Privacy and Security Policy

Effective date: November 3, 2018.

This Privacy Policy sets forth how we collect and process your personal data, and seeks to comply with the European Union’s new privacy law known as the General Data Protection Regulation (“GDPR”).

COLLECTION OF PERSONAL DATA

When you engage in a transaction on our Website, we may collect directly from you your name, e-mail address, IP address, web browser, mailing address, credit card information, weight, age, height, body measurements, food allergies, injuries, and fitness goals and habits, for the purpose of being able to perform the services for which you are retaining us. We are processing this information based upon your consent to our doing so, our legitimate interests such as marketing and, with respect to the data necessary to provide our coaching services and to process your payments, because it is necessary for the performance of your contract with us. Data will be transferred to countries outside of the EU so long as it is necessary for the purpose of carrying out our contractual obligations to you or you have granted us your consent. This information will only be retained for as long as it is necessary to carry out the purpose for which it is collected, to fulfill our contractual obligations, or as long as it is required by law. Of course, we will delete your personal data quickly upon request. We will not sell, share or rent your personal data to any third party. Unless you are in the EU, by exploring and using this Website, and by submitting information to Born Fitness, you agree to Born Fitness’ use of such information as described herein as well as the terms and conditions set forth in our Terms of Use.

In order for us to be able to provide the services available on our Website, and to meet any of our related business obligations, you must provide the personal data that is required to do so. Without that data, we are not in a position to do so.

SECURITY

Security of all personal data of our users is a primary concern of ours. Thus, we have adopted reasonable security measures to protect the security of our users’ information. We use, where appropriate, industry standard encryption technology and computer server firewalls when transferring and receiving consumer data exchanged with this Website. Credit card information is sent directly to PayPal, MoonClerk and/or Stripe, which process the payments. We do not store any credit card information. Nevertheless, we cannot guarantee complete security of your information inasmuch as no security systems are foolproof. It is also important for you to protect against the unauthorized access to your information as well as to your computer.

DISCLAIMER

Unless you are in the EU, this privacy policy and all statements contained on this Website about privacy and how we deal with data supplied by visitors to this Website are not intended to be a contractual obligation of any kind and any such obligation is hereby disclaimed in its entirety. These statements merely constitute the present policy of Born Fitness, which we will take reasonable measures to implement. Similarly, this privacy policy is not intended to be “advertising” or “advertising claims.” Rather, it is merely intended to set forth our policy, including our practices and intentions, as to how we conduct our business.

PROMOTIONAL INFORMATION AND E-NEWSLETTERS

When you sign up to our Website, you agree to receive Born Fitness notifications and promotional e-mails as well as e-newsletters and other e-mail special offers. If you change your mind and no longer wish to receive our e-mails, you may opt out at any time simply by sending us an e-mail or by clicking on the unsubscribe link in the e-newsletter.

COOKIES

When you interact with our Website, we attempt to make your experience as easy and meaningful as possible. Therefore, like many websites, we may use cookies and other technologies to track user activity and collect Website data. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record keeping purposes. We use cookies to track information about your activities on our Website. We also use cookies to store your preferences and to allow you to remain logged in as you use our Website.

When you first access our Website, you should receive a message informing you that cookies are in use. By your continuing to browse our Website, you agree to our use of cookies as described herein. You do not have to accept our cookies. You may stop or restrict the placement of cookies on your computer or remove them from your browser by adjusting your web browser’s preferences by following its instructions. You can also delete cookies once they have been placed on your hard drive. If you choose to disable or delete our cookies, you may still browse our Website but many of the features either will not work or may take more time to work.

LINKS

This Website may, from time to time, contain links to other sites. We are not responsible for the privacy practices of any such sites. They may also use cookies and other technologies. However, we do not have access to, or control over, cookies or other technologies that they may use. As such, the information practices of these sites are not covered by our policy, but rather are covered by their respective privacy policies. Thus, you should be aware of when you are leaving this Website and take the time to read the privacy statements of any such sites if they are in the habit of collecting your personal data.

PROMOTIONS AND CONTESTS

We may, from time to time, host a promotion or contest on this Website that is sponsored or co-sponsored by a third party. In connection therewith, you may be asked to provide personal information or permit the transfer to a third party of your personal information. Born Fitness has no control over the third party’s use of this information. Depending on the situation, you will be informed as to who is collecting or transferring the information and whose privacy statement applies, and it will be your discretion as to whether or not you want to permit the collection or transfer of your personal information to a third party.

