- Introduction
-
This privacy policy (“Privacy Policy”) applies to personal information provided to TSR Gym Technik Ltd.
(the “Vendor” “we”
“us” or “our”) through the services we make or
offer (“Services”), including the
Trainerize software-as-a-service platform as well as any associated website, application, or widget that
links to this Privacy Policy. TSR Gym Technik Ltd. is an affiliate of ABC Fitness Solutions, LLC, who may operate under any of the following developer names: Ignite Engagement; Ignite Engagement 1; Trainerize CBA-STUDIO; Trainerize CBA-STUDIO 1; Trainerize CBA-STUDIO 2; Trainerize CBA-ENTERPRISE; CBA-Pro1; CBA-Pro2.
- This Privacy Policy covers how our Services process information relating to identified or identifiable
individuals and households (“Personal Information”). (We use the term
“process” to refer to the
collection, use, storage, and sharing of Personal Information.)
- We process Personal Information on behalf of our customers (“TSR Customers”), which include various
kinds of individuals and businesses who provide training, coaching, or similar services to individuals
(“Trainees”). For instance, our customers include a wide variety of personal trainers, coaches, studios,
clinics, and fitness facilities. We provide this Privacy Policy on their behalf.
- We also process certain Personal Information of our customers on our own behalf, and this kind of
processing is also described in this Privacy Notice.
- Your Personal Information may be shared with third parties. For example, if you use the Services as a
trainee as part of your fitness facility membership or as a trainer for a TSR Customer, your Personal
Information may also be provided to your fitness facility and/or your trainer. This Privacy Policy does
not cover collection and use of Personal Information by third parties, and we are not responsible for
the actions of third parties with respect to your Personal Information. You are encouraged to review the
privacy practices of your fitness facility and/or trainer prior to providing Personal Information.
- We shall revise this Privacy Policy when our Personal Information processing practices change. The most
current version of which shall always be available at https://www.trainerize.com/privacy.
- Please note that we are not regulated under the Health Insurance Portability and Accountability Act of
1996 (“HIPAA”). Consequently, we are not required to comply with that law in our delivery of the Service
or the processing of your Personal Information.
- Processing of Personal Information
- Our Services collect the following categories of Personal Information:
- Information you submit to us
-
Account and identity information: in the event that you choose to register as a
user of
the Services, you will be asked to create a unique username and private password
(collectively, the “Access ID”) which will be used to
create and activate an account
through which we can make the Services available to you (the
“Account”). We may require
certain information such as your name, address, telephone number, and email address to
make the Services available to you. Trainers may also elect to import their trainees’
contacts and information contained from their contact lists.
-
Fitness information: you may choose to provide other information to improve
your
experience or enable certain features of the Services. If you are a Trainer (as defined
in the Terms of Service), such information can include fitness and meal plans you create
for Trainees (as defined in the Terms of Service). If you are a Trainee, such
information can include your fitness and nutrition information.
- Financial information: we may collect billing and other financial information
to process
payments required in connection with the Services.
- Commercial information: we maintain records about the transactions you engage
in with us
or other parties (e.g., a Trainer) through the Services, such as information about
purchases, what has been provided to you, when and where, if applicable, how much you
paid, and similar information.
- User content: you may choose to provide additional information to improve your
experience or for Trainees’ or Trainers’ experiences which may be in any form, such as
text, images, sound, or video. You may also choose to provide additional information to
us, such as when you contact us for technical support through the Services, participate
in a poll, survey, or otherwise provide feedback on the Services.
-
Information we collect from your use of the Services
- Log and usage data: we collect log data and usage information relating to your
use of
the Services. For example, we collect information about how you interact with the
Services, such as when you log into your Account, how you navigate the Services, and
what functions you use in the Services. We also collect information about the devices
used to access the Services, such as the device type, operating system, and IP address.
- Location Information: With your consent, we collect Personal Information about
your
location.
-
Information we collect from third parties
- Social Media and App Information: If you link your Account to third-party
services, we
may collect information about you from such other services. You can also link your
Account to other social media, fitness, or business applications. The types of
information we may collect from such third-party services depends on the nature of the
third-party services you connect to your Account. For example, you can link your account
to Facebook and import your Facebook profile information. You may also choose to grant
us access to fitness or activity information from a third-party fitness application.
