Privacy police – thefitness.hr

Privacy policy

Fit Invest d.o.o. with its registered office in Zagreb, Slavonska avenija 6, Croatia, registered in the court register of the Commercial Court in Zagreb, MBS: 030282383, OIB: 36598567890.

PRINCIPLES OF PERSONAL DATA PROCESSING

INFORMATION FOR CLIENTS, BUSINESS PARTNERS AND VISITORS
(PRIVACY POLICY)

INTRODUCTORY INFORMATION

Dear clients, business partners and visitors,

these principles inform you about how Fit Invest d.o.o. (hereinafter: the “Company“) collects, processes, uses and transfers your personal data (hereinafter: “personal data processing“).

Personal data means any data relating to a specific person who can be identified based on such data or in connection with other data.

CONTENTS

Who is the controller of your personal data?

The controller of your personal data is Fit Invest d.o.o. with its registered office in Zagreb, Slavonska avenija 6, Croatia, registered in the court register of the Commercial Court in Zagreb, MBS: 030282383, OIB: 36598567890.

The Company defines how and for what purpose your personal data will be processed. Contact details of the Company can be found below, in the chapter “Inquiries and contacts“.

The Company and other companies owned by it, i.e. ČRNOMEREC SPORT d.o.o. with its registered office in Zagreb, Slavonska avenija 6, Croatia are collectively referred to in this document as “Fit Invest Group” operating under the brand name Fit Invest.

What personal data about you and for what purpose does the Company process?

In the table below, you will find out which personal data, on what legal basis and for what purpose the Company processes in relation to clients, business partners and visitors.

a) Clients (natural persons who use the services of sports centers).

Personal data (Categories and examples)	Purpose of processing	Legal basis for processing
Basic identification and contact information: name and surname, date of birth, e-mail, phone number, address.	Conclusion and performance of contracts and related communications, fulfilment of legal obligations, records and collection of any claims.	Conclusion and execution of contracts, legitimate interest of the Company for the collection of claims.
Data related to the contract with the client: type of membership, duration of membership, financial and invoicing conditions.	Performance of the relevant contract, fulfilment of legal obligations.	Conclusion and execution of contracts.
Photography.	Using a photo for an access card.	Consent of the relevant person.

Basic identification and contact information: name and surname, e-mail, phone number. Basic identification and contact information: name and surname, e-mail, phone number. Data on personal characteristics: information on the status of the student, information on the existence of disability. Data for marketing purposes: name and surname, e-mail, telephone number, address, information about current membership, rights to discounts and benefits.	Protection of the Company’s assets, clients and other persons, protection against theft and other criminal activities, and related communications. Creating and maintaining a client’s user account-member profile, organizing group trainings and related communication. Granting discounts when paying the membership fee. Promoting and supporting the Company’s sales and services, sending information about new services and products or other marketing/commercial messages.	The Company’s legitimate interest in protecting the assets of the Company, clients and other persons. The legitimate interest of the Company in creating and maintaining the client’s user account-membership profile and the organization of group trainings. Consent of the relevant person for granting discounts based on the existence of disability and legitimate interest in granting discounts based on student status. Consent of the relevant person to receive commercial messages and process data for marketing purposes, legitimate interest in reaching out to customers through direct marketing and sending commercial messages.
Information about the number of visits to our website: IP addresses or cookies.	To record visitors and improve our services, and for statistical and analytical purposes. More information about cookies can be found below, in the chapter “What are cookies?”	The Company’s legitimate interest in information about the number of visitors to our website.
Data for marketing and promotional purposes: Photographs and recordings of persons taken at events.	Purpose is publication of recordings and photographs on social media for the purpose of marketing and promoting the services provided by the Company.	The legitimate interest of the Company in the case of group recordings or photographs; the consent of the relevant person in the case of an individual recording or photography.

b) Business partners (suppliers and other legal or natural persons who provide services to the Company).

