Registration description

Effective Date: 07.07.2023


GENERAL INFORMATION

The data controller processing your personal data is Ptvgym Oy (hereinafter "Ptvgym"). Our company is committed to protecting the rights of individuals and keeping your personal data secure. This privacy policy helps you understand what information about you Ptvgym collects and why, how personal data is stored and disclosed, and what your privacy rights are.


Ptvgym processes personal data for various reasons. In this statement, "you" refers to customers, potential customers, or employees of our customers. It may also refer to other relevant parties, such as beneficial owners, authorized representatives and directors, shareholders, and responsible persons. In this statement, "we" or "the company" refers to Ptvgym and any companies directly or indirectly owned or controlled by Ptvgym.


WHAT PERSONAL DATA DOES PTVGYM COLLECT?

Personal data is most often collected directly from you or obtained through the use of Ptvgym products, services, and channels. Sometimes, we need additional information to keep the data up to date or to verify the accuracy of the information received.


For example, when you use our services or purchase something from our online store, as part of the purchase and sales transaction, we collect information such as your name, phone number, address, and email address. When you browse our online store, we automatically receive the IP address of the device you use for browsing, the internet browser you use, and the operating system of the device you use.


Ptvgym also collects and processes personal data of people in your close circle in some cases. Such individuals include employees, actual beneficiaries, representatives, payers, and other persons we are in contact with and cooperate with.


Below is a list of personal data categories from which we collect and use data. Examples are provided for each category of personal data. Note that the examples do not cover all situations. The type of personal data we collect from you depends on the service or product we offer you as a customer.


Types of Personal Data:

  • Identification details: e.g., personal identity number and full name.

  • Contact details: e.g., address, phone number, and email address.

  • Customer-related information: e.g., your customer history.

  • Legal requirements and taxation information: tax country or foreign tax registration number and any required customer identification and anti-money laundering information.


Sources of Personal Data Collected


From you

Part of Ptvgym's collection of personal data we receive directly from you. For example, we collect personal information such as name, personal identification number, email address, and phone number from new customers. In billing situations, we may also need to collect credit information to offer invoicing for the specific product or service at that time. We also gather information from messages you send us through our digital channels, such as feedback or requests.


From third parties

We also collect personal data from third parties, such as publicly available information and data from other external sources, to provide you with our products and services and to fulfill legal requirements. For example, when you request the option to pay by invoice, we may collect billing-related information from other sources, such as centralized credit information registers that contain information about your payment behavior.


Examples of sources of third-party information:

  • Registers maintained by authorities (such as tax administration registers, business registers, and enforcement authorities' registers).
  • Lists of economic sanctions (such as lists maintained by international organizations like the EU and UN, and national organizations).
  • Credit information registers and other commercial data brokers that provide information, for example, about payment defaults.
  • Information related to payment orders from money transfer service providers, merchants, banks, payment service providers, and similar entities.
  • Social media (for example, publicly available information from social media or search engines. Social media may also provide us with information according to the privacy settings you use on those channels/platforms).


Email marketing

With your permission, we may send you emails regarding our services or online store, new products for sale, and other updates related to our company. You can opt out of our mailing list at any time. This option is available in emails we send you or by contacting our customer service.


Recording of phone calls, online meetings, and chat services

Phone calls and chat conversations may be recorded for documentation purposes related to customer requests, to confirm assignments, ensure security, prevent fraud, and comply with legal requirements. For example, online meetings, phone calls, and chat conversations may be recorded to document what transpired, what was said during the conversation, and any agreements possibly made.


Surveillance

For security reasons and to prevent crimes, we may have surveillance cameras in our premises. We may also monitor logs of gym visits for security or similar reasons.


Storage of collected information

We provide a service and online store platform through which we manage your customer relationship and sell the products and services you desire. Information collected from our customers is stored in, for example, a data system linked to our online store, databases, and platform storage space. Your information is secure as it is stored behind a firewall, and its protection is ensured by appropriate technical means.



