Privacy Policy

In this privacy policy, “GYMBOX” means Sparring Partners Ltd, whose registered office is at Unit 7, 38 New Kent Road, London, SE1 6TJ. GYMBOX believe in transparency, and are committed to being upfront about privacy practices, including how your personal information is treated. GYMBOX have undertaken an extensive exercise to ensure ongoing compliance with the European Union General Data Protection Regulation (EU GPDR). GYMBOX have ensured all current business processes and procedures are in line with the GDPR rights and principles and any new processes involving personal information that are implemented will be thoroughly reviewed through a Data Protection Impact Assessment (DPIA) prior to proceeding. All company data protection procedures and policies are reviewed on an annual basis to ensure compliance.

This Privacy Policy sets out the data processing practices carried out through the use of the Internet and any other electronic communication networks by GYMBOX, as well as describing the types of personal information that GYMBOX may collect about you and the purposes for which this information is used.

1. Accepting the Privacy Policy
2. Information Collected or Received
3. How and why GYMBOX use your Personal Information
4. Communication from GYMBOX
5. Sharing your Information
6. Keeping your Information Secure
7. GYMBOX Retention Policies
8. Staying in Control - Your Rights
9. Privacy Policy Changes
10. Contact

1. Accepting the Privacy Policy

GYMBOX need to process your personal information to run their business and provide you with their services. Upon visiting GYMBOX in Club, contacting GYMBOX by the phone, or visiting GYMBOX website(s), you are accepting and consenting to the practices described in this Privacy Policy.

GYMBOX are based in the UK, however process personal information both within the UK/EEA and outside. Any personal information held by either GYMBOX or the designated third parties comply with relevant EU GDPR legislations. Third parties which process personal information outside the UK/EEA on behalf of GYMBOX have a recognised equivalent legislation in place such as the US Privacy Shield, or a set of GDPR compliant Binding Corporate Rules (BCR).

2. Information Collected or Received

GYMBOX collect and/or receive personal information from Club and Online users, Staff and Suppliers/Sub-contractors to run their business and provide you with their services. This personal information may include the following: name, date of birth, email address, contact number, company name, bank details and credit card details.

GYMBOX also collect and have access to the following information:

Sensitive Information: The term "sensitive information" in this context refers to information related to your racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership. Whilst GYMBOX do not generally collect sensitive information unless it is volunteered by you, GYMBOX do have a legal requirement to collect health data for the purpose of recording your self-assessment declaring readiness for physical exercise.

Photographs and Identification: In the interests of security and the prevention of crime, GYMBOX may take a digital photograph of each Member or guest. Each Member or guest may also be required to provide a form of identification for verification and security purposes.

Audio-Video: GYMBOX use CCTV in all Clubs for health and security reasons. If you have any queries in relation to the use of CCTV operating in and around the clubs please contact [email protected]. GYMBOX have a business legitimate interest to monitor service standards in Club. GYMBOX utilise mystery shopper services in which Club users may appear in the background however are never directly filmed. This footage is only used for the purposes of internal monitoring and training of GYMBOX staff.

Digital: When visiting GYMBOX website(s) or GYMBOX Partner websites/apps (Gympass/Classpass/Archon), your personal information may be collected, stored and used such as traffic data, location data, web logs, communication data and resources that you access, as well as other personal information detailed above. If you connect to GYMBOX or register for a tour of GYMBOX using an external third-party application, such as (but not limited to) Facebook, Instagram, Twitter, Archon, Eventbrite, these websites will have their own privacy statement which GYMBOX suggest that you read before giving them your personal information. Connecting to GYMBOX via a third-party application or service is optional and at your own discretion.

GYMBOX will only collect the relevant information required for the purposes of processing and will not use this information for any other purpose without obtaining consent.

