Gympass Privacy Policy

 

Welcome to Gympass! We at Gympass know you care about how your Personal Data is used and shared, and we take your privacy seriously. 

 

This Privacy Policy, incorporated into our Terms and Conditions of Use, describes the privacy practices of Gympass “Gympass,” “we,” or “us”). Any terms we use in this policy without defining them have the definitions given to them in our Terms. By accessing or using our Services, you acknowledge that you accept the practices and policies outlined in this Privacy Policy. 

 

I. What does this Privacy Policy Cover?

Gympass enters into agreements with employers and wellness solutions to offer eligible employees 

 (and qualifying Family Members) the opportunity to purchase a Gympass membership. The Gympass membership provides access to the venues and services of our partner Gyms. Our network of partner Gyms varies by location and by the fitness services offered.

 

This Privacy Policy covers what data we collect about you (the “Personal Data”) (either from you, from your employer, through your wellness solution, or from others) and how we store, analyze, and share your Personal Data. This Policy does not apply to the practices of companies we do not own or control, including your employer, your wellness solution or any Gym. 

 

We gather various types of Personal Data from our Users, as explained in more detail below, and we use this Personal Data internally in connection with our Services, including to personalize, provide, and improve our Services, to allow you to set up a user account and profile, to contact you and allow other Users to contact you, and to fulfill your requests for certain products and services. In certain cases, we may also share some Personal Data with third parties, but only as described below.

 

II. IMPORTANT NOTE – Does Gympass collect Personal Data from children?

Our Services are not targeted to children. As noted in our Terms, we do not knowingly collect or solicit Personal Data from anyone under the age of 16 unless we first obtain verifiable parental consent as required by applicable law. If you are under 16, please do not attempt to register for the Services or send any Personal Data about yourself to us without consent from your parent or legal guardian. If we learn that we have collected Personal Data from a child under age 16 without verifiable consent from the child’s parent or legal guardian, we will delete that data as quickly as possible. If you believe that your child under 16 may have provided us Personal Data without your consent, please contact us at support@gympass.com. 

 

In some circumstances, our Services allow eligible employees to extend the registration offer to qualifying Family Members including children. If you extend the registration opportunity to a child and authorize payment for this account, you are expressly consenting to the collection and use of the child’s Personal Data in accordance with this Privacy Policy.

 

III. Will Gympass ever change this Privacy Policy?

We are constantly improving our Services, so we may need to change this Privacy Policy from time to time as well, but we will alert you to material changes by placing a notice on the Gympass website or in the app, by sending you an email, and/or by some other means. Please note that if you have opted not to receive legal notice emails from us (or you haven’t provided us with your email address), those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them. If you decide to use the Services after any changes to the Privacy Policy have been posted, the revised Privacy Policy applies.

 

IV. What information does Gympass collect?

We may collect Personal Data from you when you access and use our Services. The Personal Data that you provide directly to us through your interactions with our Services and Gyms will typically be apparent from the context in which you provide that information. Gympass may also automatically collect certain Personal Data and information from you while you are interacting with our Services. We may also receive information about you from various sources to support and improve our Services, including your employer who is enabling your membership, your wellness solution platform, the Gyms in our network, and public databases. Certain data may be required to register with us or to take advantage of some of our features.

 

Eligibility Information. If your employer has a corporate agreement with us, its eligible employees may register for and purchase a Gympass membership. You may only register for our Services if you are an eligible employee or a qualified Family Member of an eligible employee. To offer you our Services and confirm your eligibility, we collect Personal Data from your employer (or, in the case of a qualifying Family Member, the employee who sponsors you) including at least one unique identifier, such as first and last name, business email, your employee ID, and your status as an active employee. 

