GENERAL DATA PRIVACY POLICY
Last Update: February 2022
(You can find earlier versions in our archive)
Anytime Fitness Asia (and its related entities, affiliates and subsidiaries (collectively referred to as “AFA”) is committed to protecting your privacy, as our client, and even as a visitor to this website. Your privacy is important to us and we shall exert all reasonable efforts to protect your personal information against unauthorized use or disclosure.
This Privacy Policy is designed to assist you as User to understand how we collect, use, disclose or otherwise process personal information you provide to us in accordance with the relevant data privacy laws and to make informed decisions when you are using our website or any other means through which you disclose your personal data to us.
Our policy applies to personal data in our possession or under our control, including personal data in the possession of entities which we have engaged to collect, use, disclose or process personal data for our purposes.
a. “User” means an individual who (a) has accessed this Website and checked the listed businesses, franchises or fixed assets, or (b) may, or has, registered as a User and created an account and/or reached out inquire about a listed business, franchise or fixed asset, and whose personal information has been processed.
b. “Personal data” means data, whether true or not, whether recorded in a material form or not, from which the identity of a User is apparent or can be reasonably and directly ascertained, or when put together with other information, would directly and certainly identify user: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
Personal data includes Sensitive Personal Information, a subset of personal data. Sensitive Personal Information means information about an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations; about an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings; issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and specifically established by an executive order or an act of Congress to be kept classified.
Our policy is that we endeavor to not collect sensitive information, however, this may not always be possible. When we do collect, we will take all reasonable steps to ensure that the sensitive information is always protected.
Depending on the nature of our interaction, we may collect your name, contact information and other particulars, such as but not limited to your address, email address, or other contact information, nationality, race, gender, date of birth, marital status, photographs and other audio-visual information (such as recordings of conference calls), employment information and financial information such as credit card numbers, debit card numbers or bank account information.
We generally do not collect your personal data unless:
a. You provide your personal data to us voluntarily after we notify you of the purposes for collecting data; or
b. Whenever the collection of personal data without consent is allowed or required by the relevant data privacy or other laws.
We will ask for your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except when permitted or authorized by law).
You may be providing us with the following information:
c. personal data you voluntarily choose to disclose to us such as but not limited to your name, contact number, and email address and other particulars;
d. Details and photocopies of your government or other IDs;
e. Financial information;
f. Employment information;
g. Images captured via CCTV and other similar recording devices when visiting our offices, using or facilities or having online video conferences with us;
h. Voice recordings of our conversations with you;
i. Information about your transactions with third parties; and
j. Website use information collected on an aggregate basis as you and others browse our website.
We may manually or automatically collect information when you:
a. Visit our website – about the pages you view, and the links you click, including advertisements, through common internet technologies such as cookies and web beacons, and your IP-address, which is a number that is automatically assigned to your computer when you use the Internet;
b. Enter into transactions, contracts or agreements with us;
c. Submit your application forms, together with supporting documents to us;
d. Access our platforms and applications; and
e. File complaints, inquiries, or requests.
We use your personal information on a mandatory basis:
a. To verify your identity;
b. To provide services to you or implement transactions which you request, allow or authorize;
c. To address your queries and send information on franchises, or memberships, or related services;
d. Any other purposes for which you have provided the information;
e. To review, develop and improve on our website or services, including but not limited to conducting studies and researches;
f. To transmit to any unaffiliated third-parties, including our third-party service providers and agents, and relevant governmental and/or regulatory authorities, whether in all our markets as well as states and territories where there are Anytime Fitness centers, for the aforementioned purposes;
g. To reach out to you regarding information about new or related products and services of the AFA, including but not limited to offers, promotions, discounts, rewards;
h. Any other incidental business purposes related to or in connection with the above, which may at times include, but not be limited to: due diligence and quality review; audit requirements; internal reporting; regulatory reporting; compliance with internal policies; law enforcement or investigation; subpoena or other legal directive; other specific requests from official government or statutory bodies; and protection of our rights, interests, property and security.