- YouTube API Data: Without limiting the foregoing, the Services use certain
YouTube API
Services. Google, which operates YouTube, describes its processing of Personal
Information in its privacy policy at https://www.google.com/policies/privacy. We
process data, content (including audiovisual content) and information provided to the
Services through the YouTube API services, including without limitation YouTube Video ID
information, connection tokens for YouTube channels, and YouTube video thumbnail
information (collectively, the “YouTube API Data”) to
provide the functionality of the
Services to you, including without limitation to (i) enable Trainers to search and
select video content (including training exercises) for sharing and display to Trainees
and other users of the Services; (ii) enable Trainers to connect to their YouTube
channel, and create custom video content (including training exercises) for the Services
and link to, share and display such content and control the settings of such content
(including un-listing the content from YouTube); (iii) enable Trainers, Trainees, and
other users of the Services to play YouTube content through the Services.
- Consumer profile information: Information used to create a profile about you
reflecting
your preferences, market segments, likes, favorites and other data or analytics provided
about you or your account by a Trainer, TSR Customer, social media companies or data
aggregators, including household data, the products and services you use or intend to
use or purchase, and your interests.
- We use Personal Information for the following purposes:
- to create and activate your Account;
- to respond to any request for customer service or technical support;
- to make the Services available to you and to other users of the Services;
- to improve the quality of the Services;
- to assess service levels, monitor traffic patterns and gauge popularity of different features,
functionalities and service options of, or related to, the Services;
- to create and manage your Account, and to verify access rights to the Services;
- to bill, or render invoices relating to, your Account, and to collect any debt owed to us;
- to facilitate payments between you and other users of the Services;
- to communicate with you, including for the purpose of providing you with notifications, content,
and information about your Account and/or the Services;
- to communicate with you for marketing purposes with your consent;
- to administer, maintain, monitor, and secure the Services;
- to respond to claims of any violation of our rights or those of any third party;
- to protect the rights, property, or personal safety of you, our personnel, other users, and the
public;
- as required to comply with any applicable laws, or as authorized by any applicable laws; and
- You may at any point withdraw your consent to receive the marketing communications set out above. We
provide an “opt-out” function within all email communications of this nature, and/or will cease
communications of this nature if you inform us that you would like to opt-out. However, you may not
opt-out of communications related to the Services or your Account.
- We retain each category of Personal Information above for as long as may be reasonably to achieve the
purposes for which it was collected or as may be required or permitted by law, after which time we will
delete the Personal Information or aggregate or anonymize the information so that it no longer relates
to an identified or identifiable person or household. We generally consider the following factors when
we determine how long to retain Personal Information: (1) retention periods established under applicable
law; (2) industry best practices; (3) whether the purpose of processing is reasonably likely to justify
further processing; (4) risks to individual privacy in continued processing; (5) applicable data
protection impact assessments; (6) IT systems design considerations/limitations; and (7) the costs
associated with continued processing, retention, and deletion. For more information about our retention
periods, please contact us using the information in the “Contact Us” section, below.
- The Legal Basis for Processing Your Personal Information
- For users of our Services in the EU and UK, the legal bases for our processing of Personal Information
is primarily that the processing is necessary for providing and supporting the Services for which you,
as a Trainee, Trainer, or TSR Customer have entered into a contract with us.
- We may also process Personal Information in accordance with our legitimate interests, as outlined in
this privacy policy, or because of a non-contractual legal obligation that applies to us, such as
legally compelled disclosures.
- We may also, on occasion, process Personal Information on the basis of your consent. Under such
circumstances, you have the right to withdraw your consent.
- Disclosure of Personal Information
We disclose Personal Information as described below.
- If you are a Trainee, Personal Information you provide may be shared with your Trainer and/or TSR Customer.
- If you are a Trainer, Personal Information you provide may be shared with the TSR Customer with which you
are associated.
- We share Personal Information with law enforcement authorities who make a request in accordance with
applicable law.
- We may also share Personal Information with third parties when needed to comply with a legal obligation that
we are subject to.
- We may share Personal Information to a successor or potential successor to all or a part of our business.
- We share Personal Information with our partner organizations, such as the Trainerize family of companies,
which includes parents, corporate affiliates, subsidiaries, business units and other companies that share
common ownership.
- We share Personal Information with third-party service providers that we engage with contracts that require
them to use your Personal Information only for the purpose of delivering the services for which we have
engaged the third-party or as otherwise permitted by law. These kinds of third parties provide business,
professional, administrative, or technical support functions for us, such as payment processing, billing,
data storage, transmission of email or other messages, and quality assurance.