 

Contact and Registration Information. If you access our website or app and/ or register for an account, we will collect Personal Data such as your first and last name, username and password, email, mobile or other phone number, mailing address, and zip code, as well as any other Personal Data you choose to provide, including a profile picture and your preferred Gym locations. If you have registered for an account, you may log in to review and update your information and preferences. If you contact Gympass directly (outside of the relationship through your employer) by inquiring about Gympass, signing up for our blog or mailing list, or entering a sweepstakes or contest we may offer, then we may collect information you provide, such as email, mobile or other phone number, mailing address and postal code.

 

Transaction Information. If you become a Gympass member and utilize a credit/ debit account, we will collect information related to the payment for our Services, such as your credit/ debit card information, billing address, and other related transaction information, through our payment provider. If you pay for our Services by requesting that your employer debit your paycheck, we will receive confirmation of the transaction from your employer.

 

Social Media Apps. If you link your Gympass account to any social media profile, or otherwise interact with us through a social media site (e.g., by logging in through Facebook or by clicking a Facebook “like” button), the social media network may share information with us. You can access and revise your information-sharing practices in the privacy settings of such social media sites.

 

Gym Usage Information. We will collect information about how you interact with and use our Services, such as the time and location of your “check-in” with a Gym, Gym classes that you book and/or attend, workouts you log, and information that you provide regarding a Gym (e.g. your review of a Gym). 

 

Communications and Surveys. We will also collect information when you communicate with us, such as through emails that you send us, exchanges through the website or app, or exchanges through social media. If we ask you to provide feedback by completing a survey, we will collect any information you choose to provide in completing the survey. 

 

Data Collected Automatically. When you interact with our Services, either on our website or through our mobile app, we automatically receive and record data on our server logs from your browser or device, which may include your IP address, geolocation data, device identification, “cookie” data (please see below), the type of browser and/or device you’re using to access our Services, and the page or feature you requested and time of access. We may use this data to provide a customized experience for you, based on your usage patterns, or for remarketing, or other analysis. We may also use it to improve the Services – for example, this data can tell us how often Users use a particular feature, which we can use to enhance our user experience.

 

V. Does Gympass use cookies? 

“Cookies” are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us how and when pages and features in our Services are visited and by how many people. Through cookies, we may collect data about your online activity after you leave our Services. Just like any other usage data we collect, this data allows us to improve the Services and customize your online experience. Our Services do not currently support “Do Not Track” requests, which means that we collect data about your online activity while you are using the Services.

 

We use cookies for the following purposes:

  1. Authentication and login status. We use cookies to identify you when you open our website and to know whether you’re logged in to our website 
  2. Advertising. We use cookies to help us identify your usage patterns on our website and app and to help us display advertisements which are relevant to you
  3. Analytics. We use Google Analytics to analyze the use of our website and our app. Google collects data about website and app use through cookies and uses this data to create reports about the use of our website and app. Through Google's Privacy Policy, you can make choice regarding these collection methods.

 

You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features. Again, this Privacy Policy does not cover the use of cookies by any third parties, and we are not responsible for their privacy policies and practices. Please be aware that cookies placed by third parties may continue to track your activities online even after you have left our Services, and those third parties may not honor “Do Not Track” requests you have set using your browser or device.

 

VI. How does Gympass use my Personal Data?

We use your Personal Data to provide you with our Services, confirm eligibility for and administer your membership, respond to your inquiries, deliver a more relevant experience with our Services and our Gyms, and to meet our other business purposes. We may also use your Personal Data in order to facilitate the administration of your account through your employer or a wellness solution platform that your employer has engaged in order to offer you our Services. We use your Personal Data for these purposes because we have a legitimate business interest in providing Services to our members, their qualifying Family Members or because you have provided consent for the data usage. We may use this data to contact you, to cross-reference it with other Personal Data we may hold about you in accordance with this Policy, and to share it with the Gym you choose to go to and to our third party partners, as provided in this Policy. Specifically, we may use your Personal Data for the following purposes:

 

Membership Administration. We process your Personal Data to fulfill our contractual relationship with you as a member or recipient of our Services, including by providing you with administrative and usage support. We also use your Personal Data to determine if you are eligible to register for our Services, facilitate payment for our Services, and, in some circumstances, to confirm your use of our Services as part of your employer’s wellness program or wellness solution platform.

