Sonoma Fitness Privacy Statement and Website Terms of Use

This Privacy Statement was published May 3, 2018.

In we are committed to protect and respect your privacy for information collected by or through our website in compliance with EU- General Data Protection Regulation (GDPR) 2016/679, dated April 27th 2016. This privacy statement explains when and why we collect personal information from our website, how we use it, the conditions under which we may disclose it to others and how we keep it secure. This Privacy Statement applies only to the use of our website.

Who are we?

Sonoma Fitness is a fitness facility. Our company headquarters are located in Sonoma, CA. Sonoma Fitness is the data controller and our Data Protection Officer can be contacted by email ([email protected]). When do we collect personal data about you?

  • When you interact with us in person, through correspondence, by phone, by social media, or through our websites.
  • Occasionally by accessing social media or third-party providers of information.

Why do we collect and use personal data?

Our main objective when obtaining personal data is to assist us in handling your inquiries. We also collect data about suppliers, partners and persons seeking a job or working in our company. We may use your information for the following purposes:

  • Send you marketing communications about our company and the services we provide. These may include information about our services, events, activities.
  • Reply to a ‘Contact me’ or other web forms you have completed on one of our Sonoma Fitness websites.
  • Follow up on incoming requests (customer support, emails, texts, or phone calls).
  • Notify you about any disruptions to our services (system messages).
  • Contact you to conduct surveys about your opinion on our products and services.
  • Process a job application.

Our legal basis for collecting personal data

Collecting personal data based on consents

We may collect personal data about you from time to time by obtaining your explicit consent. By visiting our website, you consent to the collection and use of your personal data. If you do not agree with the terms set out herein, please do not visit our website.

Collecting personal data based on contracts

We use personal information for fulfilling our obligations related to contracts and agreements with customers, partners and suppliers.

What type of personal data is collected?

We collect name, phone number, email address, street address and other applicable information. We may also collect feedback, comments and questions received from you in service-related communication and activities. From our websites we may collect IP-address and actions taken on the site. If you upload photos or videos, add posts or comments, etc. on our social media, the information can be read by anyone with access to the platform and used for purposes over which Sonoma Fitness or you have no control. Therefore, Sonoma Fitness is not responsible for any information you submit to social media.

If you apply for a job at Sonoma Fitness, we collect the data you provide during the application process.

Sonoma Fitness does not collect or process any special categories of personal data, such as public unique identifiers or sensitive personal data.

How long do we keep your personal data?

We store personal data for as long as we find it necessary to fulfill the purpose for which the personal data was collected, while also considering our need to answer your queries or resolve possible problems, to comply with legal requirements under applicable laws, to attend to any legal claims/complaints, and for safeguarding purposes.

This means that we may retain your personal data for a reasonable period of time after your last interaction with us. When the personal data that we have collected is no longer required, we will delete it in a secure manner. We may
process data for statistical purposes, but in such cases, data will be anonymized.

Your rights to your personal data

You have the following rights with respect to your personal data:

  • The right to request a copy of your personal data that Sonoma Fitness holds about you.
  • The right to request that Sonoma Fitness corrects your personal data if inaccurate or out of date.
  • The right to request that your personal data is deleted when it is no longer reasonably necessary for Sonoma Fitness to retain such data.
  • The right to withdraw any consent to personal data processing at any time.
  • The right to request that Sonoma Fitness provides you with your personal data and, if possible, to pass on this information directly (in a portable format) to another data controller when the processing is based on consent or contract.
  • The right to request a restriction on further data processing, in case there is a dispute in relation to the accuracy or processing of your personal data.
  • The right to object to the processing of personal data, in case data processing has been based on legitimate interest and/or direct marketing. Any query about your Privacy Rights should be sent to [email protected]

The use of cookies and beacons

We use cookies and web beacons (‘Website Navigational Information’) to collect information as you navigate the company’s websites.

Website Navigational

Information includes standard information from your web browser, such as browser type and browser language; your Internet Protocol (“IP”) address; and the actions you take on the company’s websites, such as the web pages viewed and the links clicked.

This information is used to make websites work more efficiently, as well as to provide business and marketing information to the owners of the site, and to gather such personal data as browser type and operating system, referring page, path through site, domain of ISP, etc. for the purposes of understanding how visitors use a website. Cookies and similar technologies help us tailor our website to your personal needs, as well as to detect and prevent security threats and abuse. If used alone, cookies and web beacons do not personally identify you.

Do we share your data with anyone?

We do not share, sell, rent, or trade your information with any third parties without your consent, except from what is described below:

Third-party Service Providers working on our behalf:

We may pass your information on to our distributors, agents, sub-contractors and other associated organizations with the purpose of them providing services to you on our behalf.

Third-party Product Providers we work in association with:

We work closely with various third-party product providers to bring you a range of products and services designed to meet your needs. When you inquire about or purchase one or more of our products or services, the relevant third-party product provider will use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them. In some cases, our third-party product providers will be acting as data processors of your information and, therefore, we advise you to read their Privacy Policy and sign a Data Processing Agreement. These third-party product providers will share your information with us, which we will use in accordance with this Privacy Statement. Our third-party providers include but are not limited to Black Sheep Marketing, Go Daddy, Wix, and/or Google Analytics.

If required by law:

We will disclose your personal information if required by law or if we, as a company, reasonably believe that disclosure is necessary to protect our company’s rights and/or to comply with a judicial proceeding, court order or legal process. However, we will do what we can to ensure that your privacy rights continue to be protected. Note that litigation often requires the disclosure of personal data.

Use of sub-contractors (processors and subprocessors)

We may use sub-contractors to process personal data on our behalf, we are responsible for making sure they commit themselves to adhere to this Privacy Policy and applicable data protection legislation by signing a Data Processing Agreement. If the sub-contractor processes Personal Data outside the US/EU/EEA area, such processing must be in accordance with the US Standards, the EU Privacy Shield Framework, EU Standard Contractual Clauses for transfer to third countries, or another specifically stated lawful basis for the transfer of personal data to a third country.

If a new sub-contractor is signed or a change of sub-contractor is performed related to our CRM Online service, the customers will be notified in line with our Terms of Service.