HOW DOES PTVGYM USE YOUR PERSONAL DATA AND ON WHAT LEGAL BASIS?


Performance of a contract

One purpose of processing personal data is to collect and verify personal information before making an offer, entering into an agreement, or conducting a transaction. We also process personal data to document and fulfill our contractual obligations towards you, such as providing our products and services to you and managing them.


Examples of processing activities required for contract performance with you include:

  • Collecting your contact information to deliver your order and provide customer service, including customer support and managing the customer relationship and communication with you.

  • Collecting your financial information to grant invoice payment methods.


Legal obligations

In addition to performing contracts, we also process personal data to comply with obligations defined in laws, regulations, and decisions of authorities.


Examples of legal obligations requiring the processing of personal data:

  • Customer due diligence (KYC).

  • Prevention of money laundering and terrorist financing.

  • Sanctions checks.

  • Accounting regulations.

  • Reporting to tax, police, enforcement, and supervisory authorities.



Legitimate interest

We may use your personal data for the legitimate interests pursued by us, provided that your interests or fundamental rights and freedoms do not override such interests.


Examples of processing of personal data based on legitimate interest:

  • Marketing, product, and customer analytics. Marketing activities, process, business, and system development, including testing, are based on the processing of personal data. This allows us to improve our product range and optimize services offered to customers.

  • Profiling for customer analysis done, for example, for marketing purposes.

  • Anonymization of financial and demographic data to compile statistics for testing and development purposes of products and services. Anonymized and aggregated statistics cannot be linked to an individual.

  • Analysis of social media use to provide better and more targeted marketing and communication, as well as services and advice, respond to comments, and provide customer service.

  • Possible preparation, presentation, or defense of legal claims and debt collection.


Consent

When providing us with personal data while shopping in the online store (e.g., verifying your credit card, placing an order, selecting a delivery method, or returning ordered goods), you consent to the collection of your personal data.

If we need personal data for purposes other than those mentioned above, such as marketing, we will ask for your consent directly or provide you with the opportunity to refuse to provide information.

If Ptvgym requests your consent, the request includes information about the purpose of data processing, processing, type of personal data, and your right to withdraw your consent. If you have consented to the processing of personal data, you also have the right to withdraw your consent at any time.


HOW DO WE USE AUTOMATED DECISION-MAKING?

We may use automated decision-making in some cases if the law allows it or if you have given separate consent to it, or if it is necessary to implement a contract. An example of such a case is the credit approval process in payment transactions related to invoice options.

If we use automated decision-making, we provide you with additional information about the logic of automated processing and its significance and possible consequences for you.

You can always express your views on decisions based solely on automated processing, such as profiling, if such a decision has legal effects concerning you (e.g., termination of a contract) or if the decision significantly affects you in a similar way (e.g., rejection of payment option on invoice).


TO WHOM DOES PTVGYM DISCLOSE PERSONAL DATA?

We may disclose your personal data to the extent required by law and necessary for the provision of services and compliance with agreements.

We may disclose your personal data to other parties, such as authorities, goods and service providers, payment service providers, and business partners. We always ensure compliance with applicable confidentiality obligations before disclosing information.


When can your personal data be shared?

We disclose information necessary for identity verification and the implementation of assignments or contracts to companies with whom we collaborate to provide our services. These services include secure payment solutions.

For example, we may disclose information in installment situations to a financial institution or online store payment service provider. We may also share anonymized information for societal and economic research or statistical purposes, if deemed in the public interest.



We disclose personal data to the following recipients

  • Authorities: We disclose personal data to authorities to the extent required by law. These authorities include, for example, tax, police, enforcement, and supervisory authorities.

  • Internally at Ptvgym: We disclose personal data internally at Ptvgym with your consent or as required by law.

