not respond to such signals or use them to alter how Personal Information is processed. We also do not process the Global Privacy Control signal because, in connection with the Services, we do not sell or share Personal Information for cross-contextual behavioral advertising purposes.  

9. Security

  1. We strive to prevent unauthorized access to your Personal Information. We will regularly assess our security to ensure that we have in place reasonable technical, administrative, and physical safeguards in place to protect your Personal Information from unauthorized access, use, and disclosure. 
  2. We take steps designed to ensure that only those of our employees who need access to your Personal Information to fulfil their employment duties will have access to it.  
  3. Nevertheless, there is no guarantee that such technology or procedures can or will eliminate the risks of unauthorized access, use, disclosure, theft, loss or misuse. 
  4. Do not disclose your Access ID to anyone. If you forget your password, we will ask you for the username associated with your Access ID and will send you an email containing your password to the email address associated with your Access ID. 
  5. If you are a gym employee or other personnel, you are responsible for maintaining the secrecy of your Access ID. If you disclose your Access ID, others who have your Access ID will be able to access your Personal Information.  
  6. We cannot be responsible for and do not control how other users of our Services use your Personal Information. You should use caution in sharing your Personal Information with others through the Services. 
  7. If we learn of a breach of security, we will comply with the notification rules set forth in applicable law.  

10. Jurisdictions Where Processing Occurs 

Your Personal Information may be processed in any country where we have facilities or in which we engage third-party processors/service providers, currently the United States, Canada, the United Kingdom, and Australia. By using the Services, you consent to the transfer of information to countries outside your country of residence, which may have different data protection rules than in your country. While such information is outside of the jurisdiction where it was collected, it may be subject to the laws of the country in which it is held, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country. However, our practices regarding your Personal Information will at all times continue to be governed by this Privacy Policy and, if applicable, we will comply with the General Data Protection Regulation (“GDPR”) requirements for the transfer of Personal Information from the EU/EEA to a third country. 

11. California Privacy Information 

  1. Your California Privacy Rights 

If you are a California resident, you may have certain rights as a consumer regarding your personal information conferred under Cal. Civ. Code § 1798.100, et seq., known as the California Consumer Privacy Act (CCPA). These rights include: 

  • the “right to know,” meaning the right to request any or all of the following: 
    • the specific pieces of personal information we collected about you;  
    • the categories of personal information we collected; 
    • the categories of sources used to collect the personal information;  
    • the business or commercial purposes for collecting your personal information; and  
    • the categories of third parties with whom we have shared your personal information 
  • the right to request deletion of your personal information that we collected 
  • the right to have someone you authorize make a request on your behalf 
  • the right to opt-out of “sale” (as that term is defined in the CCPA) or the sharing of personal information for cross-contextual behavioral advertising purposes; please note, however, that, in connection with the Services, we do not sell or share personal information for cross-contextual behavioral advertising purposes 
  • the right to make a request for the correction of errors or inaccuracies in your personal information 
  • the right to restrict the processing of sensitive personal information 
  • the right not to be discriminated against for exercising any of these rights 
  • the right to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. 

Only you, or someone legally authorized to act on your behalf, may make a request related to your personal information. We will verify that any requests from persons other than you have your legal authorization. You may also make a request on behalf of your child.  

Your request must: 

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and 
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. 
  1. Collection of Personal Information 

The following tables show the categories of personal information we have collected in connection with the Services in the last 12 months and indicates whether each category of personal information has been shared for a business purpose or sold to a third party. 

Category Collected 
A. Identifiers. Yes 
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). Yes 
C. Protected classification characteristics under California or federal law. Yes 
D. Commercial information. Yes 
E. Biometric information. No 
F. Internet or other similar network activity. Yes 
G. Geolocation data. Yes 
H. Sensory data.  No 
I. Professional or employment-related information. No 
J. Non-public education information  No 
K. Inferences drawn from other personal information. Yes  
  1. Disclosure of Personal Information 
Category If sold or shared, categories of recipients Categories of recipients to which information is disclosed for a business purpose 
A. Identifiers. Not sold or shared Service providers 
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) Not sold or shared Service providers 
C. Protected classification characteristics under California or federal law. Not sold or shared Service Providers 
D. Commercial information. Not sold or shared Service providers 
E. Biometric information. Not sold or shared None 
F. Internet or other similar network activity. Not sold or shared Service providers 
G. Geolocation data. Not sold or shared Service providers 
H. Sensory data. Not sold or shared None 
I. Professional or employment-related information. Not sold or shared None 
J. Non-public education information Not sold or shared None 
K. Inferences drawn from other personal information.  Not sold or shared Service providers 
  1. Sensitive Personal Information 

The following table shows the categories of sensitive Personal Information we collect in connection with the Services along with the purposes for which each category is processed and whether we sell or share such Personal Information for cross-contextual behavioral advertising purposes. 

Category Purposes Sold/shared  
Social security, driver’s license, state identification card, or passport number Not collected No 
For employees of GymSales Customers Account log-in,  For processing your access to the Services No 
Precise geolocation Not collected No 
Racial or ethnic origin Not collected No 
Contents of correspondence (other than correspondence directed to us) To facilitate messaging between users No 
Genetic Data Not collected No 
Biometric information processed to identify you Not collected No 
Data concerning your health To provide the Services and if entered by you or the club. No  

12. Contact Us

If you have any questions or comments about this Privacy Policy or our processing of your Personal Information, to make an access or correction request, to exercise any applicable rights, to make a complaint, or to obtain information about our policies and practices, you may contact us by emailing privacy@gymsales.net, calling us toll free at 1-844-625-1155, or mailing us at GymSales Software Pty Ltd, c/o ABC Fitness Solutions, LLC, 2600 North Dallas Parkway, Suite 590, Frisco, TX 75034.