Privacy Policy for mygymhb.com
1. Introduction
At mygymhb.com, we are committed to protecting your personal data and upholding your privacy rights. We recognize that transparency, trust, and security form the cornerstone of a responsible digital ecosystem. This Privacy Policy is designed to inform you about how we process your personal data, the rights available to you under applicable data privacy laws, and the ways in which we uphold our responsibilities as a data controller under the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant privacy frameworks.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected, used, or processed on mygymhb.com and through any related services, communications, or transactions. In accordance with applicable laws, the data controller responsible for the processing of your personal data is:
MyGymHB
Website: mygymhb.com
Contact Email: [email protected]
By accessing mygymhb.com or submitting personal data to us, you confirm that you have read and understood this Privacy Policy.
3. Categories of Data Processed
We may collect and process the following categories of personal data, depending on your interactions with our services:
– Usage Data: Includes information about your browser type and version, IP address, geographical location, time zone setting, operating system and platform, browsing history, referral sources, site navigation paths, and interaction data such as page response times, download errors, and session durations.
– Account Data: Includes your name, postal and billing address, email address, telephone number, and login credentials, if you register or create an account with us.
– Profile Data: Includes your preferences, past purchases, exercise and fitness interests, browsing behaviors, and service usage history on mygymhb.com.
– Communication Data: Includes records of support requests, complaint submissions, contact form interactions, feedback provided, and any direct correspondence with our support or administrative teams.
– Technical Data: Includes details regarding the device used to access our website such as device type, operating system, screen resolution, and system configuration settings.
– Transaction Data: Includes payment details (excluding full payment card numbers, which are processed securely via our PCI-compliant payment provider), order details, delivery address, and purchase confirmations.
– Preference Data: Includes marketing preferences, survey responses, product and service interests, and opt-in or opt-out selections related to promotional communications.
4. Legal Bases for Processing
We rely on the following legal bases under GDPR and CCPA when processing your personal data:
– Consent: Where required by law or voluntarily provided by you, consent permits us to process your data for purposes such as personalized marketing and analytics.
– Contractual Necessity: Data processed in order to fulfill or enter into a contract with you, such as for account management, payment processing, delivering services, and customer support.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, provided such interests are not overridden by your rights and freedoms. Examples include improving service functionality, preventing fraud, and maintaining website integrity.
– Legal Obligation: Data required to comply with a legal or regulatory obligation, such as tax reporting or responding to lawful government requests.
5. Your Rights
Subject to applicable laws, you have the following rights regarding your personal data:
– Right of Access: You may request confirmation of whether we process your personal data and access to such data.
– Right to Rectification: You have the right to request correction of any inaccurate or incomplete personal information.
– Right to Erasure: You may request deletion of your personal data under certain circumstances (the “right to be forgotten”).
– Right to Restrict Processing: You can request that we restrict or temporarily suspend further processing of your data when you contest its accuracy or legality.
– Right to Data Portability: Where legally applicable, you may request transmission of your data in a structured, commonly used, and machine-readable format to you or another controller.
– Right to Object: You have the right to object to processing where we rely on legitimate interests or where your data is used for direct marketing purposes.
To exercise your rights, please contact us at [email protected]. We may request verification of your identity before fulfilling your request.
6. Security Measures
We implement a variety of robust technical and organizational measures to safeguard your personal data, including:
– AES-level encryption protocols for the secure storage and transmission of sensitive data.
– Access control restrictions ensuring only authorized personnel can access personal information.
– Routine backups and disaster recovery procedures ensuring data reliability and availability.
– Regular employee training on data protection principles and privacy requirements.
While no online platform can guarantee absolute security, we continually monitor industry standards to ensure our systems remain protected against unauthorized access, breach, or misuse.
7. International Data Transfers
We may transfer personal data to countries outside your legal jurisdiction, including jurisdictions that may not offer equivalent levels of data protection. Where such transfers occur, we ensure appropriate safeguards are in place, including:
– The use of Standard Contractual Clauses approved by the European Commission.
– Compliance with applicable adequacy decisions or regional data protection requirements.
– Ensuring our service providers offer sufficient guarantees under GDPR Article 46 or CCPA equivalent safeguards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and in compliance with applicable legal, accounting, or regulatory requirements:
– Account and Profile Data: Retained while the account is active and for up to 6 years post-termination for legal and tax purposes.
– Usage and Technical Data: Retained for up to 26 months for analytics and service improvement.
– Transaction Data: Retained for a minimum of 6 years per financial recordkeeping standards.
– Communication Data: Retained for 3 years for support reference and dispute resolution.
We securely erase or anonymize data once the applicable retention period has expired.
9. Cookie Policy
mygymhb.com uses cookies to enhance your experience and functionality. Cookies are categorized as:
– Essential Cookies: Necessary for enabling core website functionality, such as secure login and session management.
– Functional Cookies: Support user preferences, language settings, and layout customizations.
– Analytics Cookies: Provide insight into website usage and performance for service enhancement. For example, we use tools like Google Analytics with IP anonymization enabled.
– Performance Cookies: Support site responsiveness and error tracking.
10. Cookie Management & Compliance
Upon your initial visit, you are presented with a cookie banner allowing you to set your preferences in accordance with GDPR and CCPA standards. You may manage or withdraw consent at any time by adjusting your browser settings or using the cookie preference tool on mygymhb.com.
Under CCPA, residents of California have the right to opt out of the sale or sharing of their personal data. We do not sell your data to third parties without your explicit consent.
11. Protecting Children’s Privacy
mygymhb.com is not directed toward children under the age of 13, and we do not knowingly collect personal data from children without verified parental consent. If we become aware that we have inadvertently collected information from a child without such consent, we will take immediate steps to delete such data.
12. Policy Updates & Notifications
We may update this Privacy Policy from time to time to reflect changes in our practices or regulatory requirements. Material changes will be communicated via notices on our website, and your continued use of the site will constitute acknowledgment of the revised terms.
You are encouraged to check this policy regularly to stay informed of our data handling practices.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you may contact us via email at: [email protected].
We will consider and respond to all requests in accordance with applicable privacy laws.
We are committed to full compliance with applicable data protection laws including the GDPR and CCPA. Our users’ privacy is paramount, and we welcome any feedback or inquiries regarding our handling of personal data.