Personal data (Categories and examples)	Purpose of processing	Legal basis for processing
Basic identification and contact information: name and surname or title, position, e-mail, telephone number, address, payment and delivery information.	Conclusion and execution of contracts and related communications, records and collection of any claims.	Conclusion and execution of contracts, legitimate interest of the Company for the collection of claims.
Data for marketing purposes: name and surname or title, position, e-mail, telephone number, rights to discounts and benefits.	Promoting and supporting the Company’s sales and services, sending information about new services and products or other marketing/commercial messages.	Consent of the relevant person (even with the provision of a business card) or consent given to receive commercial messages and processing for marketing purposes, legitimate interest in addressing customers through direct marketing and sending commercial messages.

c) Visitors to the Company (Clients, representatives of business partners and other persons who are in the premises of the Company).

Personal data (Categories and examples)	Purpose of processing	Legal basis for processing
Image of persons within the scope of video surveillance, visitor records.	Protection of the Company’s property, employees and other persons, protection against theft and other criminal activities, verification of persons residing in the Company’s premises.	The legitimate interest of the Company in ensuring access control and protection of the Company’s property, employees and other persons.

What sources does the Company use to collect your personal data?

The Company collects personal data that is then processed, directly from its clients or business partners or from visitors staying at the Company’s premises.

Does the Company share your personal data with other persons?

a) External service providers

In order to be able to fulfil its obligations, the Company provides certain personal data of clients, business partners and/or visitors to external service providers, which include bookkeeping, accounting, legal advice, receivables management, marketing, promotion and IT.

External service providers are approved by the Company and provide sufficient guarantees regarding the privacy and protection of personal data of clients, business partners and/or visitors.

b) Companies of the Fit Invest Group

The Company may share personal data within the companies of the Fit Invest Group. Each time the Company needs to share your personal data, it will do so only to a minimal extent, when necessary and will only share it with selected employees from the Fit Invest Group.

Fit Invest Group adopts appropriate measures to ensure that these selected workers are bound by the obligation to maintain the confidentiality of said personal data.

b) Disclosure of personal data to third parties

The Company may share personal data with third parties when necessary and when it has a legal basis to do so.

Furthermore, in accordance with the legal regulations on the protection of personal data, under certain circumstances, the Company is obliged to share the personal data of clients, business partners and/or visitors with third parties who are not the aforementioned external service providers or members of the Fit Invest Group.

These third parties include, in particular:

administrative and similar bodies (financial authorities),
financial institutions (banks, insurance companies),
the police, the public prosecutor’s office,
external consultants.

Does the Company transfer personal data to countries outside the EEA?

The Company may transfer your personal data outside of the European Economic Area only if it has a legal basis for such data transfer.

How is your personal data protected?

In order to ensure the confidentiality, integrity and availability of your personal data, the Company uses modern IT security systems. The Company maintains appropriate technical and organizational security measures against unlawful or unauthorized processing of personal data and against accidental loss or damage to personal data.

Access to your personal data is provided only to persons who need it for the fulfilment of their work obligations and who are bound by a legal or contractual obligation of confidentiality.

How long will the Company store your personal data?

The Company stores your personal data only for the period for which it needs it for the purpose for which it was collected, or for the protection of the legitimate interests of the Company or for the period for which consent to processing has been given.

In relation to the Clients:

The Company stores the Clients’ data for a period of 3 years from the date when the client last time used the services of sport centers.

We keep the data on the invoice we have issued to you for our services as well as the invoice for 11 years (counting from the last day of the year in which the invoice was issued), since this is the amount of the legal obligation to keep the issued invoices.

In the event of court or other proceedings, we store and process your data until the final conclusion of the proceedings, which is to defend our legal claims.

The data recorded by video surveillance is stored by the Company for a period of 1 month.

We store and process the data that we process on the basis of legitimate interest for marketing purposes until the moment of your unsubscribing from the list of persons to whom we send notifications for marketing purposes or until the moment of submitting your complaint.

In the case of processing your data on the basis of consent, the Company will process them until the consent is withdrawn.

