GutBusters Privacy Notice
Introduction & purpose of this policy
We need to collect and process personal data about you to provide you with the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests.
The terms “GutBusters,” “we,” “us,” “our” and “partners” includes GutBusters Ltd and our affiliates (such as GP’s, health related services and other medical professionals). We use the terms “member,” “you,” and “your” to mean any person using our Platform, where the term “Platform” means enquiring or using any website or services we offer, any of our events (such as promotional events), market research, surveys and activities, or when you communicate with us.
Identity of data controller
The Data Controller in respect of this Privacy Notice is GutBusters Ltd.
When do we collect information?
We may collect your personal information when you:
- Use our Platform (e.g. visiting or browsing our website)
- Communicate with us (e.g. via telephone, email, mail or text)
- Ask us for more information about any product or service we have, or contact us with a question or complaint
- Contact any of our staff or official representatives
- Register interest in any promotional activities, newsletters, events, surveys, services, competitions, web and mobile notifications, live chats, webinars, seminars, workshops, presentations, message boards and forums.
- Participate in, access or sign up to any promotional activities, newsletters, events, surveys, services, competitions, web and mobile notifications, live chats, webinars, seminars, workshops, presentations, message boards and forums.
- Send an email to an @GutBustersglos.co.uk email account
- Create an account with us or complete any type of Membership Agreement
- Carry out a transaction on our website, or make any type of payment
- Book, access or attend any activity, event, courses or services linked to GutBusters
- Have been referred from a health professional (such as your GP, practice nurse, physiotherapist or other health professional)
- Have an accident during any of our events or activities, or where there was an incident where you were a witness, or personally affected by it (e.g. due to illness, injury or medication)
- We may also collect, match or acquire information about you from other organisations such as Google and Facebook.
What information do we collect?
When we refer to personal data in this policy, we mean information that can or has the potential to identify you as an individual. We need to collect some personal information to allow you to be identified as a member, and to help us manage your membership or participation in any of our services. Additionally, this information helps us to ensure our services are effective and suitable for you.
Personal data we collect from you may include the following:
- Information that you give us when you have made contact with us (such as making an enquiry or becoming a customer or a member of our services)
- Your contact with us, such as a note or recording of a call you make to us, or an email or other records of any contact you have with us
- Information obtained from customer surveys, events, promotions and competitions that you have entered or taken part in
- Your usage records and duration of visits
- Your name, date of birth, gender, e-mail address, postal address, telephone or mobile number
- The name and contact details (including phone number) of your next of kin
- Whether you require disabled access or reasonable adjustments to be made
- A health declaration (e.g. such as a Physical Readiness Questionnaire (PAR-Q))
- Information about lifestyle behaviours (such as physical activity, smoking status, alcohol consumption status, and your diet) that can impact your health
- Information relating to your weight, physical fitness, Body Mass Index (BMI), and waist circumference
- Information about your medical history and health, including your GP’s name and address, as well as any relevant medical conditions, illnesses, treatments and medication that may have an impact on making our service safe, effective and suitable for you.
- Information you give us when you make a payment to us, such as financial or credit / debit card information, and information about your bank account number and sort code or other banking information. Note that we do not store your bank or credit card details on our web servers
- Your membership information – such as dates of payment owed and received, the services you use and any other information related to your account
- Information received from other sources, including from your use of websites and other digital platforms (such as Facebook, Twitter and Instagram)
- Information from advertising networks, analytics providers, or information provided by other companies who have obtained your permission to share information about you.
- Your preferences for particular products or services or interests when you tell us what they are – or when we assume what they are, depending on how you use our products and services
Information about any complaints and incidents
How do we use your personal information?
Set out below are some of the ways in which we process personal data although to do so lawfully we need to have a legal ground for doing so. We may use your information:
- When it is necessary to provide you with our services, or services relevant to you
- To enable us to meet out our obligations to you arising from any contract entered into between us and you including relating to the provision by us of any services to you and related matter such as billing, accounting and audit, credit or other payment card verification and anti-fraud screening
- Carry out an identity check as part of your membership application. For example we may require you to confirm your identity with two forms of approved identification such as a passport, driving licence, utility bill (from the last three months), a current vehicle registration document or a bank statement (from the last three months)
- If you have given consent to contact you with offers or promotions based on our analysis of how you use our services and what we think may be of interest to you (unless you choose not to receive our marketing messages)
- To process your membership application through our chosen membership software
- To bill you for using our services as part of your membership
- To keep you informed about our services, or changes to our services, including operational matters relating to your Membership
- To respond to any questions or concerns you might have about our services
- To help understand how you use our services, and to help us develop relevant and updated services
- To allow you to participate in interactive features of our services, when you choose to do so
- Carry out research and statistical analysis to monitor how customers use our services
- If we have to respond to requests where we have a legal or regulatory obligation to do so (for example to prevent and detect fraud or other crimes)
- To keep our records up to date
- To assess the quality and/or type of care you have received (including giving you the opportunity to complete customer satisfaction surveys), and raise any concerns or complaints so that these can be properly investigated
- To conduct and analyse market research
- To ensure that content from any of our websites is presented in the most effective manner for you
- If it is necessary for us to be able to communicate and share relevant information with your doctor, nurse or other healthcare professional if you have been referred by them (only with your explicit consent)
- To share your personal information with people or organisations in order to run our business or comply with any legal and/or regulatory obligations including to defend ourselves from claims or court action, and exercise our rights and adhere to laws and regulations that apply to us and the third parties (such as GP’s, health professionals) we work with
- In an emergency and if you are incapacitated, we may also process your personal data (including special category data) or make personal data available to third parties on the basis of protecting your ‘vital interest’ (e.g. your life or your health)
Generally, we will only ask for your consent to processing if there are no other legal grounds to process. In these circumstances, we will always aim to be clear and transparent about why we need your consent and what we are asking it for.
