Privacy and GDPR
We respect your privacy
Information about our processing of information about you should be clear and easily accessible so that you have the opportunity to have a good understanding of how we use this information. You can find all the information we store about you in the member portal at energyfitness.no/medlemsportal .
This privacy policy applies to
For you as an individual: When ENERGY Fitness Club AS is the data controller for your personal data. You use ENERGY Fitness Club AS's services, where we determine: The purpose of processing personal data, as well as which methods, tools and/or security mechanisms to use.
This privacy policy does not apply
When parties other than ENERGY Fitness Club AS are the data controller, even if you access the data controller's services through the use of ENERGY Fitness Club AS's services.
Basic principles
- ENERGY Fitness Club AS shall be open and clear about how we process your personal data.
- Your personal data shall only be processed for legitimate purposes and will be deleted or anonymized when we no longer have a basis for processing it.
- You shall receive information about your privacy rights and receive assistance in exercising your rights.
- ENERGY Fitness Club AS shall ensure that your personal data is adequately protected, regardless of where in the world it is processed.
- ENERGY Fitness Club AS shall build good privacy into our services when the services are designed and developed.
When do we process information about you?
ENERGY Fitness processes personal data about you when:
- It is necessary to deliver agreed goods/services to you.
- It is necessary to improve our customer care to give you better user experiences.
- This is necessary to ensure information security.
- It is necessary to develop and market our services.
- You have given your consent to the processing of information about you.
- It is necessary for the sake of our fulfillment of statutory requirements.
Information that is normally processed
What information is processed depends on which services you have entered into an agreement for delivery of, or which you actually use. The following information may be processed:
- Your name, telephone number, email address, postal address, date of birth and gender in connection with you registering as a customer or user of our services.
- Username and password for access to our services.
- Payment information such as your creditworthiness and other relevant bank and account information.
- Information about your customer account and our communication with you.
Note: ENERGY Fitness does not store credit card information. All credit card information is stored by our payment service provider. Here, the information is stored securely and all communication with the provider is encrypted. For access purposes, only parts of the credit card number are stored, not the whole, and this is also stored encrypted. All communication with an SSL certificate (https) on all our pages ensures security.
Purpose of processing personal data
- Identify you as a customer, user and/or payer
- Deliver agreed goods/services
- Improve and develop the services
- Manage your customer account
- Provide and improve our customer service
- Perform credit checks
- Communicate with you
- Invoice and collect outstanding amounts
- Complaint handling
- Research
- Create customer/user profiles to offer personalized content, products and services
- Provide you with information about products and services based on your preferences and interests
- Marketing
Information collected from external sources
External sources may include companies or organizations that provide payment and shipping services, advertising/ad networks, analytics companies. Information we receive may include:
- Credit information and credit ratings and decisions
- Information we need to authenticate you
- Other information, such as demographic information and information to provide you with tailored services
Who do we share the information with?
- Acquirer for payment services, collection agencies and credit information
- Companies we have entered into agreements with that carry out assignments on our behalf
- Others with whom you have given your consent for us to share information, e.g. accountant/agency
- Possible partners in the event of a sale, purchase, merger or other reorganization of the company
- Public authorities
Where is your data processed?
We use Norwegian and foreign partners and ensure that data is only transferred if the recipients have committed to satisfactory privacy and security mechanisms. When transferring and processing data to data processors who perform tasks on our behalf, we enter into a data processing agreement. Transfers outside the EU/EEA are made using the EU standard data processing agreement.
How do we protect your information?
The information is secured through physical, technical and administrative methods and mechanisms, including encryption via TLS/SSL and strict requirements for our personnel. Privacy and data protection are built into the development of our services, with privacy analyses to identify and limit risks.
How long do we process your information?
We process your information for as long as is necessary to achieve the purpose of the processing. The information will then be deleted, unless we are required by law to retain it.
Your rights
- Information: You should have clear and easily accessible information about how we process your information.
- Access: You can get an overview of the information we process about you by logging into the member portal. Here you can also correct your information.
- Deletion: You can request that we delete information when you no longer have a customer relationship or withdraw consent.
- Restriction: You can request that we not delete information if you need it to establish, exercise or defend legal claims.
Processing of information about children
Children are defined as persons under the age of 18. Children over the age of 15 may consent to the processing of non-sensitive information. ENERGY Fitness has an age limit of 16 and does not store information about persons under the age of 15. Members under the age of 18 may consent themselves depending on activity and privacy risk.
Changes
The statement will be reviewed annually to ensure that necessary updates and changes are incorporated.