  • External business partners: We disclose personal data to external business partners with your consent or as required by law. External business partners include, for example, payment solution providers and financing sellers' business partners.

  • Goods and service providers: We have entered into agreements with selected goods and service providers involving the processing of personal data on behalf of Ptvgym. Such agreements include, for example, software development, maintenance, server, and IT support services providers.


Transfers of data to third countries

Ptvgym does not transfer personal data outside the European Economic Area to so-called third countries or to organizations operating in them by default.

Exceptions may be made in special situations, such as when implementing a contract requires it or you have given your consent to transfer such data. Even in special situations, such data transfers may only be carried out if one of the following conditions is met:

  • The EU Commission has decided that the level of data protection in that country is adequate.

  • Other appropriate safeguards have been implemented, for example, by complying with EU Commission-approved standard contractual clauses or ensuring that the company processing the data has valid binding corporate rules.


If necessary, Pvtgym may outsource the processing of personal data to companies outside the company, which may also be located in countries outside the European Union and the European Economic Area, such as the United States. These companies may process personal data to provide infrastructure and IT services, or other services such as sending newsletters. In such cases, adequate data security and processing of the register are ensured by the EU-U.S. - Privacy Shield arrangement or by contract using EU Commission-approved standard clauses. The personal data to be disclosed may include name, address, email address, and phone number.


You can obtain a copy of the EU's model contract clauses used by Ptvgym for data transfers from www.eur-lex.europa.eu.


HOW DOES PTVGYM PROTECT PERSONAL DATA?

Protecting personal data is at the core of our entire business.


We have appropriate technical, organizational, and administrative security procedures in place to protect all data in our possession from loss, misuse, unauthorized access, disclosure, alteration, and destruction.


For example, when you provide us with your credit card information during a payment transaction, the data transfer is encrypted using secure SSL protocol technology. We also comply with PCI-DSS requirements and use other industry-accepted standards.


What are your privacy-related rights?

You have the following rights regarding your personal data held by Ptvgym:

  • Right to request access to your personal data.

  • You have the right to access your personal data held by us.

  • Right to request correction of inaccurate or incomplete data.

  • If your personal data held by us are inaccurate or incomplete, you have the right to request correction of the information, unless prohibited by law.

  • Right to request deletion of data



You have the right to request deletion of your data in certain situations:

  • You withdraw your consent for data processing and there is no other legal basis for processing.

  • You object to the processing of data and there is no legitimate reason to continue processing.

  • You object to data processing for direct marketing purposes.

  • Data processing is unlawful.

  • It concerns the personal data of a minor collected in connection with the provision of information society services.



Due to legal requirements, we may have an obligation to retain your personal data for the duration of the customer relationship and even thereafter, when data processing is necessary, for example, to comply with legal obligations or to handle legal claims.



Right to restrict processing of personal data

If you dispute the accuracy of the data we have registered or the lawfulness of processing, or if you have objected to the processing of data in accordance with your rights, you may request us to restrict the processing of your personal data. Processing will be restricted only to data retention until the accuracy of the data has been verified or it has been verified whether our legitimate interests override your interests.

If you are entitled to the deletion of the data we have registered but you need them to defend a legal claim, you may request Ptvgym to restrict the processing of data to data retention.


Even if your data processing has been restricted as described above, Ptvgym may still process your data in other ways if it is necessary to enforce a legal claim or if you have given your consent to such processing.



Right to object to processing based on legitimate interest

You always have the right to object to the processing of your personal data if it is based on Ptvgym's legitimate interest, including processing for direct marketing purposes or related profiling.


Right to withdraw consent

If the legal basis for processing your personal data is your consent, you have the right to withdraw your consent at any time. When Ptvgym requests your consent, the request includes information about the right to withdraw your consent.


Right to data portability

You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, based on consent or contract execution carried out by automated means. The data can also be transferred from us to another data controller if it is safe and technically feasible.