3. How and why GYMBOX use your Personal Information

The information in the above, section 2, may be used for the following purposes:

- To carry out To carry out GYMBOX’s obligations arising from any contractual agreement;
- To contact you about non-contract aspects of your Membership, such as a change in usage patterns;
- To provide you with the information on products or services you request;
- To process payments and maintain accounts and records;
- To prevent crime, fraud and aid in the prosecution of offenders;
- To maintain Membership records;
- To improve the GYMBOX platform;
- To prevent or detect abuses of the GYMBOX website;
- To create business performance statistics and analysis;
- To enable third parties to carry out technical, logistical, research or other functions on behalf of GYMBOX;
- To send you newsletters and promotions, prize draws, and competitions;
- To conduct surveys and request feedback;
- To notify you about urgent comms such as a sudden closure of a Club;
- To notify you about changes to GYMBOX Services, Terms and Conditions, Privacy Policy and Club rules;
- To process your job application if you apply for employment at GYMBOX;
- To collect information about your tastes and preferences, both when you tell us and by analysis of customer traffic, including using "cookies";
- To read and respond to comments made regarding GYMBOX services.

Other than as set out in this Privacy Policy GYMBOX will not use your personal information for any other purpose without your consent, unless required to do so by law.

4. Communcation from GYMBOX

On occasion, GYMBOX may need to contact you. Primarily, these messages are delivered by email, text or phone, and every individual’s record is required to keep a valid email address and contact number on file to receive these messages.

In response to enquiries and when communicating with Members, GYMBOX believe that the content is relevant, valuable, interesting and beneficial to you. GYMBOX also believe that you would reasonably expect to receive the type of content that is sent to you as part of your relationship with GYMBOX. Therefore, GYMBOX’s current assessment is that the communication you receive is covered by the lawful basis for processing of ‘Legitimate Interest’ under recital 47 within the GPDR. For all communication sent under the basis of legitimate interest, opt-out options are provided and detailed later within this section.

For all communication where consent is the only legal basis, preferences will be collected in advance.

GYMBOX recognise that you value having control over your own information, so GYMBOX gives you the choice of editing your communication preferences if you disagree with the above. For GYMBOX Members and Ex Members you may update these preferences by logging into the Members area through the login page of the website, (www.gymbox.com). Alternatively you may email [email protected] with your request.

Please note the following messages from GYMBOX fall into the category of compulsory communication and therefore no opt-out options are available:

- Urgent Communication (such as, unplanned closure of all or part of a Club, reduced services, a change of opening times)

- Automatic Class Booking communication (such as, booking confirmation, waiting list movement, cancellations)

- Contract and Subscription related communication (such as, welcome emails, outstanding arrears, upcoming renewals, communication with the GYMBOX Member Services Support Team).

You may receive communication from GYMBOX via the following communication systems, all of which offer an opt-out service. Please note you must opt-out of each individual communication system should you wish to exercise that right;

Direct email communication from GYMBOX staff via Outlook: To opt out you can do either of the following, log into the members area on the website to update your communication preferences within the My Profile section. You can also request this specifically to [email protected]

Texts via CM.com: To opt-out please follow the instructions within the text you receive.

Email communication via SendinBlue: To opt-out please use the unsubscribe link within the email you receive and/or update your communication preferences within the My Profile section of our website. You can also request this specifically to [email protected]

Email communication via UScreen; To opt-out please do so by logging into the Gymbox Uscreen platform and going into your Account details to update your preferences.

Email communication via TrustPilot; To opt-out please use the unsubscribe link within the email you receive and/or update your communication preferences within the My Profile section of our website. You can also request this specifically to [email protected]

5. Sharing your Information

Information about GYMBOX Club users is an important part to the business and GYMBOX do not sell it to others. GYMBOX shares member information only as described in this Privacy Policy.

GYMBOX have business partners and employ other companies and individuals to perform certain functions on GYMBOX behalf. Examples include managing our Membership database, sending texts, e-mails, analysing data, providing marketing assistance, providing personal training and providing debt collection assistance. Third party service providers only have access to the personal information relevant for performing their functions, but will not use it for other purposes. Additionally, they must process the personal information in accordance with this Privacy Policy and as permitted under the EU GDPR. GYMBOX will only disclose personal information to reputable companies and suppliers who process data on GYMBOX behalf.