DATA PROCESSORS

Born Fitness does not own or control any servers or databases. As a result, personal data is only stored on third-party servers, which act as data processors. Mailchimp collects your e-mail address and sometimes your first and last name for the purpose of building our e-mail list for marketing purposes. The personal data is stored on Mailchimp owned and operated servers located in the U.S. and is kept until you unsubscribe or ask for the data to be deleted. Sumo collects your e-mail address and sometimes your first and last name for the purpose of building our e-mail list for marketing services. The personal data is stored on Amazon Web Services servers and is kept until you unsubscribe or ask for the data to be deleted. PayPal collects your name, address, credit card information and/or PayPal account information for the purpose of collecting monthly payments for our coaching service. MoonClerk collects your name, credit card information and sometimes your address for the purpose of collecting monthly payments for our coaching service. The personal data is stored on Amazon Web Services servers located in the U.S. and is kept as long as necessary to provide its services or until you request its deletion, but even after you request its deletion MoonClerk may retain your information for longer periods for specific purposes to the extent that it is obliged or authorized to do so in accordance with applicable laws and regulations and/or as necessary to protect its legal rights or for certain business requirements. Stripe collects your name, credit card information and sometimes your address for the purpose of collecting monthly payments for our coaching service. Trainerize collects your name, e-mail address, mailing address, weight, age, height, body measurements, food allergies and injuries, for the purpose of our coaches being able to determine both your compliance and your physical abilities and nutritional habits in order to build a personalized health plan for you. The personal data is stored on Amazon Web Services servers located in the U.S. and is kept until they run a purge task to remove all deleted data. Typeform collects your name, e-mail address, weight, fitness goals, and questions about your goals and habits regarding health, for the purpose of being able to gather information from questionnaires in a simple to use tool. The personal data is retained for active accounts as long as it is necessary and relevant for its operations and may be retained for closed accounts to comply with the law.

TERMINATION OF CONSENT

You have the right, at any time, to withdraw your consent to the processing of your personal data. The withdrawal of your consent will not affect or invalidate the lawfulness of any data processing based upon your original consent that occurred prior to your withdrawal of that consent.

CORRECTION, AMENDMENT OR DELETION OF INFORMATION

You have the right, in certain situations, to have your personal data corrected, erased, to terminate the further dissemination of your personal data, or to have third parties cease processing your personal data. In the event that you desire to revoke your previously granted consent to our Website collecting any personal data, and/or wish to have such information corrected, amended or deleted, and/or to terminate the further dissemination of your personal data or to have third parties cease processing your personal data, you can do so by contacting us at: Jordan Bornstein, Born Fitness, LLC, P.O. Box 140087, Lakewood, CO 80214, [email protected].

RIGHT TO YOUR PERSONAL DATA

You are entitled to receive a copy of your personal data free of charge so long as your request is not manifestly unfounded or excessive. We must provide the requested information within one month of our receipt of your request, which time period can be extended by two additional months if necessary, so long as we inform you of the extension within one month of receiving your request and of the reasons for the delay.

RIGHT TO OBJECT TO PROFILING AND DIRECT MARKETING

To the extent that we may collect your personal data for the purposes of conducting profiling or direct marketing, you have the right to object to the processing of your personal data for those purposes. In the event that you object to processing for those purposes, we will no longer process your personal data for those purposes.

DATA PORTABILITY

You have the right to receive your personal data in a commonly used and machine-readable format and to have your personal data transmitted to another information technology environment if it is technically feasible to do so.

RESPONSE TO “DO NOT TRACK” REQUESTS

We do not respond to web browser “do not track” signals. As a result thereof, any navigation of our Website may be tracked as part of the gathering of quantitative user information described above. If you arrive at our Website through the use of a link originating from a third party site that responds to “do not track” requests, the recognition of any “do not track” request you may have initiated will end upon your reaching our Website.

NOTIFICATION OF DATA BREACH

In the event of a data breach that is likely to result in a risk to your rights and freedom, within 72 hours of our becoming aware of the breach we are required to report it to you and the appropriate authorities.

COMPLAINTS

You have the right to lodge a complaint with the appropriate supervisory authority (Data Protection Authority) of a member state of the EU that is your habitual residence, your place of work, or the place of the alleged infringement of your rights.

NOTICE

Born Fitness may change this privacy policy from time to time. Unless you are in the EU, all material changes to this policy are effective immediately upon its posting on this section of our Website. If you are in the EU, you will have to provide your consent to any such changes. We may also post these changes in the Terms of Use section of this Website and/or by sending an e-mail to users who have provided us their e-mail address for this notification purpose.