If you wish to exercise the above rights, requests will be assessed on a case-by-case basis. Please note that we may also retain and use your information if necessary to comply with legal obligations, resolve disputes, or enforce contracts.



How long does Ptvgym retain personal data?

We retain your information as long as it is necessary for the purpose for which it was collected and processed, or as long as required by law and regulations.



Reasons why we retain your personal data

We retain your information for as long as it is necessary to fulfill a contract and as long as legal and regulatory requirements for information retention require it. If we retain your information for purposes other than contract performance, such as accounting, we retain information only if it is necessary for that purpose and/or required by law and regulations.



Examples of retention periods

  • Accounting regulations: information required by law is retained for up to 10 years.

  • Information about contract performance: information related to contracts with Ptvgym is retained for up to 10 years after the termination of the customer relationship.




Cookies

Ptvgym uses cookies. However, performance and operational cookies, as well as marketing cookies, are not used unless you have consented to the use of these cookies. You have the right to completely block the use of cookies. Please note, however, that restricting cookies may affect the functionality of the website.



What are cookies?

Cookies are small text files containing letters and numbers that are stored on your computer or device. Cookies are placed when you visit a website that uses cookies and can be used to track the pages you visit, help you continue from where you left off, and remember your preferences such as language settings.


By using our website, you agree to the use of cookies. Below is information on how refusing cookies affects.



Why do we use cookies?

We use cookies and similar technology to:

  • Deliver products and services to our customers and website users.

  • Provide a secure online environment, including preventing fraud and unauthorized use.

  • Implement marketing actions, enable a better online customer experience.

  • Track the use of our website.

  • Monitor website analytics.

  • Provide you with the most relevant content possible.


Information is not used to identify individual persons.




What types of cookies does Ptvgym use?


Ptvgym uses both session cookies, which are stored on your computer only for the duration of your use of the website, and persistent cookies, which store files on your computer for a specific period.

The information provided to you by cookies is designed to be so open that you can see which cookies are in use to improve your visiting experience. This way, you can make an informed decision about their use. If you want to manage and delete cookies, you can do so from your web browser settings.


In some cases, the use of cookies may involve the processing of personal data. We have appropriate technical, organizational, and management security measures in place to protect all data.



We may use cookies belonging to the following groups:


Essential​​​​​​​

Essential cookies are crucial to the functioning of Ptvgym's website. These cookies are needed, for example, for security purposes and to support certain functions, such as remembering visitor preferences like language. This ensures that Ptvgym's website functions as intended.


Statistics


Statistics cookies are used to collect information about the use of Ptvgym's website on a general level. These cookies allow optimization of the website based on how visitors use the services, such as which pages are visited the most or which products most visitors view.


Marketing


Marketing cookies help us improve the user experience of our website. These cookies enable third-party functions, such as videos, podcasts, and social media features. In addition, through these cookies, Ptvgym can use customized advertising in third-party media.


Third-party content:


Ptvgym may display third-party content on its website to offer various functions, such as YouTube videos, SoundCloud podcasts, and Twitter posts. These third parties often use cookies and thus obtain and process information about how you use their services. In such cases, Ptvgym does not control the information collected by third parties. You can read more about how these third parties use cookies and process personal data on their websites.



How can you contact Ptvgym or the Data Protection Officer?


If you have any questions about the privacy policy or are dissatisfied with the way we handle your personal data or wish to exercise the rights described above, you can contact Ptvgym by email or mail:


Ptvgym Oy (Business ID 2764823-7)

Albert Edelfeltin rantatie 25

06400 Porvoo

info@ptvgym.fi




Notification to the Data Protection Ombudsman


You can also file a complaint or contact the Data Protection Ombudsman's office. Contact information can be found on the Data Protection Ombudsman's website.


Changes to the Privacy Policy


We continuously improve and develop our services, products, and websites, so privacy policies may be updated from time to time. If there are significant changes to the privacy policy, we will notify you when applicable law requires it.