 

Promotional and Marketing Communications. We may communicate with you, if you provide us the means to do so.  For example, we may use your Personal Data to provide special offers, promotions, and information about Gympass and our Services. By providing us with your wireless phone number, email address or social media account credentials, you confirm that you want Gympass to send you data we think may be of interest to you through those channels, including but not limited to Gympass offers, promotions and updates regarding Gympass partners.  Where applicable law requires, we will obtain your consent to send you marketing communications. If you do not want to receive email communications from us, please indicate your preference by clicking the unsubscribe link that will appear in all emails or by contacting support@gympass.com.  Gympass will use all reasonable efforts to perform your unsubscribe request without undue delay as required by applicable law. However, note that if you are a member, even if you opt out of marketing communications, you will continue to receive administrative and operational communications from us, such as notices regarding bookings or billing.  

 

Business Purposes. We may use your Personal Data for our business purposes, such as to operate and improve our business and Services, develop new Services, perform market research, and to improve the security of our Services. We may also use your Personal Data to protect us from and prevent fraud, claims and other liability, and to comply with legal or regulatory requirements.  

 

VII. How does Gympass share my Personal Data?

We may share your Personal Data as described in this Privacy Policy or where we have provided you with prior notice and, to the extend applicable law requires, obtained your consent. Gympass may share your Personal Data for the following parties for the reasons discussed below:

 

Gyms and Booking Partners. We may share your Personal Data with Gyms so that you can check-in and use their facilities and classes. We may also share your data with booking partners when you book a class. Information you submit to book at class through that service is subject to the booking partner’s own terms of use and privacy policy, found on that third party’s site.

 

Membership Sponsor. In some circumstances, we may share your Personal Data with your employer who enables your Gympass membership and/ or a wellness solution platform that you contract with through your employer and that offers you an opportunity to use our Services. You hereby acknowledge that we receive Personal Data about you from your employer or wellness solution platform. 

 

Service providers. We may share Personal Data with companies who perform services on our behalf, including providers that help us send communications, analyze data, and maintain our websites and apps. 

 

Advertisers. We may, from time to time, allow advertisers and/or third party partners (“Advertisers”) to choose the demographic data of users who will see their advertisements and/or promotional offers and you agree that we may provide any of the data we have collected from you in non-personally identifiable form to an Advertiser, for that Advertiser to select the appropriate audience for those advertisements and/or offers. For example, we might use the fact you are located in San Francisco to show you ads or offers for San Francisco businesses or we might allow Advertisers to display their ads to users with similar usage patterns to yours. Note that if an advertiser asks us to show an advertisement to a certain audience or audience segment and you respond to that ad, the advertiser may conclude that you fit the description of the audience they were trying to reach. We use Google Tag Manager, Facebook, and LinkedIn to communicate with users and with data collected by such ad partners. You can access the policies for these partners on their separate websites: Intercom Privacy Policy, LinkedIn Privacy Policy, Google Privacy Policy, and Facebook Privacy Policy.

 

Social Media and Third-Party Apps. We may share information with social networks when you use our Services to interact with a social media site (e.g. you click a Facebook “like” button), or connect to our Services through social media (e.g. using Facebook to log-in to our app). You can review the privacy practices of these sites and third-party apps on their respective sites. 

 

Affiliates. We may share your Personal Data with Gympass corporate affiliates in order to administer our Services and operate, evaluate, and improve our business.

 

Legal and Compliance. We may disclose your Personal Data as required or permitted by law, regulation, or legal process, including to respond to a require from a governmental or law enforcement agency, in order to investigate suspected or actual fraudulent or illegal activity, to enforce or apply our Terms of Use or other agreements we may have with you, and where we believe disclosure is appropriate to protect the rights, property, or safety of Gympass, its affiliates (including Gyms), our users, employees, or others.

