PRIVACY NOTICE PURSUANT TO THE DATA PROTECTION (JERSEY) LAW 2018

For your information and record, please find outlined below our privacy notice (the “Privacy Notice”) per the Data Protection (Jersey) Law 2018. The safety and security of your personal data are essential to Liv Fitness. 

It explains your other legal rights and other important things that you need to know, 

LIV FITNESS (registration number RBN32656) is the registered business name of Mrs Olivia Morton (“Liv Fitness”).

Version 1

  1. Bound by data protection legislation: Liv Fitness is bound by the Data Protection (Jersey) Law 2018 (the “DPJL”). 

  2. Committed to protecting your privacy: Liv Fitness is committed to protecting your privacy. This Privacy Notice set outs the basis on which the personal data that Liv Fitness collects from you and how it will be processed.

  3. Privacy Notice: This Privacy Notice is a privacy notice for the purposes of the DPJL and in particular the EU’s General Data Protection Regulation (“GDPR”) given by Liv Fitness when acting in its capacity as a data controller or data processor concerning its collection and use of personal data.

  4. Data Controller: Where personal data about you is collected and then used by Liv Fitness under this Privacy Notice as a consequence of you engaging with Liv Fitness, Liv Fitness is the data controller in respect of that personal data. Where personal data about you is provided by someone else on behalf of Liv Fitness, this Privacy Notice will also apply to its collection, and use and Liv Fitness collecting and using that personal data is the data controller in respect of it.

  5. In this Privacy Notice, the phrase “those connected with you” refers to other people who deal with us on your behalf and/or (b) those people who represent other entities or organisations that we might deal with, such as advisers, regulators, suppliers or anyone else that makes any form of enquiry about us or our services.

  6. Kindly read this Privacy Notice carefully to understand our practices regarding your personal data and how we will treat it. If you have any queries regarding this Privacy Notice, please contact Mrs Olivia Morton, whose contact details can be found at the end of this document.

  7. Purpose of Data Protection: The purpose of the DPJL is to protect the rights and privacy of individuals (“Data Subjects”) regarding the processing of personal data concerning them. “Personal Data” is any information relating to an identified or identifiable natural person (known as a “data subject”). A person is “identifiable” if he or she can be identified, directly or indirectly, not only by things such as a name or an identification number but also by things such as location data or some factor specific to (for example) the physical, physiological or social identity of that person. More common examples of Personal Data include names, identification numbers, contact information, identity documents, medical records and photographic images. “Processing” covers any activity involving Personal Data and includes such things as the collection, recording, storage, adaptation, use, disclosure and destruction of Personal Data (and “Process” bears the corresponding meaning). Liv Fitness will Process and control (to the extent necessary) Personal Data per the DPJL.

  8. Our Policies: Our policies and procedures aim to ensure that all our staff, contractors and others that we work with and who Process any Personal Data held by us, or on our behalf, wherever in the world, are aware of, and abide by, their duties under the DPJL. Liv Fitness abides by standards of data protection that are substantially the same as those set out in the GDPR, which requires among other things that Personal Data must be: -

    a. processed lawfully, fairly and in a transparent manner;

    b. collected for lawful purposes that are clearly specified and only further processed for compatible purposes;

    c. relevant and limited to what is necessary for the purposes of the processing;

    d. accurate and kept up to date, with inaccurate Personal Data being erased or rectified without delay;

    e. kept for no longer than is necessary; and

    f. processed in a secure manner, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage.

  9. Whose Personal Data do we process? 

    a. Clients (and potential clients): Our clients are individuals. As a result, we will inevitably process Personal Data in the course of our relationships with our clients. As a potential client and then (if applicable) as a client, the Personal Data that we Process will include personal and/or professional contact details (names, addresses, telephone numbers, e-mail addresses), details of bank accounts and/or other payment details, details. If you are a potential client or a client, the Personal Data that we Process may additionally include information categorised as “special category data”, such as information about an individual’s race; politics; religion; biometrics (used for identification purposes) and health. Also, if you leave a voicemail message with us, that message may be Processed in a similar manner, and for the same or similar purposes, to e-mail and postal correspondence from or concerning you. We may also collect Personal Data in respect of meetings attended and any other information which you may provide to us. 

    b. Suppliers (and potential suppliers): As a potential supplier and then (if applicable) as a supplier, the Personal Data that we Process will include personal and/or professional contact details (names, addresses, telephone numbers, e-mail addresses), documents and other proofs of standing and reputation and details of bank accounts and/or further payment details. Also, if you leave a voicemail message with us, that message may be Processed in a similar manner, and for the same or similar purposes, to e-mail and postal correspondence from or concerning you.