The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter, or until the expiration of the retention limits set by applicable laws, whichever comes later (including, where applicable, a period to enable us to enforce our rights under any contract with you).
We may disclose your personal data:
a. where disclosure is necessary to perform our obligation(s); or
b. to third parties, agents, sub-contractors, and other organizations we have engaged to perform any of the functions listed in Section 5 above for us.
You may revoke your consent allowing us to collect, use, and disclose your personal data at any time.
To revoke your consent, please send a written request via email to our Data Protection Officer instructing us to stop using and/or disclosing your personal data for any or all of the purposes listed above.
Kindly give us sufficient time to process your request and notify you of the consequences of revoking your consent. We need at least 10 business days to process request from the date we received your request.
While we respect your decision to withdraw your consent, please note that the revocation should not prejudice pending transactions.
Please note that revoking consent does not affect our right to continue to collect, use, and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
Yes, you can update, or access, or correct personal data we recorded, subject to the requirements, conditions and exemptions under the applicable law and Data Privacy laws,
a. To access a copy of personal data we recorded or know how we use or to whom we disclose your personal data, or to correct or update any of your personal data in our records, please send an email our Data Protection Officer.
b. We should respond to you within 30 calendar days.
- i. If we are unable to respond within this period, then we will inform you in writing why we were not able to do.
- ii. If we are unable to provide you with the requested information or make the requested correction, we will inform of you of the reasons (unless we are not required to do so under relevant law.)
To protect your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures including antivirus protection to secure all storage and transmission of personal data and disclosing personal data both internally and to sellers and service contractors only on a need-to-know basis. However, no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
We retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws, whichever comes later. We will delete your personal data or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected and is no longer necessary for legal or business purposes.
We rely exclusively on personal data you provided. To ensure that your personal data is current, complete, and accurate, please update by sending a message by email to our Data Protection Officer in writing. We do not assume responsibility for the publication of the information due to errors during transmission or due to unauthorized access by third parties.
(1) Transfers of Personal Data. Data sharing and transfer of personal data. Data collected by Company is shared with Anytime Fitness LLC as well as its business partners and contractors (“Anytime Fitness”). In accordance with the business model, the Club collects personal and sensitive data and shares and transfers this information to Anytime Fitness and business partners, including accredited vendors, whose servers are in Malaysia, Singapore, Vietnam, Indonesia, Thailand, Taiwan, Hong Kong SAR, Macau SAR, Australia, Europe, the Philippines, and the United States, and such other territories or jurisdictions where Member accesses an Anytime Fitness center.
In the case of franchisee information, including personal data, is collected in the country of origin and transferred to the United States, where Anytime Fitness stores data.
In the case of Members, to such other territories or jurisdictions where Member accesses an Anytime Fitness center. Anytime Fitness shares his or her personal and sensitive personal data with the Anytime Fitness center he or she accessed through reciprocity. Security videos taken by the Club’s CCTV camera may also be shared with governmental agencies and instrumentalities in accordance with law. Moreover, in case the Club is closed permanently, Member acknowledges, agrees that Anytime Fitness may transfer his or her personal data to the nearest Anytime Fitness center to allow Member to continue his or her fitness journey or to process the termination of his or her membership and facilitate refund. In such case, a survey form will be sent to Member requesting him to choose his or her preferred club and what he or she intends to do with his or her membership.
You may reach out to our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:
Data Protection Officer
Email address: TechSupport@anytimefitnessasia.com
You may also contact us at:
Anytime Fitness Asia
Attn: Legal Department (Privacy Policy)
Email Address: Legal.Compliance@anytimefitnessasia.com
This Notice shall be read in connection with other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by Inspire Brands Asia.
You acknowledge and agree that we may revise this Notice from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.
ADDITIONAL DATA PRIVACY POLICIES FOR FRANCHISEES
Member, by downloading the Anytime Fitness Mobile Application (“AF App”), acknowledges and agrees to the use, and disclosure of various personal data previously collected by Anytime Fitness LLC, Anytime Fitness Asia, and his or her home club (“Anytime Fitness”) when he or she signed up at his or her home club.
