Pilates Zone Privacy Policy

Effective as of 20 January 2020

1 Introduction 
2 About this Policy 
3 Your rights and your preferences: Giving you choice and control 
4 Personal data we collect from you
5 Technical data we collect 
6 Payment & Purchase Data we collect
7 What we use your personal data for 
8 Sharing your personal data 
9 Data retention and deletion 
10 Transfer to other countries 
11 Links 
12 Keeping your personal data safe 
13 Children 
14 Changes to this Policy 
15 How to contact us


1. Introduction

At Pilates Zone, we want to give you the best possible experience to ensure that you enjoy our services. Your privacy and the security of your personal data is, and will always be, enormously important to us. So, we want to transparently explain how and why we gather, store and use your personal data.
That is our objective, and this Privacy Policy (“Policy”) will explain what we mean in further detail.


2. About this Policy

This Policy sets out the essential details relating to your personal data relationship with Pilates Zone. The Policy applies to all Pilates Zone services. The terms governing your use of the Pilates Zone Service are defined in our Terms and Conditions of Use (the “Terms and Conditions of Use”).
From time to time, we may develop new or offer additional services. If the introduction of these new or additional services results in any material change to the way we collect or process your personal data we will provide you with more information or additional terms or policies. Unless stated otherwise when we introduce these new or additional services, they will be subject to this Policy.

The aim of this Policy is to ensure that you understand what personal data we collect about you, the reasons why we collect and use it, and who we share it with;
Explain the way we use the personal data that you share with us in order to give you a great experience when you are using the Pilates Zone Service; and
Explain your rights and choices in relation to the personal data we collect and process about you and how we will protect your privacy.

We hope this helps you to understand our privacy commitments to you. For information on how to contact us if you ever have any questions or concerns, please see Section 13 ‘How to contact us’ below. Alternatively, if you do not agree with the content of this Policy, then please remember it is your choice whether you want to use Pilates Zone Services.


3. Your rights and your preferences - Giving you choice and control

The General Data Protection Regulation or "GDPR" gives certain rights to individuals in relation to their personal data. Accordingly, we are happy to offer transparency and access controls to help users take advantage of those rights. As available and except as limited under applicable law, the rights afforded to individuals are:

Right of access - the right to be informed of, and request access to, the personal data we process about you;
Right to rectification - the right to request that we amend or update your personal data where it is inaccurate or incomplete;
Right to erasure - the right to request that we delete your personal data;
Right to restrict - the right to request that we temporarily or permanently stop processing all or some of your personal data;
Right to object - the right, at any time, to object to us processing your personal data on grounds relating to your particular situation; the right to object to your personal data being processed for direct marketing purposes;
Right to data portability - the right to request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service;
Right not to be subject to automated decision-making - the right to not be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect.

In order to enable you to learn more about these rights, exercise these rights with ease, and record your preferences in relation to how Pilates Zone uses your personal data, we provide the following resources:

User Profile (accessed via the My Account button) - allows you to exercise choices about the processing of certain personal data, and an automated ‘Download your data’ function to download basic account and usage information.

Notification Settings (accessed via the My Account button) - allows you to choose which communications you receive from Pilates Zone. You may toggle these settings to opt in or out of receiving different types of email and push notifications. 

Cookies Policy - provides more information on how we use cookies. You will also find information about how you can manage your cookie preferences.

If you have any questions about your privacy, your rights, or how to exercise them, please contact our Data Protection Officer using the ‘Contact Us’ form on our website. If you have concerns around our processing of your personal data, we hope you will continue to work with us to resolve them. However, you can also contact and have the right to lodge a complaint with your local Data Protection Authority.


4. Personal data we collect from you

This is the personal data that is provided by you or collected by us to enable you to sign up for and use the Pilates Zone Service.
This may include your name, email address, phone number, birth date, gender, street address, and country.

Some of the personal data we will ask you to provide is required in order to create your account. You also have the option to provide us with additional personal data in order to make your account more personalized.


5. Technical data we collect about you

This is the data we collect about you when you’re accessing and/or using the Pilates Zone Service.

Which may include: 

	URL information;
	Online identifiers including cookie data and IP addresses;
	Information about the types of devices you are using such as browser type, language, operating system,
	Your non-precise location, which may be derived or inferred from certain technical data (e.g., your IP address or language setting of your device)

We collect this technical data in order to provide you with a secure, personalised, feature-rich experience when interacting with the Pilates Zone Service.


6. Payment and Purchase Data

We do not collect or store personal payment data such as credit or debit card numbers and related details. All payments are conducted through the secure Pay Pal Service.
We do collect and store details regarding transactions paid to us from you and redemption of class credits for classes attended. This may include information such as: 

Class date and time
Details of your purchase and payment history.