 

Corporate Transactions. We may choose to buy or sell assets and may share and/or transfer customer data in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, your Personal Data could be one of the assets transferred to or acquired by a third party.

 

User Profiles and Submissions. Certain account data, including your name, location, and any video or image content that you have uploaded to the Services, may be displayed to other Users to facilitate user interaction within the Services or address your request for our Services. Please remember that any content you upload to your public user profile, along with any Personal Data or content that you voluntarily disclose online in some manner other Users can view (on discussion boards, in messages and chat areas, etc.) becomes publicly available, and can be collected and used by anyone. Your username may also be displayed to others if you interact with others, such as by sending messages, comments, or uploading content. Additionally, if you sign into the Services through a third party social networking site or service, your list of “friends” from that site or service may be imported to the Services, and such “friends,” if they are also registered users of the Services, may be able to access certain non-public data you have entered in your Services user profile. Again, we do not control the policies and practices of any other third-party site or service.

 

Aggregated or De-identified Data. We may share aggregate usage data with current or prospective Gyms or corporate clients (or allow Gyms or corporate clients to collect that data from you). We reserve the right to provide all such aggregated and/ or de-identified data to third parties.

 

VIII. Will Gympass text me?

We may allow you to elect to use text messaging as way for us to communicate with you. By agreeing to receive text messages, you are expressly consenting to receiving text messages made using an automatic telephone dialing system from Gympass or its service providers, and you also understand and agree that data rates and charges may apply. You may opt-out from receiving text messages at any time by replying “STOP” to a text you have from Gympass. Please note that we may send you a text to confirm that you have unsubscribed. Please allow us a reasonable time to process your request. 

 

IX. How does Gympass protect my Personal Data?

We endeavor to protect the privacy and security of your account and Personal Data. However, the Internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us. We do not accept liability for unintentional disclosure. You should protect your account against unauthorized access to your password, phone, and computer by, among other actions, signing off after using a shared computer, selecting and protecting your password and/or other sign-on mechanism appropriately, and limiting access to your computer or device and browser by signing off after you have finished accessing your account. We are not responsible for any lost, stolen, or compromised passwords, or for any activity in your account via unauthorized password activity. 

 

If you access your account via a third-party site or service, you may have additional or different sign-on protections via that third-party site or service. 

 

X. Are there links to third party services?

Our Services may contain links to third-party websites and services. Please know that your access of any third-party site through one of these links is not governed by this Privacy Policy, and the privacy policies for those third parties govern the use of Personal Data by those third parties. We are not responsible for the privacy practices of those third parties.

 

XI. Data Subject Rights

Where required by applicable law, you have the following rights with respect to your Personal Data:

  1. Right to access; right to data portability. You have the right to receive a copy of the Personal Data that we have about you and how we use this information. You also have the right to receive your Personal Data in a structured format and the right to have the Personal Data transmitted directly from Gympass to another data controller. 
  2. Right to rectification. You have the right to obtain from us without undue delay the correction of inaccurate Personal Data concerning you. 
  3. Right to erasure. You have the right to request deletion of Personal Data concerning you unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of a legal claim.  
  4. Right to restrict or object to processing. You have the right to object to or restrict the processing of your Personal Data to the extent that you dispute the accuracy of the data, the processing is unlawful but you oppose the erasure, or you have objected to the processing. If your Personal Data is processed by us for direct marketing, you have the right to object at any time to the processing. 
  5. Right to lodge a complaint. You have the right to lodge a complaint with our Data Protection Officer or a supervisory authority.  As a rule, you can contact the supervisory authority of your usual place of residence. 
  6. Right to withdraw consent. You can withdraw your consent to the processing of your Personal Data by us at any time.

 

You can always opt not to disclose data to us, but keep in mind some data may be needed to register with us or to take advantage of some of our features. Through your account settings, you may access and update the data you have provided to us. If you wish to exercise any of your rights and that option is not yet available through your account settings, please contact us and we will address your request.  Please note that we own and may use aggregated and anonymized data derived from or incorporating your Personal Data after you provide it to us. 