Member acknowledges and agrees that AF App will collect sensitive personal information whenever he or she uses the app. These information include Member’s weight, height, activities, and other health related data.
Member acknowledges and agrees that Member can choose to connect our AF App with another application or service, such as but not limited to Google Fit and Apple Health, and that by connecting the AF App with the latter, the AF App may receive information from the other application or service, in accordance with their own data privacy policies. Member may also choose to grant AF App access to some, or all of the data, both personal or sensitive, from another service. Member can stop sharing the information from the other application or service to AF App by removing AF App’s access to the other service.
AF app may also partner with third parties, such as employers, third party services and organizations. AF app may also receive information about Member from such sources, in accordance with their own data privacy policies.
a. Personal data. Personal data collected by Anytime Fitness include the Member’s name, residential and business addresses, contact information such as mobile numbers and email addresses and sensitive personal information such as the Member’s health and financial information.
Once Member downloads the AF App and creates an account using his or her key fob or registered email address, personal data and sensitive personal information collected by Anytime Fitness will be shared with the AF App.
b. Sensitive personal information. Should Member agree to link the AF App with Apple Health or Google Fit or similar applications, AF App will receive Member’s sensitive personal information collected by these applications.
Personal data and sensitive personal information collected by Anytime Fitness and share with AF App will be used to provide service necessary and ancillary to membership.
AF App does not store personal data. It uses personal data collected by Anytime Fitness and sensitive personal information collected by Apple Health or Google Fit or similar application.
Personal data collected by Anytime Fitness is stored in the United States. Reasonable and necessary means of protecting personal data in accordance with relevant law and international standards are undertaken have been Anytime Fitness. These means include but are not limited to engaging security contractors and consultants to protect the security and integrity of the network.
Member should consult the privacy and data protection policies Apple Health or Google Fit or similar applications for the storage and security of sensitive personal information shared with the AF App.
The AF App shares neither personal data nor sensitive personal information.
Personal data is shared by Anytime Fitness with the AF App through an API automatically providing Member’s name, contact information, birthdate, email, and gender. Similarly, Apple Health, Google Fit, and other similar applications share sensitive personal information with the AF App through an API.
Member may access or correct his or her personal data or request information on the collection and use of personal data at any time by sending a message to his or her home club or the Anytime Fitness center where he or she is a member or the data protection officer’s email address. Requests shall be acted upon within 30 days.
ADDITIONAL DATA PRIVACY POLICIES FOR FRANCHISEES
This lays out the Company’s additional Privacy Policies in relation to its franchisees. It provides Franchisees with information on how Company collects, uses, discloses, and otherwise processes personal and sensitive data in accordance with the relevant data privacy laws.
Our policy applies to personal and sensitive data in our possession or under our control, including those shared with entities which we have engaged to collect, use, disclose or process personal data for our purposes.
“Personal data” means data, whether true or not, whether recorded in a material form or not, from which the identity of the Franchisee is apparent or can be reasonably and directly ascertained, or when put together with other information, would directly and certainly identify Franchisee: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
Personal data includes “Sensitive Personal Information” which is a subset of personal data. Sensitive Personal Information means information about an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations; about an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings; issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and specifically established by an executive order or an act of Congress to be kept classified.
Company acknowledges and agrees to collect the personal data, including sensitive personal information, Franchisee or those of its representatives in the case of corporations, only to the extent necessary for the purpose of the Franchise Agreement.
To this extent, Company collect the your name, contact information and other particulars or Franchisee or, in the case of a corporate Franchisee, it shareholders, the principal operator and other employees, their respective addresses, mobile numbers, email addresses, or other contact information, nationality, gender, date or registration or date of birth, marital status, photographs, and other audio-visual information (such as recordings of conference calls), employment information and financial information.
