Evolution Fitness
Privacy Policy



1. Introduction

Evolution Fitness Leicester is committed to protecting your privacy and ensuring the lawful, fair, and transparent processing of your personal data. This Privacy Policy explains how we collect, use, store, share, and protect your information when you visit our gym, sign up for membership, or interact with our services.
By accessing or using our services, you agree to the practices described in this policy.

2. Lawful Basis for Processing (Required under UK GDPR)

We process your personal data under the following lawful bases:

  • Contractual necessity: To provide you with membership services.

  • Legal obligation: For health and safety, accounting, or regulatory requirements.

  • Legitimate interests: For gym security, improving services, and preventing misuse of facilities.

  • Consent: For marketing communications or where you provide optional health information.

  • Vital interests: For emergency contact situations.

3. Information We Collect

We collect data you provide directly, as well as information generated through your use of our services.

Membership Information

  • Name, date of birth, address

  • Email address, phone number

  • Emergency contact details

Payment Information

  • Bank details for direct debit

  • Card details processed securely by third-party payment processors

  • Payment and billing history

Health & Fitness Information

  • Fitness goals

  • Relevant medical information for safe training

  • Progress tracking

Usage Data

  • Facility access times

  • Classes or sessions attended

  • Interactions with trainers or staff

CCTV Footage (Important GDPR Requirement)

We use CCTV for:

  • Safety and security

  • Crime prevention

  • Investigating incidents

CCTV does not record sound. Footage is stored securely and retained only for a limited period unless required for an investigation.

Children / Under-18 Data

We do not knowingly collect data on individuals under 16 without parental or guardian consent.

Website / Digital Services

If you use our website, app, or social media pages, we may collect:

  • IP addresses

  • Cookie data

  • Interaction statistics

  • Online contact form information

Cookies are used for website security, performance tracking, and improved user experience.

4. How We Use Your Information

Membership Services

  • Managing your membership

  • Processing payments

  • Allowing access to the gym

  • Booking classes and services

Communication

  • Sending membership updates

  • Gym notices and operational changes

  • Service announcements

  • Responding to enquiries

Health & Safety

  • Supporting safe exercise

  • Emergency contact procedures

Marketing

  • Promotions, offers, updates

  • Optional newsletters
    (You may opt out at any time.)

Security & Prevention

  • Monitoring facility use

  • Preventing misuse of memberships

  • Investigating complaints or incidents

5. Third-Party Direct Debit & Payment Providers

We use reputable, compliant third-party providers to:

  • Collect and process direct debit payments

  • Store payment details securely

  • Handle recurring billing

These providers operate under strict data protection regulations and cannot use your data for any purpose other than payment processing.

6. Sharing Your Information

We may share your information with:

Payment Processors

To manage billing.

IT & Service Providers

For systems such as:

  • Member management software

  • Marketing systems

  • Access control systems

Personal Trainers

If you choose to work with a trainer, relevant health or performance information may be shared with your consent.

Legal & Regulatory Bodies

Where required to comply with:

  • Law enforcement

  • Court orders

  • Health and safety regulations

We do not sell your personal data.

7. International Transfers

If any service provider stores data outside the UK (e.g., secure cloud hosting), we ensure:

  • Adequate safeguards

  • GDPR-compliant protection measures

  • Approved data transfer frameworks

8. Data Retention

We retain data only as long as necessary:

  • Membership data: retained while you are a member

  • Billing records: kept for required accounting periods

  • Health information: kept only while relevant

  • CCTV: retained for a limited period unless required for an investigation

  • Emails/messages: kept only as needed for operational reasons

After retention periods expire, your data is securely deleted or anonymised.

9. Data Security

We take strong measures to protect your information, including:

  • Secure encrypted systems

  • Restricted access controls

  • Staff training

  • Regular security reviews

However, no system is 100% secure and we cannot guarantee absolute security.

10. Your Rights Under UK GDPR

You have the right to:

  • Be informed about how your data is used

  • Access the data we hold about you

  • Request correction of incorrect data

  • Request deletion of your data (in certain circumstances)

  • Restrict processing

  • Object to processing based on legitimate interests

  • Withdraw consent at any time

  • Request data portability

  • Not be subject to automated decision-making or profiling

To exercise your rights, email us using the contact information below.

11. Complaints

You have the right to complain to the UK supervisory authority:

Information Commissioner’s Office (ICO)
Website: www.ico.org.uk
Tel: 0303 123 1113

We always encourage you to contact us first so we can resolve your concern quickly.

12. Updates to This Policy

We may update this Privacy Policy from time to time to reflect:

  • Changes in the law

  • Operational changes

  • New services

We will communicate significant updates via our website or email notifications.

13. Contact Us

If you have questions or concerns about data protection, contact:

Evolution Fitness Leicester
15 Mandervell Road
Leicester
LE2 5LQ

Email: evolutionfitnessleic@gmail.com