Last modified 21st May 2018
2. Data collected by third parties
3. Access to and sharing of data
4. Data we collect and how we use it
The EU General Data Protection Regulation (GDPR) becomes effective on 25 May 2018. The aim of GDPR is to strengthen data protection for individuals and to ensure that the law adequately protects the storage of people’s personal information in the modern world. GDPR will bring considerable changes to data protection law in the UK we need to ensure MSF Fitness is compliant.
MSF Fitness holds a small volume of “personal data” including details of those individuals who use our services. This is primarily collected via our Client Declaration forms. However, this data may also be collected via the Mailchimp Email Opt-In service on our company Website and social media pages. Personal Data is also collected via PayPal when using our online booking method (however, this data is never saved or shared by us). Personal data might include, by way of example – names, addresses, telephone numbers, email addresses and, in some cases, basic health information. Indeed, any information that might be able to identify a person individually.
There are 4 types of data you might supply to us:
• Via our compulsory Client PARQ - Name, DOB, address (optional), email address (optional), emergency contact details and health concerns (if applicable). This data is stored centrally (paper copy only) and is NEVER shared. If you provide your email address, we will add you to our email newsletter list in the hope that you find the information of some use and might invite your friends along to the studio! Ultimately though, we need this personal information either in an emergency or to contact you in relation to your training with us.
• Contact Form enquiries on this website - When submitting a form via the Contact page on this website, the submitted data is sent to us. We use this data to contact you in relation to your enquiry. Access to data we collect is limited to the members of our staff who require that data to perform their duties. Data is never stored following completion of the Contact form. Personal data will never be shared.
• Payments via the website using PayPal or Card payment (all processed by PayPal) - When submitting a payment form via the website, the submitted data is sent to us by PayPal (via secure email). We never store this data.
• Newsletter sign-up forms - When submitting a newsletter opt-in form on our website or social media feeds, the submitted data is sent to us via Mailchimp. An Opt-Out is always given via the 'Unsubscribe' feature within the emails. If you change your mind about receiving emails or feel that we shouldn't have contacted you in the first place, please just hit the 'unsubscribe' button - we won't be offended!
5. Personal data of our email subscribers
Email contacts via newsletter sign-up forms will be transferred to MailChimp and processed by MailChimp. MailChimp is our email newsletter processor and the applicable processing activities performed by them, such as the collection (e.g., via sign-up forms) and storage of personal data (e.g., within our MailChimp account) allows us to create and use distribution lists and send marketing and information email campaigns.
Obtaining consent for marketing
We use Mailchimp for all of our direct email marketing and newsletters. In order to collect personal details (email addresses):
• We use opt-in boxes on this website and via links on our social media feeds
• We don't insist clients complete email boxes on their PARQ - this information is provided optionally (if the box is completed, we take that as you giving your consent)
• We record when and how we got consent, and exactly what it covers - this information is held on record with Mailchimp or on client PARQs which are dated on completion
• The option to ‘Unsubscribe’ is given on all emails
6. Photographs and blogs
To help us market our small business and let others know about what we do, as well as celebrating what YOU do, we will take photographs within the studio for use on social media feeds which include Facebook, Twitter, Instagram & WordPress. We will never name you or tag you without your verbal consent. If you do not wish your photo to be used, please let us know at the time of the pictures being taken or notify us that you would like the picture removing.
If you have any questions about privacy and data protection with MSF Fitness, please contact us or ask next time you are at the studio.