The following personal data including sensitive personal information will be collected from Franchisees or in the case of a franchisee, its shareholders, directors, and officers as well as their contractors or employees and guarantors while the Franchise Agreement remains in force:
a. Individual franchisees and Partnerships. Company will collect the names, contact information including their mobile numbers and email addresses, their residential and business addresses (if different), and relevant financial information of individual franchisees. A copy of a valid government issued identification card must also be provided to the Company.
Individual franchisees may also be requested to submit a copy of their curriculum vitae and supporting documents.
b. Franchise entity. Company will collect a copy of the corporation’s statutory document showing key data on its current and/or historical information duly received by the relevant government agency overseeing businesses and corporations, a copy of a government issued identification of the company signatories, the contact information of both the franchise entity and its authorized signatory, including their mobile numbers and email addresses, and a board resolution authorizing the company signatory if such signatory is not the president of the corporation.
c. Principal operator and employees. Aside from collecting personal data which will include sensitive personal information, Company will collect a copy of the contract between the Franchisee and the principal operator.
i. Individual operator.
Company will collect the names, contact information including their mobile numbers and email addresses, their residential and business addresses (if different), and relevant financial information of individual principal operator.
ii. Management company.
Company will collect a copy of the corporation’s statutory document showing key data on its current and/or historical information duly received by the relevant government agency overseeing businesses and corporations, a copy of a government issued identification of the company signatories, the contact information of both the management company and its authorized signatory, including their mobile numbers and email addresses, and a board resolution authorizing the company signatory if such signatory is not the president of the corporation.
iii. Other employees.
Company may require the franchise entity to disclose the names of its employees and so their employment contract.
iv. Personal guarantors.
Company will collect the names, contact information including their mobile numbers and email addresses, their residential and business addresses (if different), and relevant financial information of personal guarantors. A copy of a valid, government issued identification card must also be provided to the Company.
Personal guarantors may also be requested to submit a copy of their curriculum vitae and supporting documents.
Franchisee acknowledges and agrees that Company may also take images, videos and audio recordings in the course of training activities, business coaching sessions and conferences. Company acknowledges and agrees that it shall secure the consent of the Franchisee and all other individuals whose personal data will be collected before proceeding with any recording.
Prior to entering into a Franchise Agreement, Franchisee was requested to the fill up a question and provide various information which include personal data to evaluate Franchisee’s eligibility to take out an Anytime Fitness franchisee. If found to be eligible, the Franchisee’s personal data is retained and was used to prepare the Franchise Agreement.
Franchisee acknowledges and agrees to update information, including personal data, at regular interval when so requested by the Company.
Company acknowledges and agrees that it must use Personal Data collected exclusively to carry out its obligations under the franchise agreement, which includes but is not limited to providing business coaching and enforcing brands standards and the terms of the Franchise Agreement.
Personal data collected may be collected in the course of training activities, business coaching sessions, conferences.
Data collected by Company is shared with Anytime Fitness LLC as well as its business partners and contractors (“Anytime Fitness”).
In the case of franchisee information, including personal data, is collected in the country of origin and transferred to the United States, where Anytime Fitness stores data.
Company acknowledges and agrees to undertake all necessary measures to protect information, including personal data, including but not limited to engaging consultants and specialists.
Information including personal data, shall be retained for a minimum of two years up to the maximum period prescribed by relevant laws (such as corporate,employees, and taxation) for Company to keep records.
Franchisee may send a message by email to our Data Privacy Officer to access, or correct, or delete information including personal data. Company acknowledges and agrees to respond and/or act on requests within 30 days.
Consent for the Company to collect the personal data shall terminate upon the expiration or termination of the Franchise Agreement. Franchisee acknowledges and agrees to update its information on a regular basis.