    c. Potential employees: If you are an applicant for a job with us (a potential employee), the Personal Data that we Process about you will include: -

    i. your name, address and contact details, including telephone numbers and e-mail addresses;

    ii. details of your qualifications, skills, experience and employment history;

    iii. information about your current level of remuneration, including entitlement to benefits;

    iv. whether or not you have a disability that we may need to make adjustments for during the recruitment process;

    v. information about your entitlement to reside and/or work in the place where you have applied for a job; and

    iv. equal opportunity monitoring information, including information about your ethnic origin, sexual orientation, health and religion or beliefs.

In addition, if you leave a voicemail message with us, that message may be Processed in a similar manner, and for the same or similar purposes, to e-mail and postal correspondence from or concerning you. If your application for a job with us is unsuccessful, we will retain your Personal Data for six months after the date on which we inform you (or any recruitment agency through which you have applied to us) that your application was unsuccessful, unless you ask us to retain your details on file for a more extended period. We will delete any Personal Data no longer required and will do so in an appropriate and secure manner. If your application for a job with us is successful, our retention of your Personal Data will be governed by our separate policy on staff Personal Data, which will be made available to you by our HR department as part of your becoming a member of staff.

d. Enquirers and visitors to our website: You may give us Personal Data by filling in a contact form on our website or by corresponding with us by e-mail. In each of the above cases, the Personal Data that we Process will include personal and/or professional contact details (names, addresses, telephone numbers, e-mail addresses) and, if you leave a voicemail message with us, that message may be Processed similarly to e-mail and postal correspondence. If you have stated contact preferences for service and/or jurisdiction updates and/or events that we may organise or participate in, we will also Process that information. We will also automatically collect certain information each time you visit our website. This includes: -

i. technical information including the Internet Protocol (IP) address used to connect your computing device to the Internet, your browser type and version, time zone setting, operating system and platform;

ii. information about your visit which may include the pages viewed, page response times; and

iii. your country of location by reference to a look-up of your IP address against public sources.

e. Our website also uses cookies and/or similar technologies to collect and store certain information about your interaction with our website. For more information about how we use cookies, see our Cookies Policy.

10. How we use the Personal Data we Process?

a. Clients (and potential clients): As a potential client, we will process Personal Data about you and those connected with you, for the purpose of carrying out our business and to: -

i. respond in our legitimate interests to your enquiries about our services and/or other requests;

ii. provide the services of a fitness instructor to you;

iii. take steps in our legitimate interests;

iv. enter into an agreement with you regarding the provision of services;

v. manage our infrastructure and business operations and to comply with policies and procedures that may be required by law or where necessary for our legitimate interest to satisfy other applicable industry regulation, guidelines or notices and/or that may have been put in place by us, including those relating to regulatory review and/or oversight, internal or external auditing, finance and accounting, billing and collections, IT systems, data and website hosting, training, testing and business continuity; and

vi. correspond with you concerning our present and future services and relevant news and service updates with your consent where required by law or otherwise in our legitimate interests provided these interests do not override your right to object to such communications.

b. If you become a client, we will continue to process Personal Data about you for such of the purposes described above as continue to be relevant. Also, we will process Personal Data about you and those connected with you regarding the ongoing provision of services, as described below. If you do not become a client, we will only keep Personal Data that you have made available to us if we must keep it for legitimate business purposes and/or as we are required to keep it by law or regulation.

c. If you do become a client, we will need to process Personal Data in order: -

i. under the agreement entered into between you and us to: - 

        1. provide you with services and to administer and manage our relationship with you;

        2. carry out your instructions and to respond to enquiries made by you;

        3. recover any fees owed to us under our agreement with you;

ii. under our legal obligations to comply with other applicable law and regulations in the various jurisdictions in which we operate;

iii. or in our legitimate interests: -

        1. to manage our infrastructure and business and to further our business interests;

        2. to comply with policies and procedures under applicable professional regulation, guidelines or notices and/or that may have been put in place by us, including those relating to regulatory review and/or oversight, risk management, internal or external auditing, finance and accounting, billing and collections, IT systems, data and website hosting, training, testing and business continuity; and

        3. other purposes which we may notify you of from time to time and obtaining your consent where necessary. 

d. Suppliers (and potential suppliers): As a potential supplier, we will process Personal Data about you and those connected with you, to enter into and receive services under a contract with you relevant to carrying out our business and to: -

        1. Suppliers

          a. respond to your enquiries about supplying goods or services to us;

          b. conduct checks concerning standing and reputation;

          c. enter into an agreement with you regarding the provision of services; and

          d. correspond with you concerning your present and future goods or services.

        2. If you do become a supplier, we will need to process Personal Data to: 

          a. administer and manage our relationship with you;

          b. respond to enquiries made by you;

          c. carry out ongoing checks per legal or regulatory obligations and our own risk management procedures;

          d. conduct and verify ongoing standing and reputation checks;

          e. pay for goods and services received;

          f. comply with legal or regulatory obligations; and

          g. for other purposes which we may notify you of from time to time, and obtaining your consent where necessary

e. Potential employees: If you are an applicant for a job with us (a potential employee), we will process Personal Data about you in order, in our legitimate interests, to assess your application and to advance that application through our recruitment processes, including by making details of your application, including Personal Data, to relevant members of our management, and to comply with policies and procedures under applicable professional regulation, guidelines or notices and/or that may have been put in place by us, concerning staff and recruitment.

f. Enquirers and visitors to our website: If you have completed a form on our website, making a new business enquiry or asking a general question, then we will process Personal Data about you for the purpose of our legitimate interest in responding to your enquiries and/or request for information. Likewise, suppose you have contacted our public relations team by e-mail, either via the website or independently, or otherwise with a media enquiry. In that case, we will process Personal Data about you on the same grounds in order to respond to your enquiries and/or request for information. Further, if you leave a voicemail message with us, that message may be Processed in a similar manner, and for the same or similar purposes, to e-mail and postal correspondence from or concerning you. We use information about visitors to our website in our legitimate interests for internal operations, to ensure that content is presented most effectively for you and your computer and to keep our website safe and secure.

g. Business Cards: If you or someone who works for you has given us a business card at a conference or a business meeting, we will use the contact details on the card in connection with the specific purpose it was provided. Where the card is provided for the specific purpose of requesting our promotional update communications we may first, where permitted by the DPJL, send an e-mail promptly after receiving the business card, to confirm the request, clarify its scope and provide for you to complete contact preferences. 

11. Promotional updates and communications: Where permitted by law or otherwise with your prior consent, we will use Personal Data to provide you with promotional update communications about us or our services, and we may also invite you to tell us what your areas of interest are. If you are on one of our contact lists for communications from Liv Fitness, you will be able to check and update your contact details, to change your preferences or to “unsubscribe” at any time either by following the links which appear at the end of all our marketing and promotional update communications and e-mails or by contacting us through our website and we will ensure that your details and preferences or your request to “unsubscribe” are dealt with promptly. Even if you tell us that you do not want to receive marketing or promotional update communications from us, we still may have the right to process Personal Data for the purposes of providing the services and, in such cases, we will continue to process that Personal Data for those purposes. We do not sell or otherwise pass on your contact details to any third party for marketing purposes.

12. Who we share Personal Data with? We may share Personal Data with:

a. business partners, suppliers, affiliates, agents and/or sub-contractors for the performance of any agreement we enter into with you. They may assist us in providing the services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing IT and other support services or in other tasks, from time to time. These third parties will only use your information to the extent necessary to perform their functions;

b. external networking sites. Our website contains plug-ins to such sites. Suppose you are a member of one of those social networking providers, and you are logged in while visiting our website. In that case, the relevant social network provider may assign information to your social media account. By interacting with one of the plug-ins on our website by clicking the interaction button information that you visited our site may be shared with the relevant social networking provider and held as part of your separate social networking user account. You should read the privacy policies of your social networking provider for further information about their collection and use of your personal data.

13. Security and data retention: We have taken steps to apply appropriate technical and organisational measures to prevent the unauthorised or unlawful processing of Personal Data, and/or the accidental loss or destruction of, or damage to, Personal Data. This includes but is not limited to using properly configured and maintained firewalls and anti-virus /malware protection on servers and PCs with e-mails scanned for viruses and spam. Our staff should ensure that appropriate security measures are implemented at all times per the guidance set out in our GDPR policies and procedures. As a general rule, Liv Fitness tools and applications such as the e-mail system and the data/client/document management systems are administered by [.    ] in Jersey. 

We retain Personal Data for the duration of the services that we provide as necessary to meet our obligations under our contractual obligations to you, to identify issues or to issue and resolve legal proceedings. We also retain Personal Data beyond the duration of the services that we provide as necessary to meet our legal, regulatory and other obligations to keep such information under applicable law and we shall regularly review retention periods on a general and specific basis. Retention periods will, by definition, vary from matter to matter. 

