Privacy Policy for crossfitmendip.com

Effective Date: 1st April 2025

At CrossFit Mendip, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (crossfitmendip.com), use our services, or become a member of our gym. This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

CrossFit Mendip is a fitness facility and official CrossFit affiliate based in the UK. Our registered domain is crossfitmendip.com. If you have any questions about this Privacy Policy or your data, please contact us at:

Email: info@crossfitmendip.com
WhatsApp (Business): 07360 545179

2. What Personal Data We Collect

We collect and process the following data:

– Identification details: Name, email address, phone number, date of birth
– Membership details: Membership type, attendance records, billing status
– Health information: PAR-Q data, medical disclosures for training safety
– Payment details: Processed securely by Stripe
– Website data: IP address, device type, browser type, cookies, and browsing behaviour
– Marketing preferences: Collected at sign-up via WOD Board or our website forms

3. How We Use Your Data

We use your information to:

– Process membership registrations and payments
– Communicate with you about classes, services, and schedule changes
– Manage your class bookings, attendance, and access to facilities
– Provide personalised fitness, coaching, and nutrition support
– Ensure the safety and wellbeing of all members
– Respond to enquiries and support requests
– Send marketing emails (only with your consent)
– Improve our services and website through analytics

4. How We Store and Protect Your Data

– All data is stored securely within WOD Board and Stripe platforms
– Payment data is encrypted and never stored on our own servers
– Access to your data is restricted to staff who require it to provide services
– We implement technical and organisational measures to protect your data

5. How Long We Keep Your Data

– We retain your personal, financial, and medical data for 7 years for legal, tax, and insurance purposes
– After 7 years of inactivity or contract end, your data will be securely deleted unless required for ongoing legal obligations

6. Your Data Rights

Under UK GDPR, you have the right to:

– Access your data
– Correct inaccurate data
– Request deletion of your data
– Object to or restrict certain types of processing
– Withdraw consent for marketing at any time

To exercise any of these rights, please email info@crossfitmendip.com.

7. Marketing Communications

You can choose whether to receive marketing messages from us. Consent is collected:

– During account setup via WOD Board
– Through website forms (e.g., challenge sign-up, free trial)

You can change your preferences anytime in your WOD Board profile or by contacting us.

8. Sharing Your Data

We do not sell or rent your data. We may share it with:

– Service providers (e.g., Stripe, WOD Board) who process data on our behalf
– Regulatory authorities if required by law

All third-party providers are contractually required to protect your information.

9. Cookies and Website Tracking

Our website uses cookies to:
– Analyse site traffic and usage
– Remember preferences
– Improve site performance

You can control cookie settings in your browser or via our cookie banner.

10. Changes to This Policy

We may update this Privacy Policy periodically. You will be notified of significant changes via email or website announcements.

11. Contact Us

If you have any questions or concerns about your data or this policy: