This notice clarifies how we collect, use, and disclose your personal information in compliance with the Protection of Personal Information Act (“POPIA”).
At Planet Fitness (including our website, planetfitness.co.za), we are committed to safeguarding your privacy and ensuring that your personal information is gathered and used appropriately, lawfully, and transparently.
Planet Fitness “Planet Fitness” – www.planetfitness.co.za
Information we collect
We collect and process your personal information primarily for the purpose of contacting you to understand your needs and provide services accordingly. For this purpose, we collect contact details, including your name and organisation.
We obtain information directly from you when you provide your personal details. Whenever possible, we will inform you of the required and optional information.
Website usage information may be gathered using “cookies,” which allows us to collect standard internet visitor usage data.
How we use your information
We use your personal information solely for the purposes for which it was collected and agreed upon with you. Additionally, we may retain your information for legal or user experience optimization purposes, enhancing your shopping experience at Planet Fitness.
To gather contact information.
To confirm and verify your identity for security.
For fraud prevention.
To conduct market research and analysis.
For audit and record-keeping.
In legal proceedings.
We may disclose your personal information to service providers involved in delivering products or services to you, ensuring their compliance with privacy requirements per POPIA.
We may also disclose your information:
When required by law or industry codes.
When necessary to protect our rights.
We are committed to securing your personal information against unauthorized access and use. We regularly review security controls and processes to maintain your data’s safety.
Our security policies cover:
Computer and network security.
Access to personal information.
Security in outsourced activities.
Data retention and disposal.
Acceptable use of personal information.
Governance and regulatory compliance.
Monitoring access and usage.
Responding to security incidents.
When we engage third parties, we impose security, privacy, and confidentiality obligations on them to ensure your information is protected.
Your rights: Access and correction
You have the right to request a copy of your personal information held by us. Please contact us with your details, and we’ll provide this information upon confirming your identity. Access may be subject to a legally allowable fee.
You also have the right to ask us to update, correct, or delete your personal information, keeping it accurate.
Definition of personal information
According to the Act, “personal information” means data related to an identifiable, living natural person, and applicable, an identifiable, existing juristic person. Additionally, we include the following as personal information:
All addresses (residential, postal, and email).
Change of name (requires relevant documentation).
Other applicable information as per the POPI Act.
For inquiries about this notice, further information about our privacy practices, consent withdrawal, preferences, or access to your personal information, please contact us through the provided numbers/addresses on our website.
The use of information from Health Connect complies with the Health Connect Permissions policy, including Limited Use requirements.
Planet Fitness (“The Company,” “we,” “us,” “our”) respects and acknowledges the importance of protecting your personal information.
Planet Fitness is a “responsible person” under the South African Protection of Personal Information Act, 2013 (“POPIA”) and a “controller” under the European Union General Data Protection Regulation (“EU GDPR”) 2016/679, determining the purpose and manner of processing personal information.
Planet Fitness does not provide services intended for children, and we do not knowingly collect personal information about children.
What personal information we collect
When you interact with us, you may provide or we may collect personal information from you, either by law or under contract terms. You can choose not to provide this information, but it may affect our ability to provide products or services or grant full website access.
We will only collect, use, store, and transfer the minimum personal information necessary for ordinary business purposes. Personal information we collect may include:
Personal Identifying Information (PII) like your name, email address, phone number, and contact details.
Payment Card Information (PCI), including cardholder data (name, primary account number, expiration date, and security code).
Sensitive Personal Identifying Information (Sensitive PII), such as identity numbers, bank account numbers, passport details, biometric data, healthcare information, medical insurance data, genetic information, student records, debit card numbers, driver’s license data, sexual orientation.
Log-in and account information for authentication.
Demographic data like gender, age, country, and preferred language.
Data on interactions between you, your device, and Planet Fitness, such as web pages visited, device information, connectivity, and configuration data.
We treat linked data as personal information if linked with the information you provide to us.
How we collect personal information
We collect personal information in various ways, including:
When you engage us for products and services.
When you create an account.
When processing orders and payments.
In response to inquiries and requests.
Through communications with our representatives.
Obtaining feedback about our products and services.
For administrative and business purposes.
When you register for events, workshops, and seminars.
Subscribing to mailing lists and newsletters.
Marketing our solutions and services.
Accessing and using our websites.