Old media (PC and server disks, tapes, etc.) are stored and then destroyed using a reputable specialist organisation. There may be some cases in which we are obliged to delete Personal Data we process, such as the data having been processed in breach of the DPJL or to comply with a legal obligation to delete it. In other cases, there may be no specific time limit applicable to the retention of particular Personal Data and, in determining how long particular Personal Data will be retained for, we will use criteria including whether: (a) the data is no longer necessary for the purpose with which it was collected; or (b) the data can, if required, be collected again without undue delay or difficulty. 

We will not, as a general rule, seek or rely on your consent to process Personal Data about you. However, to the extent that we do on occasion rely on your consent in respect of particular Personal Data, we will cease processing that Personal Data by deleting it if you withdraw that consent at any time. Likewise, where we rely on your consent to process “special category” Personal Data, we will cease processing that “special category” Personal Data by deleting it if you withdraw that consent at any time. You do have the right to object to the processing of Personal Data by us on the grounds of performance of a legal task or our legitimate interest. Still, that objection must be on grounds relating to your particular situation. In such circumstance, we will stop processing the Personal Data in question unless: (a) we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms of the individual; or (b) the processing is for the establishment, exercise or defence of legal claims. Suppose you do object to the processing of your Personal Data by us and, as a result. In that case, we stop processing it, we may not be able to continue to provide services to you in a particular manner or at all, and we may, as a result, need to terminate our service agreement with you. Where, for example, we process your Personal Data with your consent in order to send you promotional update communications about us or our services, if you withdraw that consent, we will not be able to send you such communications. If, as an unsuccessful job applicant, you ask us to retain your Personal Data, we would typically keep it for six months). Still, you later change your mind and ask us to delete it; we will not be able to refer to your original application should a potentially suitable vacancy subsequently occur. We will delete any Personal Data no longer required and will do so in an appropriate and secure manner.

14. Data Location: Liv Fitness store data in Jersey, on servers at its physically-secured premises in [.]or elsewhere in Jersey as the Liv Fitness deem appropriate. Access control systems secure all premises and data centres used by Liv Fitness for its IT infrastructure and only a limited number of trusted third-party IT suppliers that are subject to appropriate data protection and confidential obligations, have supervised physical or remote access to Liv Fitness IT infrastructure and systems. In some instances, Personal Data may be transferred to other countries where Liv Fitness maintains operations or where its service providers are located. Where these transfers are to be made outside the European Union, we will make sure that the receipt of the Personal Data has provided adequate safeguards, per the requirements of the GDPR by, for example, entering into appropriate European Commission-approved standard contractual clauses relevant to transfers between data controllers or between a data controller and a data processor.

15. Your rights: You have several rights under the GDPR concerning your Personal Data. You have the right under certain circumstances to:

a. have access to your Personal Data by making a “subject access request”;

b. have your Personal Data corrected if it is wrong or, in certain circumstances, to have it deleted;

c. have the processing of your Personal Data restricted (while we verify or investigate your concerns with this information for example);

d. object to the further processing in certain circumstances of your Personal Data including the right to object to marketing;

e. request we move your provided Personal Data elsewhere (data portability);

f. to withdraw any consent that you have given us if we are processing your Personal Data only because you have given that consent; and

g. not have your Personal Data automatically processed.

16. Liv Fitness contact details: If: -

a. you wish to exercise any of your rights concerning your Personal Data;

b. you have any complaint about how we process Personal Data; or 

c. you require any further information about this Statement or its contents,

please contact us in the first instance at: mail: olivia@liv-fitness.com

17. Data protection regulator contact details: If we do not satisfactorily resolve your request or concern, you may approach your local data protection authority in the jurisdiction in which we provide services to you. The contact details for the data protection regulator in Jersey in which we operate are as follows: Jersey Office of the Information Commissioner, 2nd Floor, 5 Castle Street, St Helier, Jersey JE2 3BT. Tel: +44 (0)1534 716530. E-mail: enquiries@jerseyoic.org

.

18. Updates: We review our policies and procedures regularly, and we reserve the right to amend the terms of this Privacy Notice from time to time at our absolute discretion. Any amended Privacy Notice will be posted on our website, and you are encouraged to visit our website from time to time to ensure that you are aware of our latest policies concerning the protection of Personal Data.

We last reviewed and updated this Statement on 15th October 2020.