PRIVACY POLICY

121 GYM FITNESS PRIVACY POLICY

121 Gym Fitness follows a strict policy in terms of confidentiality on your data submitted via 121GymFitness.com and its sub-domains. The company will not release informations without ANY prior consent.

This policy statement provides information on the obligations and policies of 121 Gym Fitness, its subsidiaries, affiliates, and associated companies (the "Company") equal to any in the world in respect of the protections they provide to an individual. As such, the Company undertakes to apply, where practicable, those principles and the processes set out herein to its operations. 

The Company officers, management, and staff members shall respect the confidentiality of and endeavour to keep safe any and all personal data collected and/or stored and/or transmitted and/or used for, or on behalf of, the Company. The Company shall endeavour to ensure all collection and/or storage and/or transmission and/or usage of personal data by the Company shall be done in an appropriate manner and only for membership applications. Where an individual legitimately requests access to and/or correction of personal data relating to the individual, held by the Company, then the Company shall provide and/or correct that data in an appropriate time and manner. 

Types of Personal Data Collected

For the purpose of carrying on the Company's business, including registration and administration of the Company's related products and services (including relevant online services), you may be requested to provide personal data such as, but not limited to, the following, without which it may not be possible to satisfy your request: 

a. Name 
b. Billing address; 
c. Payment details, including credit card and banking information; 
d. Contact details, including contact name and telephone number or email address 

In some instances, you may also be requested to provide certain data that may be used to further improve our products and services and/or better tailor the type of information presented to you. In most cases, this type of data is optional although, where the requested service is a personalized service, or provision of a product or dependant on your providing all requested data, failure to provide the requested data may prevent us from providing the service to you. This type of data includes, but is not limited to:

a. Age;
b. Gender;
c. Salary range and employment details;
d. Education and Profession;
e. Hobbies and leisure activities;
f. Other related products and services subscribed to; and
g. Family and household demographics.

Some of the Company's Websites may place a "cookie" on your machine; for example to provide personalized services and/or maintain your identity across multiple pages within or across one or more sessions. This information may include, but is not limited to, relevant login and authentication details as well as information relating to your activities and preferences across our Websites.

Under certain circumstances, telephone calls made to our order and/or service hotlines and/or inquiry telephone numbers are recorded for the purposes of quality control, appraisal, as well as staff management and development. Unless expressly indicated at the time of calling, such recordings are NOT personal data of the caller and therefore, in respect of the caller, are not subject to the various provisions of the Ordinance and the caller has no rights and/or claims; either statutory, contractual or tortuous, over or to such data. At all times, every care is taken to protect such recordings from inadvertent and/or unauthorized access.

Accuracy of Personal Data

Where possible, we will validate data provided using generally accepted practices and guidelines. This includes the use of check sum verification on some numeric fields such as account numbers or credit card numbers. In some instances, we are able to validate the data provided against pre-existing data held by the Company. In some cases, the Company is required to see original documentation before we may use the personal data such as with Personal Identifiers and/or proof of address. 

Retention of Personal Data

The Company will destroy any personal data it may hold in accordance with our internal retention policy. The policy states that: 

a. Personal data will only be retained for as long as is necessary to fulfill the original or directly related purpose for which it was collected, unless the personal data is also retained to satisfy any applicable statutory or contractual obligations; and 
b. Personal data are purged from the Company's electronic, manual, and other filing systems in accordance with specific schedules based on the above criteria and the Company's internal procedures. 

Disclosure of Personal Data

All personal data held by the Company will be kept confidential but the Company may, where such disclosure is necessary to satisfy the purpose, or a directly related purpose, for which the data was collected provide such information to the following parties: 

a. Any subsidiaries, holding companies, associated companies, or affiliates of, or companies controlled by, or under common control with the Company; 
b. Any person or company who is acting for or on behalf of the Company, or jointly with the Company, in respect of the purpose or a directly related purpose for which the data was provided; 
c. Any other person or company who is under a duty of confidentiality to the Company and has undertaken to keep such information confidential, provided such person or company has a legitimate right to such information; and
d. Any financial institutions, charge or credit card issuing companies, credit information or reference bureaux, or collection agencies necessary to establish and support the payment of any services being requested. 

Personal data may also be disclosed to any person or persons that have a right under Malaysian law to gain access to such information provided they are able to prove their authority to access such information. For example, if the Company were served with a court order demanding certain customer information then the Company would disclose the information to the duly appointed officer of the court or such other persons as the court orders.

Transfer of Personal Data Outside of Philippines

At times it may be necessary and/or prudent for the Company to transfer certain personal data to places outside of Philippines in order to carry out the purposes, or directly related purposes, for which the personal data were collected. Where such a transfer is performed, it will be done so in accordance with 121 Gym Fitness policy. 

Security of Personal Data

Physical records containing personal data are securely stored in locked areas and/or containers when not in use. Computer data are stored on computer systems and storage media to which access is strictly controlled and/or are located within restricted areas. Access to records and data without appropriate management authorization are strictly prohibited. Authorizations are granted only on a "need to know" basis that is commensurate with an individual's Company responsibilities and their training. Records of the Company are under the control of assigned information officers who are responsible to ensure the transfer of or access to information is legitimate. Audit records may be produced to validate data modifications in order to verify the data's integrity. There may be violations logging processes for investigation of any unauthorized attempt to access information. Encryption technology, such as SSL, may be employed for the transmission of data collected online. 

Access and Correction of Personal Data

Individuals have the right to: 

a. Check whether the Company holds any personal data relating to them and, if so, obtain copies of such data; 
b. Require the Company to correct any personal data relating to them which is inaccurate for the purpose for which it is being used. 

Marketing

The Company will honor an individual's request not to use his or her personal data for the purposes of direct marketing. Any such request should clearly state details of the personal data in respect of which the request is being made. Specifically, we request that you include the corresponding Company assigned account numbers which are printed on the Company's statements/invoices. Please also state clearly the authority under which you are authorized to make such a request. Unless otherwise instructed as per the above, the Company may use any of the data collected in the normal course of its business for marketing purposes.