In accordance with new General Data Protection Regulations May 2018 Whole Life Fitness is required to inform you that we keep personal information about you in accordance with Article 6 of the General Data protection Regulation (GDPR May 2018) and of why, where and how we gather and store any personal information about you.
What personal information we collect
The special category of data that is held is health data. We require your medical information for the purposes of preventative or occupational medicine so that the class organized can provide a safe environment for you and ensure that the exercises that you do are appropriate.
We require emergency contact details so that in the event of an medical emergency we are able to contact someone on your behalf.
We ask for email and phone details so that we may contact you about class cancellations or changes.
The following information is collected;
- Email address
- Phone number
- Emergency contact details
- Drs name and contact details
- Health details
What Whole Life Fitness does with your data
I process personal information to provide a professional service on health and fitness programmes, and to maintain my own accounts and records.
The information collected will enable me to;
- Identify medical conditions that may place a client at risk when participating in certain activities.
- Identify possible contraindicated activities.
- Assist in designing an exercise programme that includes safe activities and/or appropriate modifications.
The information I collect is stored in paper format in a locked cabinet and also a password protected excel file electronically.
These details will be stored securely in a locked cupboard and on the computer system and will not be accessed or viewed by anyone other than Whole Life Fitness.
Sharing with third parties
We will never commercially sell your personal data to anyone else.
The information I collect about you is treated confidentially and not shared with any third parties apart from in event of emergency in which case medical details will be shared with any medical professionals attending the scene to ensure your health and safety.
Ensuring your data is accurate:
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
Annually Whole Life Fitness will request that each client completes a PAR-Q form.
Despite our best efforts, errors sometimes do occur. Should you identify any incorrect or out-of-date information in your file, we will remedy any such errors immediately.
How long Whole Life Fitness keep your data:
Except as otherwise permitted or required by law, your personal information will be retained for so long as is reasonably necessary to fulfil the purposes for which it was collected.
Due to the nature of the medical information held this will be kept for 7 years incase of claim of negligence or breach of contract.
Files held in relation to you are deleted when no longer required.
Files held in paper format are shredded in a cross cut paper shredder.
Online data processing:
Computer, laptop and tablet security includes regularly updated antivirus software and secure password protection (regularly changed)
Electronic equipment: I have a computer and a laptop, information is stored on these and accessed only by myself via a secure password/code.
I use Microsoft office outlook and Mailchimp to send/receive all emails. Whole Life Fitness keep a copy of your email on our system to allow us to process emails quickly. Whole Life Fitness do not gather statistics or monitor activity.
I use GiffGaff as my mobile network providers to send and receive text messages. I keep a copy of your mobile phone number in my phone contact list to allow me to send you texts.
No personal information is stored or shared on here.
How you can make a complaint:
We are required to inform you how to make a complaint relating to a data breach or if you think Whole Life Fitness is not processing you data appropriately.
ICO: If you are concerned about a data breach, you can contact the Information Commissionaires Office: https://ico.org.uk/for-organaisations/report-a-abreach
Access to your information and correction
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email me firstname.lastname@example.org
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
For further information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However in a few cases some of our website features may not function as a result.
Our contact details
Data Protection Officer – Helen Rothwell
If you are unhappy with how we have processed your personal information, please contact the Data Protection Officer, details above. If you are still unhappy you may contact:
Information Commissioner’s Office
Cheshire, SK9 5AF
Helpline: (local rate) or 01625 545 745