Privacy Policy

This privacy policy describes how Forma Fisica collects, uses, and protects personal information gathered through our online platform and services. We are committed to protecting your privacy and handling your data transparently and in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

Information We Collect

We collect information from you when you interact with our site or register for or use our services. This information may include:

• Personal Identification Information: Such as your name, date of birth, gender.
• Contact Information: Including your email address, phone number, and postal address.
• Health and Fitness Information: Details about your health status, fitness levels, injuries, physical condition, fitness goals, dietary habits, and progress tracking, which is necessary to provide personalized training, rehabilitation support, nutritional consulting, and other fitness and wellness services. This is considered sensitive data.
• Payment Information: If you purchase services or products, we collect information necessary to process payments, such as credit card details or other payment account information.
• Usage Data: Information about how you use our online platform, such as pages visited, time spent on the site, browsing history, and device information (IP address, browser type, operating system).
• Communications: Records of your correspondence and communication with us.

How We Collect Information

We collect information through various methods:

• Directly from you: When you register for an account, fill out forms, book classes or sessions, purchase services, provide health information, or communicate with us directly.
• Automatically: As you navigate through our site, usage data is collected through cookies and similar tracking technologies.
• From third parties: In certain circumstances, we may receive information from partners or service providers, always in compliance with legal requirements.

How We Use Your Information

We use the information we collect for various purposes related to providing and improving our services:

• To provide and manage your access to our services, including gym access, group classes (Yoga, Pilates, Zumba, HIIT), personal training, nutritional consulting, sports massage therapy, rehabilitation support, and athletic conditioning programs.
• To personalize your experience and tailor our services to your specific needs and fitness goals, including developing training plans and providing rehabilitation support.
• To process transactions and manage payments for services rendered.
• To communicate with you regarding your account, services, appointments, and important updates.
• To respond to your inquiries and provide customer support.
• To improve our online platform, services, and user experience.
• For internal business purposes, such as data analysis, audits, and developing new offerings.
• To send you marketing communications about our services, offers, and news that may be of interest to you, in accordance with your preferences and applicable law.
• To ensure the security and integrity of our online platform and services.
• To comply with legal obligations and protect our legal rights.

Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

• Performance of a Contract: Processing is necessary to fulfill our contract with you to provide fitness and wellness services.
• Consent: We process sensitive health and fitness data based on your explicit consent. You can withdraw your consent at any time. We also process other data based on your consent where required (e.g., for certain marketing communications).
• Legitimate Interests: We process data based on our legitimate interests, such as improving our services, managing our business, preventing fraud, and direct marketing (where permitted by law), provided these interests do not override your fundamental rights and freedoms.
• Legal Obligation: Processing may be necessary to comply with legal obligations (e.g., tax, health and safety).
• Vital Interests: In rare cases, processing may be necessary to protect your vital interests or those of another person.

Data Sharing and Disclosure

We do not sell or rent your personal information to third parties. We may share your information with:

• Service Providers: Trusted third-party vendors who perform services on our behalf, such as payment processing, website hosting, data analysis, IT services, and customer support. These providers are obligated to protect your information and use it only for the purposes for which they were hired.
• Business Partners: In limited circumstances, with partners necessary to deliver specific services you requested (e.g., a specialist for a specific therapy), always with your knowledge or consent where required.
• Legal Requirements: If required by law, regulation, court order, or government request.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, where your information may be transferred as part of the transaction.
• With Your Consent: We may share your information with other parties when we have your explicit consent to do so.

When we share sensitive data like health information with third parties (e.g., therapists), it is done securely and strictly for the purpose of providing the specific service you have requested and consented to.

Data Security

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. However, please be aware that no data transmission over the internet or storage system can be guaranteed to be 100% secure.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. When your data is no longer required, we will securely delete or anonymize it.

Your Rights

Under GDPR and other applicable laws, you have certain rights regarding your personal data:

• Right to Access: You have the right to request a copy of the personal data we hold about you.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
• Right to Erasure ('Right to be Forgotten'): You have the right to request the deletion of your personal data under certain conditions.
• Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.
• Right to Object to Processing: You have the right to object to our processing of your personal data under certain conditions, including processing based on legitimate interests or for direct marketing.
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller where technically feasible.
• Right to Withdraw Consent: If we rely on your consent to process your data, you have the right to withdraw that consent at any time.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data infringes applicable law.

To exercise any of these rights, please contact us using the contact information provided below. We may require you to verify your identity before responding to your request.

Cookies and Tracking Technologies

Our online platform uses cookies and similar technologies to enhance your experience, analyze site usage, and provide relevant content. Cookies are small text files stored on your device. You can control the use of cookies through your browser settings, but disabling cookies may affect the functionality of our site.

Links to Other Websites

Our online platform may contain links to third-party websites. This privacy policy does not apply to those sites. We encourage you to review the privacy policies of any third-party sites you visit.

Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16 without verifiable parental consent, we will take steps to delete that information.

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will post any changes on this page. We encourage you to review this policy periodically.

Contact Us

If you have questions about this privacy policy or our data practices, you can contact us at:

Forma Fisica
56 Via Dante Alighieri
Florence, Tuscany, 50122
Italy
[email protected]