- At your direction, we share Personal Information with third-party partners in connection with your use of
the functionality of the Services. This includes companies, such as FitBit, Garmin, and Withings, that
collect, analyze, process, and/or store data that you may elect to integrate with our Services.
- Children's Privacy
We do not direct the Services to children under the legal age of majority in their jurisdiction, typically age
18, or knowingly collect Personal Information from children under that age. If you have not reached the legal
age of majority in your jurisdiction, our Terms of Service do not allow you to use our Services. If we learn
that Personal Information has been collected on the Services from persons under that age, we will promptly
delete this information. If you are a parent or guardian and discover that your child has provided Personal
Information, then you may alert us as set forth in the “Contact Us” section, below, and request that we delete
your child’s Personal Information from our Services.
- Rights to Your Information
Depending on the jurisdiction in which you live, you may be entitled to exercise rights relating to your Personal
Information, including: (i) the right to withdraw consent to processing; (ii) the right to access your Personal
Information and certain other supplementary information, under certain conditions; (iii) the right to object to
data processing premised on our legitimate interests, a third party’s legitimate interests, the public interest,
or official authority vested in us; (iv) the right to erasure of Personal Information about you, under certain
conditions; (v) the right to demand that we restrict processing of your Personal Information, under certain
conditions, if you believe we have exceeded the legitimate basis for processing, processing is no longer
necessary, are processing, or believe your Personal Information is inaccurate; (vi) the right to data
portability of Personal Information concerning you that you provided us in a structured, commonly used, and
machine-readable format, under certain conditions; (vii) the right object to decisions being taken by automated
means which produce legal effects concerning you or similarly significantly affect you, under certain
conditions; (viii) the right to lodge a complaint with data protection authorities; (ix) the right to request
that we rectify or correct inaccurate Personal Information; and (x) the right to appeal the action we take in
response to your request to exercise any of your other rights. If you contact us to appeal, please tell us why
you believe we erred in responding to your request. We will respond to your appeal in accord with the timelines
set forth in applicable law. To exercise your rights, please submit a request by contacting us through any of
the means outlined in the “Contact Us” section, below.
- Do Not Track and Global Privacy Control Signals
Because no consensus has emerged on how to handle “Do Not Track” signals, the Services do not respond to such
signals or use them to alter how Personal Information is processed. We also do not process the Global Privacy
Control signal because, in connection with the Services, we do not sell or share Personal Information for
cross-contextual behavioral advertising purposes.
- Security
- We strive to prevent unauthorized access to your Personal Information. We will regularly assess our security
to ensure that we have in place reasonable technical, administrative, and physical safeguards in place to
protect your Personal Information from unauthorized access, use, and disclosure.
- We take steps designed to ensure that only those of our employees who need access to your Personal
Information to fulfil their employment duties will have access to it.
- Nevertheless, there is no guarantee that such technology or procedures can or will eliminate the risks of
unauthorized access, use, disclosure, theft, loss or misuse.
- Do not disclose your Access ID to anyone. If you forget your password, we will ask you for the username
associated with your Access ID and will send you an email containing your password to the email address
associated with your Access ID.
- You are responsible for maintaining the secrecy of your Access ID. If you disclose your Access ID, others
who have your Access ID will be able to access your Personal Information.
- We cannot be responsible for and do not control how other users of our Services use your Personal
Information. You should use caution in sharing your Personal Information with others through the Services.
- If we learn of a breach of security, we will comply with the notification rules set forth in applicable law.
- Jurisdictions Where Processing Occurs
Your Personal Information may be processed in any country where we have facilities or in which we engage
third-party processors/service providers, currently the United States, Canada, and France. By using the
Services, you consent to the transfer of information to countries outside your country of residence, which may
have different data protection rules than in your country. While such information is outside of the jurisdiction
where it was collected, it may be subject to the laws of the country in which it is held, and may be subject to
disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant
to the laws of such country. However, our practices regarding your Personal Information will at all times
continue to be governed by this Privacy Policy and, if applicable, we will comply with the General Data
Protection Regulation (“GDPR”) requirements for the transfer of Personal Information from the EU/EEA to a third
country.
