1. Introduction
SD Pro Fit Lab is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Data Controller
[Gym Name] is the data controller responsible for your personal data.
If you have any questions about this policy or how we handle your data, please contact us at:
Email: info@sdprofitlab.co.uk
Address: Unit 2, Ground Floor, Meadow Gardens, Guildford, Surrey GU16 7YT
Telephone: 01483 765432
3. Personal Data We Collect
We may collect and process the following personal data:
Name, address, email address, and telephone number
Date of birth and emergency contact details
Membership records and payment information
Health and fitness information voluntarily provided by you
Class bookings and attendance records
CCTV images for security and safety purposes
4. Special Category Data
Health-related information is considered “special category data” under UK GDPR. We only collect and process this information with your explicit consent or where necessary to protect your vital interests.
5. How We Use Your Personal Data
We use your personal data to:
Manage memberships, bookings, and payments
Provide gym and fitness services
Communicate important information about your membership
Maintain health, safety, and security on our premises
Improve our services and member experience
Comply with legal and regulatory obligations
6. Lawful Basis for Processing
Under UK GDPR, we rely on the following lawful bases:
Contract – to provide services under your membership agreement
Legal obligation – to comply with applicable laws
Legitimate interests – to operate and improve our business
Consent – for marketing communications and processing special category data
7. Sharing Your Personal Data
We do not sell your personal data. We may share your information with:
Payment providers and IT service providers
Membership management software providers
Legal or regulatory authorities where required by law
Emergency services where necessary for your safety
All third parties are required to process your data securely and in line with UK GDPR.
8. Data Storage and Security
We take appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse. Access to personal data is restricted to authorised staff only.
9. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy or to meet legal and regulatory requirements.
10. Your Data Protection Rights
Under UK GDPR, you have the right to:
Access your personal data
Request correction of inaccurate or incomplete data
Request erasure of your personal data (where applicable)
Restrict or object to processing
Request data portability
Withdraw consent at any time
To exercise your rights, please contact us using the details above.
11. Marketing Communications
We will only send marketing communications where you have given consent or where permitted by law. You can opt out at any time by following the unsubscribe instructions or contacting us directly.
12. CCTV
CCTV is used within the gym for the purposes of safety, security, and crime prevention. Footage is retained for a limited period and accessed only when necessary.
13. Complaints
If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: www.ico.org.uk
14. Changes to This Policy
We may update this Privacy Policy from time to time. The most current version will always be available at the gym or on our website.