We may also collect personal information from third-party sources and third parties like public databases, business partners, and list enhancement services, as permitted by applicable law. When you use our website, technical data about your device, browsing actions, and patterns may be collected through cookies, server logs, and similar technologies.
Purposes for collecting and using personal information
We only use personal information when legally permitted. Most commonly, we collect and use it to:
Send you communications.
Establish, manage, and maintain business relationships.
Respond to inquiries and requests.
Develop, provide, and enhance services and products.
Obtain feedback on our services and solutions.
Provide a personalized experience.
Conduct administrative and business functions.
Update records and contact details.
Improve website functionality.
Compile website usage statistics.
Enable newsletter and mailing list subscriptions.
Register for events, workshops, and seminars.
Assess website performance.
Process and respond to privacy concerns, complaints, and legal obligations.
Change of purpose
We only use personal information for the purposes we collected it for, unless we believe there’s a compatible reason. If we intend to use personal information for a different purpose, we’ll notify you and explain the legal basis. We may process personal information without your knowledge or consent as required or permitted by law.
Sharing Your Personal Information
We may share your personal information for the purposes mentioned above with:
Business partners, vendors, or contractors providing requested services or facilitating transactions.
In connection with joint ventures, mergers, asset sales, consolidations, or acquisitions.
To comply with legal obligations, judicial proceedings, court orders, government orders, or to protect rights, property, safety, or as required by law.
With your consent.
Transfers across borders
We may need to process, transfer, and store your personal information in other countries for ordinary business purposes. These countries may not have the same level of protection as required by POPIA or GDPR. We’ll process your personal information with your consent, and we’ll ensure third parties adhere to our privacy principles and practices to protect your information as if processed by us.
Security of Your personal information
We’re committed to safeguarding your personal information from misuse, loss, unauthorized access, modification, or disclosure. We use physical, administrative, and technical safeguards, and we contractually require third parties to do the same.
While we make every effort to secure our websites, please note that the internet is not entirely secure. When you submit personal information online, be aware that we can’t guarantee its absolute security.
You can choose to receive marketing communications from us via email, social media, or phone. You may opt-out at any time by following the unsubscribe instructions in our marketing emails or emailing [email protected] with your details and the materials you no longer wish to receive. Even if you opt out, we may send administrative messages related to your ongoing use of our services.
We do not provide your personal information to unaffiliated third parties for direct marketing or commercial purposes.
You have various rights regarding your personal information, including:
Access: Request a copy of your personal information held by us.
Correction: Ask us to update or correct your personal information.
Erasure: Request deletion of your personal information, subject to specific legal exemptions.
Object: Object to processing based on legitimate interests or direct marketing.
Restriction: Request the suspension of processing in specific circumstances.
Portability: Receive your personal information in a structured, machine-readable format.
Withdraw consent: Withdraw your consent at any time.
No fee is typically required to exercise these rights unless the request is unfounded or excessive. We may request specific information to confirm your identity and expedite your request. We’ll respond to legitimate requests within 30 days, though complex requests may take longer.
Cookies and similar technologies
Enable sign-in and authentication.
Keep track of your provided information.
Enhance your browsing experience.
Store preferences and settings.
Analyse website performance.
Measure website traffic.
Determine visited website areas.
You can change your browser settings to stop accepting cookies, but this may affect website functionality. We recommend allowing cookies.
We operate through social media channels, pages, and accounts to engage with customers. We monitor and record comments and posts to improve our services. Please note that your personal information may be processed by the site owner, outside our control and potentially in a country with different privacy regulations.
We encourage feedback and ideas sent through social media but cannot guarantee action. Your feedback and suggestions are considered but not guaranteed for implementation.
Links to 3rd Party websites and applications
Our websites may contain links to third-party sites and applications. We do not control or endorse their privacy practices or content. Your use of such sites and apps is subject to their privacy statements.
Retention of personal information
We retain personal information only as long as necessary for the purposes it was collected, to comply with legal obligations, resolve disputes, protect assets, or enforce agreements.
For marketing and service notifications, we retain information until you notify us of your desire to no longer receive these notifications.
Retention criteria include legal requirements, ongoing business needs, and data accessibility. You may access and delete your personal information at any time. We generally retain personal information for a shorter period if automated deletion is not available.
For privacy inquiries, complaints, or concerns about how we handle your personal information, please contact our Information Officer at [email protected].
Validity and document management
This document was last updated on 22/12/2023 and is version 1.0.