Privacy and Security Policy
Effective date: November 3, 2018.
COLLECTION OF PERSONAL DATA
In order for us to be able to provide the services available on our Website, and to meet any of our related business obligations, you must provide the personal data that is required to do so. Without that data, we are not in a position to do so.
Security of all personal data of our users is a primary concern of ours. Thus, we have adopted reasonable security measures to protect the security of our users’ information. We use, where appropriate, industry standard encryption technology and computer server firewalls when transferring and receiving consumer data exchanged with this Website. Credit card information is sent directly to PayPal, MoonClerk and/or Stripe, which process the payments. We do not store any credit card information. Nevertheless, we cannot guarantee complete security of your information inasmuch as no security systems are foolproof. It is also important for you to protect against the unauthorized access to your information as well as to your computer.
PROMOTIONAL INFORMATION AND E-NEWSLETTERS
When you sign up to our Website, you agree to receive Born Fitness notifications and promotional e-mails as well as e-newsletters and other e-mail special offers. If you change your mind and no longer wish to receive our e-mails, you may opt out at any time simply by sending us an e-mail or by clicking on the unsubscribe link in the e-newsletter.
PROMOTIONS AND CONTESTS
We may, from time to time, host a promotion or contest on this Website that is sponsored or co-sponsored by a third party. In connection therewith, you may be asked to provide personal information or permit the transfer to a third party of your personal information. Born Fitness has no control over the third party’s use of this information. Depending on the situation, you will be informed as to who is collecting or transferring the information and whose privacy statement applies, and it will be your discretion as to whether or not you want to permit the collection or transfer of your personal information to a third party.
Born Fitness does not own or control any servers or databases. As a result, personal data is only stored on third-party servers, which act as data processors. Mailchimp collects your e-mail address and sometimes your first and last name for the purpose of building our e-mail list for marketing purposes. The personal data is stored on Mailchimp owned and operated servers located in the U.S. and is kept until you unsubscribe or ask for the data to be deleted. Sumo collects your e-mail address and sometimes your first and last name for the purpose of building our e-mail list for marketing services. The personal data is stored on Amazon Web Services servers and is kept until you unsubscribe or ask for the data to be deleted. PayPal collects your name, address, credit card information and/or PayPal account information for the purpose of collecting monthly payments for our coaching service. MoonClerk collects your name, credit card information and sometimes your address for the purpose of collecting monthly payments for our coaching service. The personal data is stored on Amazon Web Services servers located in the U.S. and is kept as long as necessary to provide its services or until you request its deletion, but even after you request its deletion MoonClerk may retain your information for longer periods for specific purposes to the extent that it is obliged or authorized to do so in accordance with applicable laws and regulations and/or as necessary to protect its legal rights or for certain business requirements. Stripe collects your name, credit card information and sometimes your address for the purpose of collecting monthly payments for our coaching service. Trainerize collects your name, e-mail address, mailing address, weight, age, height, body measurements, food allergies and injuries, for the purpose of our coaches being able to determine both your compliance and your physical abilities and nutritional habits in order to build a personalized health plan for you. The personal data is stored on Amazon Web Services servers located in the U.S. and is kept until they run a purge task to remove all deleted data. Typeform collects your name, e-mail address, weight, fitness goals, and questions about your goals and habits regarding health, for the purpose of being able to gather information from questionnaires in a simple to use tool. The personal data is retained for active accounts as long as it is necessary and relevant for its operations and may be retained for closed accounts to comply with the law.
TERMINATION OF CONSENT
You have the right, at any time, to withdraw your consent to the processing of your personal data. The withdrawal of your consent will not affect or invalidate the lawfulness of any data processing based upon your original consent that occurred prior to your withdrawal of that consent.
CORRECTION, AMENDMENT OR DELETION OF INFORMATION
You have the right, in certain situations, to have your personal data corrected, erased, to terminate the further dissemination of your personal data, or to have third parties cease processing your personal data. In the event that you desire to revoke your previously granted consent to our Website collecting any personal data, and/or wish to have such information corrected, amended or deleted, and/or to terminate the further dissemination of your personal data or to have third parties cease processing your personal data, you can do so by contacting us at: Jordan Bornstein, Born Fitness, LLC, P.O. Box 140087, Lakewood, CO 80214, [email protected].
RIGHT TO YOUR PERSONAL DATA
You are entitled to receive a copy of your personal data free of charge so long as your request is not manifestly unfounded or excessive. We must provide the requested information within one month of our receipt of your request, which time period can be extended by two additional months if necessary, so long as we inform you of the extension within one month of receiving your request and of the reasons for the delay.
RIGHT TO OBJECT TO PROFILING AND DIRECT MARKETING
To the extent that we may collect your personal data for the purposes of conducting profiling or direct marketing, you have the right to object to the processing of your personal data for those purposes. In the event that you object to processing for those purposes, we will no longer process your personal data for those purposes.
You have the right to receive your personal data in a commonly used and machine-readable format and to have your personal data transmitted to another information technology environment if it is technically feasible to do so.
RESPONSE TO “DO NOT TRACK” REQUESTS
We do not respond to web browser “do not track” signals. As a result thereof, any navigation of our Website may be tracked as part of the gathering of quantitative user information described above. If you arrive at our Website through the use of a link originating from a third party site that responds to “do not track” requests, the recognition of any “do not track” request you may have initiated will end upon your reaching our Website.
NOTIFICATION OF DATA BREACH
In the event of a data breach that is likely to result in a risk to your rights and freedom, within 72 hours of our becoming aware of the breach we are required to report it to you and the appropriate authorities.
You have the right to lodge a complaint with the appropriate supervisory authority (Data Protection Authority) of a member state of the EU that is your habitual residence, your place of work, or the place of the alleged infringement of your rights.