In relation to Business Partners:

We store your data stated in the contract as well as the contract for the duration of the contract for the purpose of performing the contract and for a period of 3 years from the termination of the contract, for the purpose of eventual defence of our legal claims.

We keep the data on the invoice you have issued to us for your services as well as the said invoice for 11 years (counting from the last day of the year in which the invoice was issued), since this is the amount of the legal obligation to keep the received invoices.

In the event of court or other proceedings, we store and process your data until the final conclusion of the proceedings, in order to defend our legal claims.

We keep and process the data we process on the basis of legitimate interest for marketing purposes until the moment you unsubscribe from the list of persons to whom we send notifications for marketing purposes or until the moment of submitting your complaint.

In the case of processing your data on the basis of consent, the Company will process them until the consent is withdrawn.

In relation to the visitors of the Company:

The Company stores your data recorded by video surveillance for a period of 1 month.

What are your rights in relation to the processing of personal data?

You may exercise any of the rights listed below in accordance with the terms and conditions set out below. These rights are granted to you by the General Data Protection Regulation (GDPR):

the right to withdraw the consent given to the processing of personal data (if the data processing is carried out on the basis of your consent) at any time and free of charge, either by post, e-mail or in person to our address below;
the right to access personal data and provide additional information related to their processing by the Company, i.e. the processor;
the right to correction of inaccurate or incomplete personal data;
the right to erasure of personal data, in particular if (i) they are no longer necessary for further processing; (ii) consent to their processing has been withdrawn; (iii) the data subject objects to the processing, (iv) has been unlawfully processed; or (v) must be deleted in accordance with law;
the right to restriction of the processing of personal data, if (i) the data subject disputes the accuracy of the personal data, for the period until the Company verifies their accuracy; (ii) the processing is unlawful; (iii) they are no longer needed by the Company, but the personal data are necessary for the data subject for the purpose of exercising their legal claims; (iv) the data subject has objected to the processing of the personal data, until the Company has verified whether its legitimate interests prevail over the interests of the data subject;
the right to object to the processing of personal data if the data is processed based on the legitimate interests of the Company. If you make an objection, we will no longer process your personal data unless the Company proves that there are compelling legitimate grounds for the processing that override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. If you object to further processing for direct marketing purposes, your personal data will no longer be processed for these purposes;

the right to obtain your personal data and transmit it to another data controller, in compliance with legal requirements;
the right to submit a request for a declaration of violation of rights to the Personal Data Protection Agency, if you believe that the Company violates the obligations arising from the legal regulations on personal data protection.

We will respond to your requests for exercising your rights within the legal deadline, as a rule, no later than one month from the date of receipt of your request. We will let you know if, in exceptional cases, it takes longer for us to respond.

What are cookies?

Cookies are small data files that are necessary for websites to function properly, so we place them on your computer like most websites. Cookies are text files that websites place on your computer or mobile device when you start using the website. Websites can remember the actions and settings you have performed on those websites over a period of time. Thanks to this, you don’t have to re-enter this information when you revisit the website and go through individual parts of the web.

We use cookies mainly for marketing purposes, statistical data collection and web traffic analysis so that we can continue to improve our website and improve the services we offer. Information about how you use our website is thus shared with our advertising and analysis partners, i.e. Google. To see how Google uses cookies, please read the following document at: https://www.google.com/policies/technologies/cookies/.

Inquiries & Contacts

If you wish to exercise any of your rights in relation to the processing of your personal data, or if you have any other query or complaint regarding their processing, please contact us by post or e-mail using the contact details provided below.

Fit Invest d.o.o.

Slavonska avenija 6, 10 000 Zagreb, Croatia, e-mail: privacy@thefitness.hr

Amendments to the PRIVACY POLICY

It is possible that the Company decides to modify or update this Privacy Policy. The current version of the Privacy Policy will always be available on the Company’s website (www.thefitness.hr), in the Personal Data Protection section.

Privacy policy

%%club%%