Enquiries through GYMBOX website(s): GYMBOX capture data through GYMBOX website(s) hosted by third parties (fortyeight.one, GiftPro). These can be for purchasing a giftcard, booking a tour online, joining online, referring a friend online, PT enquiries online, corporate enquiries online. GYMBOX manage member services requests via their website through a third party (Zendesk). This process is in place in order for our member services team to respond to and action any query that is submitted through this avenue on the GYMBOX website.

GYMBOX also capture data through the Out the Box platform which is hosted by GYMBOX via a third party (UScreen), should you sign up to that.

Membership System and Bookings App: In order for GYMBOX to process and manage existing and ex Memberships as well as Prospective Members, they use a third party (Legend Club Management) to provide the membership management system. Class bookings can be processed directly via the website hosted by Legend Club Management as well as the GYMBOX bookings App hosted by Innovatise who integrate directly with Legend Club Management.

Payment Collection: GYMBOX use third parties (Accountis, Verifone, Global Payments & Stripe) for payment collection whether that be upfront payment for membership, monthly direct debit payment for membership, one-off POS payments at reception, debt collection or an Out The Box subscription.

Arrears Collection: GYMBOX reserves the right to forward a members information to a third party debt collection agency (ARC Europe Ltd) in the event of non-payment of fees when due. Further information on this process can be found in GYMBOX Terms and Conditions.

Personal Training: As stated on the GYMBOX Membership Application, any Member who selects the VPT Taster understands that their personal information will be provided to a designated personal trainer who will contact them to arrange their taster session.

Paperwork Destruction: GYMBOX schedule regular collections of paperwork from a third party company (The Hill Company) who securely and confidentially shred this paperwork off site, on behalf of GYMBOX.

Reviews: GYMBOX may contact you via email to invite you to leave a review in order to collect feedback and improve GYMBOX services. Trustpilot A/S (“Trustpilot”) is the external company used for this purpose, and your name and email address are shared with Trustpilot for this purpose only. If you want to read more about how Trustpilot process your data, you can find their Privacy Policy here.

GYMBOX provide anonymous or hashed data to third party advertisers (Buddy Media Group, Facebook), to further understand customer trends and patterns, as well as a way to reach new customers who are likely to be interested in GYMBOX, due to having similar interests to existing GYMBOX customers.

GYMBOX release account and other personal information to third parties when GYMBOX believe release is appropriate to comply with the law; enforce or apply membership or other agreements; or protect the rights, property or safety of GYMBOX, its users or others. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction. This does not include selling, sharing or otherwise disclosing personally identifiable information from members for commercial purposes in a way that is contrary to the commitments made in this Privacy Policy.

GYMBOX may share Member details with any organisation that acquires a Club to which the Member has their Membership.

Other Websites: The GYMBOX website may contain links to other websites that are outside GYMBOX control and are not covered by this Privacy Policy. If you access other sites using the links provided, the operators of these sites may collect information from you that will be used by them in accordance with their privacy policy, which may differ from this policy.

Cookies: A cookie is a small piece of information sent by a web server to a web browser, which enables the server to collect information from the browser. Find out more about cookies on https://ico.org.uk/for-the-public/online/cookies/ GYMBOX use cookies to identify you when you visit this website and to keep track of your browsing patterns, to build up a demographic profile and to use for advertising purposes. GYMBOX use cookies to allow registered users to be presented with a personalised version of the site, carry out transactions and have access to information about their account. Most browsers will allow you to turn off cookies. If you want to know how to do this please look at the menu on your browser, or look at the instruction on https://ico.org.uk/for-the-public/online/cookies/. Please note however that turning off cookies may restrict your use of our website. By continuing to use this site you are agreeing to the use of cookies as detailed within this section.

6. Keeping your Information Secure

In regards to environmental and physical security, all GYMBOX employees receive full training upon commencement on employment and subsequently on an annual basis thereafter. This is completed via an e-learning platform and group training sessions. Further to this, daily, weekly and monthly audits are completed.

7. GYMBOX Retention Policies

GYMBOX have set company retention policies in place and these timescales are set in accordance with any applicable legislation and/or for any agreed legitimate reasons. Where none exists, then GYMBOX will keep your information for the duration of any Contract that you have entered into with GYMBOX, and then for a period of 7 years after, at which time all the personal information will be pseudonymised.

