Privacy Policy | Trinoxel

1. Introduction

Trinoxel ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you use our services, visit our website, or engage with our fitness programmes.

This policy applies to all personal data we process about you, whether collected through our website, during consultations, through our fitness programmes, or via any other interactions with our organisation. We are committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services, you acknowledge that you have read and understood this privacy policy. If you do not agree with our practices, please do not use our services or provide us with your personal information.

2. Information We Collect

We collect and process various types of personal data to provide our services effectively and safely. The information we collect includes both data you provide directly and information collected automatically through your interactions with our services.

Personal Identification Information:

We collect basic identification details such as your full name, date of birth, contact telephone numbers, email address, and postal address. This information is essential for membership registration, communication, and emergency contact purposes.

Health and Medical Information:

To ensure your safety and provide appropriate fitness programmes, we collect relevant health information including medical history, current health conditions, medications, previous injuries, physical limitations, fitness goals, and emergency contact details. This information is collected through health questionnaires, fitness assessments, and consultation forms.

Fitness and Performance Data:

We track your fitness progress through various measurements including strength assessments, flexibility tests, balance evaluations, cardiovascular fitness markers, body composition measurements, and attendance records. This data helps us monitor your progress and adjust programmes accordingly.

Financial Information:

For membership and payment processing, we collect billing information including payment method details, membership type, payment history, and any relevant financial arrangements. Payment card details are processed securely through our certified payment processors and are not stored on our systems.

Technical Information:

When you visit our website, we automatically collect technical information including your IP address, browser type and version, device information, referring website, pages viewed, time spent on our site, and general geographic location. This information helps us improve our website functionality and user experience.

3. How We Use Your Information

We use your personal data for specific, legitimate purposes related to providing safe and effective fitness services. Our use of your information is always proportionate and limited to what is necessary for the stated purposes.

Service Provision:

We use your personal and health information to design personalised fitness programmes, conduct safety assessments, monitor your progress, provide expert guidance, schedule classes and consultations, and ensure appropriate exercise modifications based on your individual needs and capabilities.

Communication and Support:

Your contact information allows us to communicate important updates about your programmes, send appointment reminders, share relevant health and fitness information, respond to your inquiries, provide customer support, and maintain ongoing professional relationships.

Safety and Emergency Procedures:

Health information is crucial for ensuring your safety during exercise, identifying potential risks, implementing appropriate precautions, responding to medical emergencies, and coordinating with healthcare providers when necessary.

Quality Improvement:

We analyse aggregated, anonymised data to improve our programmes, develop new services, conduct research into effective fitness interventions for older adults, and maintain high standards of professional practice.

Legal and Regulatory Compliance:

We process your data to comply with legal obligations, maintain professional insurance requirements, meet health and safety regulations, respond to legitimate requests from authorities, and protect our legal rights and those of our members.

4. Data Sharing and Disclosure

We take your privacy seriously and do not sell, rent, or trade your personal information. We only share your data in specific, limited circumstances and always in accordance with applicable data protection laws.

Healthcare Professionals:

With your explicit consent, we may share relevant health and fitness information with your healthcare providers, physiotherapists, or other medical professionals to ensure coordinated care and appropriate exercise prescription.

Service Providers:

We work with carefully selected third-party service providers who assist with payment processing, website hosting, appointment scheduling, and communication tools. These providers are contractually bound to protect your data and use it only for specified purposes.

Emergency Situations:

In medical emergencies, we may share relevant health information with emergency services, medical professionals, or your designated emergency contacts to ensure you receive appropriate care.

Legal Requirements:

We may disclose personal information when required by law, legal process, or legitimate requests from government authorities. We will notify you of such disclosures unless legally prohibited from doing so.

5. Data Security and Protection

We implement comprehensive security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security practices are regularly reviewed and updated to address emerging threats and maintain the highest standards of data protection.

Physical security measures include secure storage of paper records in locked filing cabinets, restricted access to facilities, security monitoring systems, and proper disposal of sensitive documents. Digital security encompasses encrypted data transmission, secure password requirements, regular software updates, firewall protection, and restricted access controls based on job responsibilities.

All staff members receive regular training on data protection requirements, confidentiality obligations, and proper handling of sensitive information. We maintain incident response procedures to address any potential data breaches quickly and appropriately.

6. Your Rights and Choices

Under UK data protection law, you have several important rights regarding your personal data. We are committed to facilitating the exercise of these rights and will respond to your requests promptly and transparently.

You have the right to access your personal data and receive a copy of the information we hold about you. You can request correction of any inaccurate or incomplete personal data. You may request deletion of your personal data in certain circumstances, though this may affect our ability to provide services.

You have the right to restrict processing of your personal data in specific situations, object to processing based on legitimate interests, and receive your personal data in a structured, commonly used format for transfer to another service provider.

Where processing is based on consent, you may withdraw your consent at any time, though this will not affect the lawfulness of processing before withdrawal. You also have the right to lodge a complaint with the Information Commissioner's Office if you are unhappy with how we handle your personal data.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and protect our legitimate interests. Retention periods vary depending on the type of information and the purpose for which it was collected.

Health and fitness records are typically retained for seven years after your last interaction with our services, in line with professional guidelines for exercise and health professionals. Financial records are kept for six years to meet tax and accounting requirements.

Marketing communications preferences are maintained until you request removal or update your preferences. Website analytics data is typically retained for up to two years. When retention periods expire, we securely delete or anonymise your personal data.

8. Contact Information

If you have any questions about this privacy policy, wish to exercise your data protection rights, or have concerns about how we handle your personal information, please contact our Data Protection Officer using the following methods.

For all data protection inquiries, you may contact us in writing or by email. We will respond to your requests within one month, though complex requests may require additional time. We may need to verify your identity before processing certain requests to protect your privacy and security.

This privacy policy may be updated periodically to reflect changes in our practices, legal requirements, or service offerings. We will notify you of significant changes through our website or direct communication. The latest version will always be available on our website with the date of last update clearly indicated.