ADDITIONAL DATA PRIVACY POLICIES FOR MEMBERS
Member acknowledges and agrees that by signing the Membership Agreement, Member consents to the collection, use, and disclosure of various personal data required by Anytime Fitness and the Club to perform its obligations under the Membership Agreement and other legitimate business purposes more particularly set out in sub-paragraph (b) of this Clause as well as to comply with its obligations under relevant law.
a. Collection of personal data and sensitive personal data. Personal data to be collected shall include the Member’s name, residential and business addresses, copy of the government-issued identification card presented, contact information such as mobile numbers, e-mail addresses and the like, financial information such as the bank account or credit card details and the like.
Sensitive personal data to be collected shall be limited to Member’s health information relevant or necessary for Member’s use of the Anytime Fitness Mobile Application and to ensure his or her safety in an unmanned fitness center
All Anytime Fitness centers are equipped with surveillance (CCTV) cameras taking security videos, thus, capturing images of Member whenever he or she accesses and uses the Club or any other Anytime Fitness center.
Club acknowledges and agrees that it may not collect personal and sensitive data other than those mentioned in this sub-paragraph.
The Club shall use personal data and sensitive personal data collected to perform its obligations under the Membership Agreement, including but not limited to ensuring 24-hour access to Member’s The Club, guaranteeing 24-hour access to other Anytime Fitness centers through reciprocity, facilitating the collection of Membership Dues as well as fines and/or penalties in case of default, and providing information relevant to the conditions of membership, data privacy, and use of the Club as well as access to other Anytime Fitness centers. Personal data collected by the Club is visible to Anytime Fitness, other Anytime Fitness centers, and designated business partners facilitating reciprocity and the performance of other obligations under the Membership Agreement. Reciprocity refers to the system developed and used by the Anytime Fitness LLC allowing Member access to all Anytime Fitness centers around the world. Subject to the consent of the Member, selected personal information may also be used to provide members with promotional materials from Club and third-party business partners.
Member acknowledges and agrees that constant surveillance is necessary the safety of the premises by ensuring that only Members and club personnel enter the Club.
Member acknowledges and agrees that the personal data collected is necessary and reasonable to ensure the safety of the Club and all other Anytime Fitness center and to prevent the abuse of the reciprocity. While reciprocity allow Member to access to all Anytime Fitness centers, Member acknowledges and agrees that the amount of Membership Dues vary across territories. Accordingly, Member should have the right to reside in the country of his or her membership and has established or intends to establish residency in the territory where the Club he or she has taken out a Membership to prevent the abuse of reciprocity.
Personal data and sensitive personal data collected are stored in the Anytime Fitness Network is administered by Anytime Fitness. Reasonable and necessary means of protecting personal data in accordance with relevant law and international standards are undertaken are undertaken continually by Anytime Fitness. These include but are not limited to engaging security contractors and consultants to protect the security and integrity of the network.
In accordance with the business model, the Club collects personal and sensitive data and shares and transfers this information to Anytime Fitness and business partners, including accredited vendors, whose servers are in Malaysia, Singapore, Vietnam, Indonesia, Thailand, Taiwan, Hongkong, Macau, Australia, Europe, the Philippines, and the United States, and such other territories or jurisdictions where Member accesses an Anytime Fitness center.
Member acknowledges and agrees that security videos taken by the Club’s CCTV camera may also be shared with governmental agencies and instrumentalities in accordance with law.
Member acknowledges and agrees that when he or she accesses an Anytime Fitness center other than the Club, Anytime Fitness shares his or her personal and sensitive personal data with the Anytime Fitness center he or she accessed through reciprocity.
Member acknowledges and agrees that sharing these personal data and sensitive personal data is reasonable and necessary to ensure his or her well-being while in the premises and to prevent an abuse of reciprocity.
Moreover, in case the Club is closed permanently, Member acknowledges, agrees that Anytime Fitness may transfer his or her personal data to the nearest Anytime Fitness center to allow Member to continue his or her fitness journey or to process the termination of his or her membership and facilitate refund. In such case, a survey form will be sent to Member requesting him to choose his or her preferred club and what he or she intends to do with his or her membership.
Member may access or correct his or her personal data or request information on the collection and use of personal data at any time by sending a message to the Data Protection Officer email.