7. What we use your personal data for

When you use or interact with the Pilates Zone Service, we use a variety of technologies to process the personal data we collect about you for various reasons.
We have set out below the reasons why we process your personal data (identified in Section 4 ‘Personal data we collect from you’):

	To identify you and log you into your account.
	To process your payments.
	To record transactions on your account.
	To conduct business planning, reporting, and forecasting.
	To comply with legal obligations and law enforcement requests.
	To evaluate and develop new features, technologies, and improvements to the Pilates Zone Service.
	To detect fraud, including fraudulent payments and fraudulent use of the Pilates Zone Service.
	To establish, exercise, or defend legal claims.


8. Sharing your personal data

We do not share your the personal data collected or generated through your use of the Pilates Zone Service with any third parties.

The only situations where we would provide this information to a third party are outlined below:

Law enforcement and data protection authorities

We may share your personal data when we, in good faith, believe it is necessary for us to do so in order to comply with a legal obligation under applicable law, or respond to valid legal process, such as a search warrant, a court order, or a subpoena. We also share your personal data where we in good faith believe that it is necessary for the purpose of our own, or a third party’s legitimate interest relating to national security, law enforcement, litigation, criminal investigation, protecting the safety of any person, or to prevent death or imminent bodily harm, provided that we deem that such interest is not overridden by your interests or fundamental rights and freedoms requiring the protection of your personal data.

Purchasers of our business

We will share your personal data in those cases where we sell or negotiate to sell our business to a buyer or prospective buyer. In this situation, Pilates Zone will continue to ensure the confidentiality of your personal data and give you notice before your personal data is transferred to the buyer or becomes subject to a different privacy policy.


9. Data retention and deletion

We keep your personal data only as long as necessary to provide you with the Pilates Zone Service and for legitimate and essential business purposes, such as maintaining the performance of the Pilates Zone Service, making data-driven business decisions about new features and offerings, complying with our legal obligations, and resolving disputes. We keep some of your personal data for as long as you are a user of the Pilates Zone Service. For example, we keep your account information, class history and transaction history.

If you request, we will delete or anonymise your personal data so that it no longer identifies you, unless we are legally allowed or required to maintain certain personal data, including situations such as the following:

If there is an unresolved issue relating to your account, such as an outstanding credit on your account or an unresolved claim or dispute we will retain the necessary personal data until the issue is resolved;
Where we need to retain the personal data for our legal, tax, audit, and accounting obligations, we will retain the necessary personal data for the period required by applicable law; and/or,
Where necessary for our legitimate business interests such as fraud prevention or to maintain the security of our users.


10. Transfer to other countries

Pilates Zone stores your personal data in Australia in order to carry out the activities specified in this Policy. Your personal data, therefore, may be subject to privacy laws that are different from those in your country. As such, Pilates Zone shall ensure that the transfer of your personal data is carried out in accordance with applicable privacy laws and, in particular, that appropriate contractual, technical, and organisational measures are in place such as the Standard Contractual Clauses approved by the EU Commission.


11. Links

We may display advertisements from third parties and other content that links to third-party websites. We cannot control or be held responsible for third parties’ privacy practices and content. If you click on a third-party advertisement or link, please understand that you are leaving the Pilates Zone Service and any personal data you provide will not be covered by this Policy. Please read their privacy policies to find out how they collect and process your personal data.


12. Keeping your personal data safe

We are committed to protecting our users’ personal data. We implement appropriate technical and organisational measures to help protect the security of your personal data; however, please note that no system is ever completely secure. We have implemented various policies including pseudonymisation, encryption, access, and retention policies to guard against unauthorised access and unnecessary retention of personal data in our systems.
Your password protects your user account, so we encourage you to use a strong password that is unique to your Pilates Zone account, never share your password with anyone, limit access to your computer and browser, and log out after having used the Pilates Zone Service.


13. Children

The Pilates Zone Service is not directed to children under the age of 13 years. The Pilates Zone Service is also not offered to children whose age makes it illegal to process their personal data or requires parental consent for the processing of their personal data under the GDPR or other local law.
We do not knowingly collect personal data from children under 13 years or under the applicable age limit (the “Age Limit”). If you are under the Age Limit, please do not use the Pilates Zone Service, and do not provide any personal data to us.
If you are a parent of a child under the Age Limit and become aware that your child has provided personal data to Pilates Zone, please contact us using the ‘Contact Us’ form on our website, and you may request exercise of your applicable rights detailed in Section 3 ‘Your rights and your preferences: Giving you choice and control’ of this Policy.

If we learn that we have collected the personal data of a child under the age of 13 years, we will take reasonable steps to delete the personal data. This may require us to delete the Pilates Zone account for that child.


14. Changes to this Policy

We may occasionally make changes to this Policy.
When we make material changes to this Policy, we will provide you with notification by sending you an email to the email address associated with your account. We may notify you in advance of changes. Please ensure you read any such notices carefully to assess how the changes may affect you.


15. How to Contact Us

Thank you for reading our Policy. If you have any questions about this Policy, please contact our Data Protection Officer by using the ‘Contact Us’ form on our home page or by writing to us at the following address:

	Pilates Zone
	GPO Box 2206
	Brisbane QLD 4001
	Australia

Pilates Zone is the data controller for the purposes of the personal data processed under this Policy.