- California Privacy Information
- Your California Privacy Rights
If you are a California resident, you may have certain rights as a consumer regarding your personal
information conferred under Cal. Civ. Code § 1798.100, et seq., known as the California Consumer Privacy
Act (CCPA). These rights include:
-
the “right to know,” meaning the right to request any or all of the following:
-
the specific pieces of personal information we collected about you;
- the categories of personal information we collected;
- the categories of sources used to collect the personal information;
- the business or commercial purposes for collecting your personal information; and
- the categories of third parties with whom we have shared your personal information
- the right to request deletion of your personal information that we collected
- the right to have someone you authorize make a request on your behalf
- the right to opt-out of “sale” (as that term is defined in the CCPA) or the sharing of personal
information for cross-contextual behavioral advertising purposes; please note, however, that, in
connection with the Services, we do not sell or share personal information for cross-contextual
behavioral advertising purposes
- the right to make a request for the correction of errors or inaccuracies in your personal
information
- the right to restrict the processing of sensitive personal information
- the right not to be discriminated against for exercising any of these rights
- the right to request certain information regarding our disclosure of personal information to third
parties for their direct marketing purposes.
Only you, or someone legally authorized to act on your behalf, may make a request related to your
personal information. We will verify that any requests from persons other than you have your legal
authorization. You may also make a request on behalf of your child.
Your request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we
collected personal information or an authorized representative; and
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and
respond to it.
- Collection of Personal Information
The following tables show the categories of personal information we have collected in connection with the
Services in the last 12 months and indicates whether each category of personal information has been
shared for a business purpose or sold to a third party.
Category |
Collected |
A. Identifiers. |
Yes |
B. Personal information categories listed in the California Customer
Records statute (Cal. Civ. Code § 1798.80(e)). |
Yes |
C. Protected classification characteristics under California or
federal law. |
No |
D. Commercial information. |
Yes |
E. Biometric information. |
No |
F. Internet or other similar network activity. |
Yes |
G. Geolocation data. |
Yes |
H. Sensory data. |
Yes |
I. Professional or employment-related information. |
No |
J. Non-public education information |
No |
K. Inferences drawn from other personal information |
Yes |
- Disclosure of Personal Information
Category |
If sold or shared, categories of recipients
|
Categories of recipients to which information is
disclosed for a business purpose |
A. Identifiers. |
Not sold or shared |
Service providers |
B. Personal information categories listed in the California
Customer Records statute (Cal. Civ. Code § 1798.80(e)) |
Not sold or shared |
Service providers |
C. Protected classification characteristics under California or
federal law. |
Not sold or shared |
None |
D. Commercial information. |
Not sold or shared |
Service providers |
E. Biometric information. |
Not sold or shared |
None |
F. Internet or other similar network activity. |
Not sold or shared |
Service providers |
G. Geolocation data. |
Not sold or shared |
Service providers |
H. Sensory data. |
Not sold or shared |
Service providers |
I. Professional or employment-related information. |
Not sold or shared |
None |
J. Non-public education information |
Not sold or shared |
None |
K. Inferences drawn from other personal information. |
Not sold or shared |
Service providers |
- Sensitive Personal Information
The following table shows the categories of sensitive Personal Information we collect in connection with
the Services along with the purposes for which each category is processed and whether we sell or share
such Personal Information for cross-contextual behavioral advertising purposes.
Category |
Purposes |
Sold/shared |
Social security, driver’s license, state identification card,
or passport number |
Not collected |
No |
Account log-in, financial account, debit card, or credit card
number in combination with any required security or access code, password, or credentials
allowing access to an account |
For processing your access to the Services |
No |
Precise geolocation |
Not collected, but the Services may enable certain
functionality for users in proximity to one of our facilities; this is done without
collecting or storing geolocation information. |
No |
Racial or ethnic origin |
Not collected |
No |
Contents of correspondence (other than correspondence directed
to us) |
To facilitate messaging between users |
No |
Genetic Data |
Not collected |
No |
Biometric information processed to identify you |
Not collected |
No |
Data concerning your health |
To provide the Services |
No |
- Contact Us
If you have any questions or comments about this Privacy Policy or our processing of your Personal Information,
to make an access or correction request, to exercise any applicable rights, to make a complaint, or to obtain
information about our policies and practices, you may contact us by emailing privacy@trainerize.com, calling us toll free at 1-844-625-1155, or
mailing us at TSR Gym Technik, LTD, c/o ABC Fitness Solutions, LLC, 2600 North Dallas Parkway, Suite 590,
Frisco, TX 75034.