Who we are

Our website address is:

https://www.fitliz.co.uk.

Owner and Data Controller

FitLiz Personal Training
Amherst Lodge
Ide Hill
Nr Sevenoaks
Kent
TN14 6JG

Owner contact email: info@fitliz.co.uk

What personal data we collect and why we collect it

Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact Formats
Contact form (FitLiz)
By filling in the contact form with their Data, the User authorizes FitLiz to use these details to reply to requests for information, quotes or any other kind of request as indicated by the form’s header.
Personal Data collected: email address, first name and last name.

Mailing list or newsletter (FitLiz)
By registering on the mailing list or for the newsletter, the User’s email address will be added to the contact list of those who may receive email messages containing information of commercial or promotional nature concerning FitLiz. Your email address might also be added to this list as a result of signing up to FitLiz or after making a purchase.
Personal Data collected: email address, first name and last name.

Phone contact (FitLiz)
Users that provided their phone number might be contacted for commercial or promotional purposes related to FitLiz, as well as for fulfilling support requests.
Personal Data collected: phone number.

Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Further details on our cookie policy can be see here – Click here

Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics
Who we share your data with
FitLiz uses an internal analytics system that does not involve third parties.
Personal Data collected: Cookies and Usage Data.

Display Advertising extension for Google Analytics (Google Inc.)
Google Analytics on FitLiz might use Google’s Interest-based advertising, 3rd-party audience data and information from the DoubleClick Cookie to extend analytics with demographics, interests and ads interaction data.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

Facebook Ads conversion tracking (Facebook, Inc.)
Facebook Ads conversion tracking is an analytics service provided by Facebook, Inc. that connects data from the Facebook advertising network with actions performed on FitLiz.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Facebook Analytics for Apps (Facebook, Inc.)
Facebook Analytics for Apps is an analytics service provided by Facebook, Inc.
Personal Data collected: Usage Data and various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Google Ads conversion tracking (Google Inc.)
Google Ads conversion tracking is an analytics service provided by Google Inc. that connects data from the Google Ads advertising network with actions performed on FitLiz.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilises the Data collected to track and examine the use of FitLiz, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualise and personalise the ads of its own advertising network.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

WordPress Stats (Automattic Inc.)
WordPress Stats is an analytics service provided by Automattic Inc.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.

How long we retain your data
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

Therefore:

Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfil such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

What rights you have over your data
The rights of Users
Users may exercise certain rights regarding their Data processed by the Owner.

In particular, Users have the right to do the following:

Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.
Details about the right to object to processing
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.

Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn, whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.

How to exercise these rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.

Where we send your data
Visitor comments may be checked through an automated spam detection service.

Backup saving and management
This type of service allows the Owner to save and manage backups of FitLiz on external servers managed by the service provider itself. The backups may include the source code and content as well as the data that the User provides to FitLiz.

Backup on Dropbox (Dropbox, Inc.)
Dropbox is a service to save and manage backups provided by Dropbox Inc.
Personal Data collected: various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Data transfer outside the EU
The Owner is allowed to transfer Personal Data collected within the EU to third countries (i.e. any country not part of the EU) only pursuant to a specific legal basis. Any such Data transfer is based on one of the legal bases described below.
Users can inquire with the Owner to learn which legal basis applies to which specific service.

Data transfer abroad based on consent (FitLiz)
If this is the legal basis, Personal Data of Users shall be transferred from the EU to third countries only if the User has explicitly consented to such transfer, after having been informed of the possible risks due to the absence of an adequacy decision and appropriate safeguards.
In such cases, the Owner shall inform Users appropriately and collect their explicit consent via FitLiz.
Personal Data collected: various types of Data.

Data transfer abroad based on standard contractual clauses (FitLiz)
If this is the legal basis, the transfer of Personal Data from the EU to third countries is carried out by the Owner according to “standard contractual clauses” provided by the European Commission.
This means that Data recipients have committed to process Personal Data in compliance with the data protection standards set forth by EU data protection legislation. For further information, Users are requested to contact the Owner through the contact details provided in the present document.
Personal Data collected: various types of Data.

Data transfer from the EU and/or Switzerland to the U.S based on Privacy Shield (FitLiz)
If this is the legal basis, the transfer of Personal Data from the EU or Switzerland to the US is carried out according to the EU – U.S. and Swiss – U.S. Privacy Shield.
In particular, Personal Data is transferred to services that self-certify under the Privacy Shield framework and therefore guarantee an adequate level of protection of such transferred Data. All services are listed within the relevant section of this document and those that adhere to Privacy Shield can be singled out by checking their privacy policy and possibly also by specifically checking for Privacy Shield adherence in the official Privacy Shield List. Privacy Shield also specifically guarantees rights to Users which can be found in its most current form on the website run by the US Department of Commerce.
Personal Data may be transferred from within the EU or Switzerland to the U.S. to services that are not, or not anymore, part of Privacy Shield, only based on other valid legal grounds. Users can ask the Owner to learn about such legal grounds.
Personal Data collected: various types of Data.