 

XII.  CALIFORNIA RESIDENTS

California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes; to submit such a request, please contact us at help.me@gympass.com.

 

XIII.  EUROPEAN UNION/ UNITED KINGDOM RESIDENTS

If you are using our Services in the European Union including the United Kingdom, please note that the following information applies to our privacy practices and your Personal Data. 

 

Data Controller. When you use our Services in the European Economic Area or United Kingdom, the data controller is Gympass B.V. 

 

Legal grounds for processing

The General Data Protection Regulation (GDPR) requires Gympass to base the processing of the Personal Data of Users located in the European Economic Area (EEA) on a specific legal ground. Gympass uses the following legal grounds to process your Personal Data: 

  1. Your Permission. For example, when you choose to pay through payrolling, we will share some information with your employer. 
  2. The processing is necessary for the performance of our agreement with you. For example, we will share some of your account details with Gyms that you choose to access to enable your check in.
  3. The processing is necessary for our legitimate interests, and do not outweigh your interests. For example, when we collect Personal Data to prevent, detect and combat fraud in connection with the use of our Services and or to protect the rights, property, or safety of Gympass, our employees, our Users, or others. Also, where we advertise to you according to your preferences. 
  4. The processing is necessary to fulfill Gympass’ legal obligations. We reserve the right to access, read, preserve, and disclose any data that we believe is necessary to comply with law or court order, and to enforce our Terms.

 

Data Location and Transfer. Gympass US, LLC is based in the United States and the data we collect is governed by U.S. law. Gympass will transfer data in and to the U.S. and other countries on the basis of mechanisms approved under applicable law. Gympass may transfer your Personal Data to its affiliates and other recipients in other countries than which your data was originally collected. In many instances, Personal Data will be stored in the U.S. or in Brazil for the purposes described in this Privacy Policy. To the extent that these data recipients are in countries that have not been recognized by the European Commission as providing an adequate level of data protection, we will put in place appropriate safeguards aimed at ensuring an adequate level of data protection, such as EU Standard Contractual Clauses. 

 

Data Protection Representative. In addition to contacting our Data Protection Officer at dpo@gympass.com, you may contact the entity listed below in your country of residence regarding this Privacy Policy:


Residence



EU Representative



Contact Details 



France

GPFR SarL

33 Rue Lafayette

75009, Paris 

+33 (0) 1 82 88 81 77

serviceclients@gympass.com

Germany

GPDE GmbH

Gympass c/o WeWork 

Oskar-von-Miller-Ring 20

80333 München 

+49 (089) 121 402 314

 kontakt@gympass.com 

Italy

GPIT S.R.L

Gympass c/ o Tag via Arcivescovo Calabiana, 6

20139, Milano

+39 02 9475 8343

contatto@gympass.com

Netherlands

Gympass BV

*The Dutch entity is the legal data controller as defined by the GDPR for Users that are located within the European Economic Area

De entree 99

15 Everdieping

1101HE Amsterdam

Netherlands

+31 (020) 2622152

klantenservice@gympass.com

Portugal

GPPT, Unipessoal Lda

Calle Eloy Gonzalo, 27

28010, Madrid.

+351 308 807 163

contacto.pt@gympass.com

Spain 

Bookgym SL

Calle Eloy Gonzalo, 27

28010, Madrid 

+34931816821

contacto.es@gympass.com 

United Kingdom

Gympass UK Limited

WeWork, 1st Floor 

115 Mare St. 

London, E8 4RU

+44 (0) 20 3868 7759

support@gympass.com 

 

XIV. How can I contact Gympass? 

If you have any questions or concerns regarding our Privacy Policy or regarding how to exercise any of your rights, please send us a detailed message to support@gympass.com, and we will try to resolve your concerns. Alternatively, you may contact our Data Protection Officer where applicable by emailing dpo@gympass.com.

 

Effective Date: October 7, 2019



By continuing to use our services, you accept the use of cookies. You can change and find more information by clicking here .Accept