Where we are relying on consent to process personal data you have the right to withdraw your consent at any time by contacting us by emailing firstname.lastname@example.org or visit the contact us form at out website www.gutbustersglos.co.uk/contact/ and we will stop the processing for which consent was obtained.
Disclosure of your information we collect to outside parties
In the usual course of our business we may disclose your personal data (which will be limited to the extent reasonably necessary) to certain third party organisations that we use to support the delivery of our services. This may include the following:
- Business partners (e.g. local physical activity providers), suppliers and sub-contractors for the performance of any contract we enter into with you
- Organisations providing IT systems support and hosting in relation to the IT systems on which your information is stored
- Third party debt collectors for the purposes of debt collection
- Delivery companies for the purposes of transportation
- Third party service providers for the purposes of storage of information and confidential destruction, third party marketing companies for the purpose of sending marketing emails, subject to obtaining appropriate consent
- Service providers, agents and associated organisations to allow us to service your membership and communicate with you; for example, financial institutions to process payments, and freelance personal trainers when you sign up to classes
Please note that where a third party data processor is used, we ensure that they operate under contractual restrictions with regard to confidentiality and security, in addition to their obligations under Data Protection Laws.
Referrals and signposting (sharing your information with other services & organisations)
We may carry out work on behalf of the NHS (e.g. your GP) and other health related services. For the continuity of your care and to ensure our services are effective and suitable for you, we may be passed with medical information usually in the form of a referral for the purposes of your engagement with GutBusters to help you achieve your goals and improve your health.
We may also have a number of independent third parties (such as other lifestyle services) who may collect personal data from you to allow us to carry out the services we offer (for example when referred or signposted to our service by an independent third party or service such as a stop smoking service)
If your GP or medical / health practitioner treating you believes it to be clinically advisable, and in your best interests, they may refer you to our service. They may also request an update or information about how you are progressing (such as any lifestyle changes made, or any changes in health or fitness related status).
In the usual course of our business we may share and disclose your personal data (such as health and fitness data) with them. Please be aware that this will be limited to the extent of only collecting information that is reasonably necessary for us to do (to make sure our service is safe, effective and suitable for you). This may be in the form of obtaining information from a medical or health professional who has referred you to our service, or to share any relevant information with the referrer (for example, making sure you are suitable to use our services, or updating referrers on any progress or changes in your health or fitness status).
Whenever we do this, we will seek your permission before we do this. You can ask us not to do this, in which case we will respect that request if we are legally permitted to do so, but you should be aware that it may be potentially dangerous and/or detrimental to your health to deny your GP or medical / health practitioner relevant information about your medical history, and we strongly advise against it.
Information on cookies
Keeping your personal information secure
We aim to secure our your information and also take appropriate measures to ensure that the information we collect and maintain is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personally identifiable information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
Please note that communications over the internet (such as emails) aren’t secure unless they’ve been encrypted. Your communications may go through a number of countries before being delivered – as this is the nature of the internet. We can’t accept responsibility for any unauthorised access or loss of personal information that’s beyond our control.
Use of personal data for automatic decision making
We do not intend to use your personal data for automatic decision making.
How long do retain your personal data for?
Unless we explain otherwise to you, we will retain your personal data on the basis of the following guidelines:
- For as long as we have a reasonable business need, such as managing our relationship with you and managing our business
- For as long as we provide services and/or treatment to you and then for as long as someone could bring a claim against us (in general this is a period of 6 years); and/or
In line with legal and regulatory requirements or guidance
- For as long as you are a Member of GutBusters, or following cancellation and to meet legal requirements including financial audit, anti-fraud and money laundering regulations
- We may contact you about GutBusters services during this 6 years if you haven’t opted out of receiving marketing communications from us.
Collection of children’s data
GutBusters does not collect or process children’s data.
You have the right to withdraw your consent to our processing your information in this way at any time. If you no longer wish to receive web based or non-web based marketing and/or wish to remove your consent to receive marketing content please contact by email to email@example.com or visit the contact us form at out website www.gutbustersglos.co.uk/contact/
We would ask you to give us a reasonable amount of notice, to give us time to update our systems. While the precise timings vary, we generally ask that you give us at least 30 days’ notice.
Your privacy rights
Where we process your personal data based on your consent you have the right to withdraw consent at any time, for example your consent to receive direct marketing. If you no longer want to receive marketing messages from us, you can choose to opt out of all marketing or select your marketing preferences. Alternatively, if you are no longer a GutBusters member, and wish to remove your consent to receive marketing content please contact by email to firstname.lastname@example.org or visit the contact us form at out website www.gutbustersglos.co.uk/contact/
You have the following rights in relation to your data privacy:
- To request access to, and copies of, the personal data that we hold about you
- To request that we cease processing your personal data
- To request that we do not send you any marketing communications
- To request us to correct the personal data we hold about you if it is incorrect
- To request that we erase your personal data
- To request that we restrict our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal)
- To receive from us the personal data you have provided to us, in a reasonable format specified by you, to another data controller
To object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights and freedoms
Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply.
You have the right to see whatever information we hold about you, or make any requests or objections. Please send your request by email to email@example.com We will respond to your request promptly and always within 30 days.
We may require you to confirm your identity with two forms of approved identification such as:
- Driving licence
- Utility bill (from the last three months)
- Current vehicle registration document
- Bank statement (from the last three months)
We will use reasonable efforts consistent with our legal duty to supply, correct or delete personal information we hold about you.
GutBusters Privacy Notice – Version 1, Sep 2019 ©