top of page

Privacy Policy for Ferg Fitness

 

Last Updated: 16.12.2024

 

1. Introduction

 

Ferg Fitness ("we," "our," or "us") is committed to protecting the privacy of our clients and website visitors. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in accordance with UK data protection law, including the UK GDPR and Data Protection Act 2018.

 

2. Information We Collect

 

2.1 Health and Special Category Data

We collect and process special category health-related data including:

- Physical health conditions and medical history

- Mental health information relevant to fitness

- Medications and supplements

- Previous injuries and rehabilitations

- Dietary requirements and allergies

- Biometric data including:

  - Body measurements

  - Body composition data

  - Heart rate and other vital statistics

  - Progress photographs

- Lifestyle factors affecting health:

  - Sleep patterns

  - Stress levels

  - Activity levels

  - Occupation-related physical demands

 

We process this sensitive data only with your consent and maintain enhanced security measures to protect it.

 

2.2 Other Personal Information

We collect:

- Name and contact information

- Date of birth and age

- Gender

- Emergency contact details

- Payment information

- Account login details

- Communications preferences

 

2.3 Automatically Collected Information

When you visit our website or use our services, we automatically collect:

- Device information

- Usage data

- Location data (if permitted)

- Cookies and similar technologies

 

3. Legal Bases for Processing

 

Under UK data protection law, we rely on the following legal bases:

- Explicit Consent: For processing health and special category data

- Contract Performance: To deliver our fitness coaching services

- Legal Obligation: To comply with UK law

- Legitimate Interests: For business improvement and communication

- Vital Interests: In case of medical emergencies

 

4. Health Data Processing

 

4.1 Collection and Use

We collect health data to:

- Create personalised fitness programmes

- Monitor progress safely

- Adapt programmes based on health changes

- Prevent injury

- Coordinate with other health professionals (with your consent only)

 

4.2 Storage and Security

Health data receives enhanced protection through:

- End-to-end encryption

- Access limited to Ferg Fitness staff

- Regular security audits

- Separate secure storage from other personal data

- Immediate deletion when no longer needed

 

4.3 Sharing Health Data

We share health data only:

- With explicit consent

- With medical professionals in emergencies

- When legally required

- With named emergency contacts if needed

 

5. International Data Processing

 

While we primarily operate in the UK, some data may be processed internationally:

 

5.1 UK to EEA Transfers

Data transfers to the EEA are covered by UK adequacy regulations.

 

5.2 UK to Non-EEA Transfers

For transfers outside the UK/EEA, we ensure protection through:

- UK International Data Transfer Agreements (IDTAs)

- UK Addendum to EU Standard Contractual Clauses

- Adequacy regulations

- Binding corporate rules

 

6. Your Rights Under UK Data Protection Law

 

You have the right to:

- Access your data (Subject Access Request)

- Correct inaccurate data

- Erasure ('right to be forgotten')

- Restrict processing

- Data portability

- Object to processing

- Withdraw consent

 

We will respond to all requests within one calendar month.

 

7. Data Retention

 

We retain data for:

- Active clients: Duration of service plus 2 years

- Health data: 1 year after service ends (unless longer retention is required)

- Financial records: 6 years (as required by UK tax law)

- Marketing data: Until consent withdrawal

 

8. Security Measures

 

We protect your data through:

- UK data center hosting

- NHS-grade encryption standards

- Regular penetration testing

- Staff data protection training

- Access controls

- Incident response procedures

 

9. Cookies and Tracking

 

We follow UK cookie law requirements:

- Essential cookies: No consent required

- Analytics/Marketing cookies: Explicit consent required

- Cookie banner with 'reject all' option

- Detailed cookie preference center

 

10. Changes to Privacy Policy

 

We will notify you of material changes via email 30 days in advance.

 

11. Contact Information

 

Fergus Jenkins

Email: fergfitnessinfo@gmail.com

​

bottom of page