After that 7 year duration, GYMBOX will retain and use your pseudonymised information for the purpose of business statistics and analysis. GYMBOX can retract this pseudonymisation to the extent necessary to comply with any legal obligations or to resolve disputes

8. Staying in Control - Your Rights

GYMBOX understand the importance of data subjects remaining in control of their personal data. GYMBOX acknowledge the following rights you have under the GDPR, what they mean and how you can exercise them.

The Right to be Informed

This privacy policy states all uses of your personal information and the purposes for processing this information. Should you have any concerns or questions about our privacy policy and practices, or would like a full list of our third party processors, then please email [email protected]

The Right of Access

You have the right to access information that GYMBOX hold about you. If you wish to receive a copy of the information that GYMBOX hold, please submit a Subject Access Request form (SAR) which you can request from [email protected]. Once GYMBOX have received your form, they will provide a response within one month. If your request is unusually complex and likely to take longer than a month, you will be informed as soon as possible to tell you how long it’s likely to take.

Please note that whilst in most cases GYMBOX will be happy to provide you with copies of the information you request, GYMBOX nevertheless reserve the right, in accordance with section 8(2) of the DPA, not to provide you with copies of information requested if to do so would take “disproportionate effort”, or in accordance with Article 12 of the GDPR to charge a fee or refuse the request if it is considered to be “manifestly unfounded or excessive”.

The Right to Rectification, Restrict Processing, Erasure, and to Object

You can ask GYMBOX at any time to change, amend or pseudonymise the information that GYMBOX hold about you or restrict ways in which your data may be processed. You can update GYMBOX with amendments of personal information by submitting a request through the member services area of our website using the following link, https://gymbox.com/member-services/change-of-personal-details

To pseudonymise the information, or object/request restriction of processing then please email [email protected]

GYMBOX will aim to respond to any request as soon as possible, but no later than within 1 month since receipt of request. Please note that the right to erasure is not absolute and only applies in certain circumstances. For further information on this please visit the following link to the ICO’s website, https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-erasure/

Right to Data Portability

You have the right to request that your personal data is transferred by GYMBOX to another organisation (this is called “data portability”). Please contact us at [email protected] with the details of what you would like for GYMBOX to do and GYMBOX will endeavour to comply with your request. It may not be technically feasible, but GYMBOX will work with you to try and find a possible solution.

Right to Prevent Automated Decision Making

You have a right to ask GYMBOX to stop any automated decision making. GYMBOX do not intentionally carry out such activities, but if you do have any questions or concerns GYMBOX would be happy to discuss them with you so please email any concerns or queries to [email protected]

9. Privacy Policy Changes

GYMBOX may make slight changes to the Privacy Policy, Terms and Conditions and Club Rules, however, will never materially change policies and practices to make them less protective of member information collected in the past without the consent of affected members. GYMBOX will display signage with details of any changes to these notices and conditions, but an up to date version will always be available on the website (www.gymbox.com).

10. Contact

If you have any questions, comments or concerns about data privacy at GYMBOX, please e-mail thorough a description to [email protected] and GYMBOX will endeavour to resolve the issue for you. Alternatively should you wish to escalate any concerns or questions, rather than contact GYMBOX directly, please contact the supervisory authority The Information Commissioner’s Office (ICO). For more information please visit the ICO’s website https://ico.org.uk/.

Loading: 100%

Book a tour.

1/6

What's your full name?

2/6

What's your email?

3/6

What's your phone?

4/6

Select club

5/6

Time to submit!

I understand that by submitting my details I will be contacted by GYMBOX with information about their services and membership options (not with spam, we promise)

This site is protected by reCAPTCHA and the
Google Privacy Policy and Terms of Service apply.

YOU’RE ALMOST THERE

You’re one step closer to the most unique classes, the coolest interiors and sickest tunes London has to offer. A member of the team will be in touch to get you booked in for a tour, we can’t wait to see you soon! In the meantime, why not give us a follow on Instagram @gymboxofficial and see what’s to come.