Data transfer to countries that guarantee European standards (FitLiz)
If this is the legal basis, the transfer of Personal Data from the EU to third countries is carried out according to an adequacy decision of the European Commission.
The European Commission adopts adequacy decisions for specific countries whenever it considers that country to possess and provide Personal Data protection standards comparable to those set forth by EU data protection legislation. Users can find an updated list of all adequacy decisions issued on the European Commission’s website.
Personal Data collected: various types of Data.

Other legal basis for Data transfer abroad (FitLiz)
If no other legal basis applies, Personal Data shall be transferred from the EU to third countries only if at least one of the following conditions is met:
the transfer is necessary for the performance of a contract between the User and the Owner or of pre-contractual measures taken at the User’s request;
the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the User between the Owner and another natural or legal person;
the transfer is necessary for important reasons of public interest;
the transfer is necessary for establishment, exercise or defence of legal claims;
the transfer is necessary in order to protect the vital interests of the data subject or of other persons, where the data subject is physically or legally incapable of giving consent. In such cases, the Owner shall inform the User about the legal bases the transfer is based on via FitLiz.
Personal Data collected: various types of Data.

Displaying content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of FitLiz and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.

Fonts.com Web Fonts (Monotype Imaging Holdings Inc.)
Fonts.com Web Fonts is a typeface visualisation service provided by Monotype Imaging Holdings Inc. that allows FitLiz to incorporate content of this kind on its pages.
Personal Data collected: Usage Data and various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy.

Google Fonts (Google Inc.)
Google Fonts is a typeface visualisation service provided by Google Inc. that allows FitLiz to incorporate content of this kind on its pages.
Personal Data collected: Usage Data and various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Google Maps widget (Google Inc.)
Google Maps is a maps visualisation service provided by Google Inc. that allows FitLiz to incorporate content of this kind on its pages.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Google Site Search (Google Inc.)
Google Site Search is a search engine embedding service provided by Google Inc. that allows FitLiz to incorporate content of this kind on its pages.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Instagram widget (Instagram, Inc.)
Instagram is an image visualisation service provided by Instagram, Inc. that allows FitLiz to incorporate content of this kind on its pages.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.

Interaction with data collection platforms and other third parties
This type of service allows Users to interact with data collection platforms or other services directly from the pages of FitLiz for the purpose of saving and reusing data.
If one of these services is installed, it may collect browsing and Usage Data in the pages where it is installed, even if the Users do not actively use the service.

MailChimp widget (The Rocket Science Group, LLC.)
The MailChimp widget is a service for interacting with the MailChimp email address management and message sending service provided by The Rocket Science Group LLC.
Personal Data collected: email address, first name and last name.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Interaction with external social networks and platforms
This type of service allows interaction with social networks or other external platforms directly from the pages of FitLiz.
The interaction and information obtained through FitLiz are always subject to the User’s privacy settings for each social network.
This type of service might still collect traffic data for the pages where the service is installed, even when Users do not use it.

Facebook Like button and social widgets (Facebook, Inc.)
The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Facebook, Inc.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

LinkedIn button and social widgets (LinkedIn Corporation)
The LinkedIn button and social widgets are services allowing interaction with the LinkedIn social network provided by LinkedIn Corporation.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.

Twitter Tweet button and social widgets (Twitter, Inc.)
The Twitter Tweet button and social widgets are services allowing interaction with the Twitter social network provided by Twitter, Inc.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

YouTube button and social widgets (Google Inc.)
The YouTube button and social widgets are services allowing interaction with the YouTube social network provided by Google Inc.
Personal Data collected: Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

PayPal button and widgets (PayPal Inc.)
The PayPal button and widgets are services allowing interaction with the PayPal platform provided by PayPal Inc.
Personal Data collected: Cookies and Usage Data.

Place of processing: See the PayPal privacy policy – Privacy Policy.

SPAM protection
This type of service analyses the traffic of FitLiz, potentially containing Users’ Personal Data, with the purpose of filtering it from parts of traffic, messages and content that are recognised as SPAM.

Akismet (Automattic Inc.)
Akismet is a SPAM protection service provided by Automattic Inc.
Personal Data collected: various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy.

Google reCAPTCHA (Google Inc.)
Google reCAPTCHA is a SPAM protection service provided by Google Inc.
The use of reCAPTCHA is subject to the Google privacy policy and terms of use.
Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.

How “Do Not Track” requests are handled
FitLiz does not support “Do Not Track” requests.
To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.

Changes to this privacy policy
The Owner reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page and possibly within FitLiz and/or – as far as technically and legally feasible – sending a notice to Users via any contact information available to the Owner. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.

Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.