This is the internet privacy policy for énergie Global Brand Management which also trades using the following brand names:
This website is the property of énergie Global brand Management. We take the privacy of all visitors to this Website very seriously and therefore set out in this privacy and cookies policy our position regarding certain privacy matters and the use of cookies on this website.
This policy covers all data that is shared by a visitor with us whether directly via energiegroup.com, effw.co.uk, energiefitness.com, energiefitnessclubs.com, f4l.com or via email.
This policy provides an explanation as to what happens to any personal data that you share with us, or that we collect from you either directly via this Website or via email.
Certain businesses are required under the Data Protection Act to have a data controller. For the purpose of the Data Protection Act 1998 and updates in 2018 our data controller is Dom Greenwood and can be contacted via email at dominic@energiehq.com
We may collect the following information:
In operating our Website we may collect and process the following data about you:
On occasion, we may gather information about your computer for our services, and to provide statistical information regarding the use of our Website to our advertisers. Such information will not identify you personally, it is statistical data about our visitors and their use of our site. This statistical data does not identify any personal details whatsoever. It is used by us to analyse how visitors interact with our websites so that we can continue to develop and improve our websites.
We may gather information about your general internet use by using a cookie file that is downloaded to your computer. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer. They help us to improve our website and the service that we provide to you.
All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular areas of our Website.
Any advertisement featured on this website or link to a website controlled by a third party may also incorporate cookies over which we have no control. Such cookies (if used) would be downloaded once you click on the advertisement or link to the third party website.
For more information on cookies you can read the guidance at www.allaboutcookies.org.
We may use Google Analytics for SEO purposes and to improve their online marketing efforts. For a detailed explanation of how Google Analytics cookies work and what data it gathers, please visit: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.
We partner with certain organisations to carry out certain aspects of our operation. For example, we use a company called Harlands to make direct debit collections on our behalf for members of our clubs in the UK. We share with Harlands all of the information which is necessary to make these collections and in order for them to be able to meet their obligations under the Direct Debit Guarantee Scheme.
We may transfer data that we collect from you to locations outside of the European Economic area for processing and storing. In addition, it may be processed by staff operating outside the European Economic area who work for us or for one of our suppliers. For example, such staff may be engaged in the processing and concluding of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all reasonable steps to make sure that your data is treated securely and in agreement with this privacy policy.
Data that is provided to us is stored on our secure servers. Details relating to any transactions entered into via our site will be encrypted to ensure its safety.
The transmission of information via the internet is not completely secure and therefore we cannot guarantee the security of data sent to us electronically and the transmission of such data is entirely at your own risk. Where we have given you (or where you have chosen) a password so that you can access certain areas of our site, you are responsible for keeping this password confidential.
The information that we collect and store relating to you is primarily used to enable us to provide our services to you. In addition, we may use the information for the following purposes:
Where applicable, we may disclose your personal information to any member of our group. This includes, where applicable, our subsidiaries, our holding company and its other subsidiaries.
We may also disclose your personal information to third parties:
You might find links to third party websites on our Website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
The Data Protection Act 1998 & 2003 gives you the right to access the information that we hold about you. Should you wish to receive details that we hold about you please contact us using the contact details below.
This is the data breach policy for énergie Global Brand Management (énergie) which also trades using the following brand names:
We take the security of the data which we hold very seriously and go to great lengths to ensure that it is adequately protected and is used only for the purposes for which it was collected. We have a series of policies and procedures in place to ensure that we comply with all current legislation. We train our staff to ensure that they are aware of their responsibilities in protecting the data and how they should act when using it. We also employ sophisticated means to protect our data from malicious attack and attempts to gain unauthorised access or make unauthorized use of the data which we hold. We destroy or anonymise data as soon as there is no longer a justification for us to hold it in relation to the purposes for which it was collected.
Despite all of the above it is, unfortunately, impossible for us to completely protect all of the data which we hold from theft, attack, unauthorised use or failure to follow agreed procedures. This policy describes the measures we take to monitor whether any breaches have occurred and the procedures we will follow should we become aware that a breach may have occurred.
This policy applies to the following individuals and orgainsations:
This policy applies to the following data:
This policy applies to the data described above held in any form, including but not limited to:
We take the following measures to monitor whether a breach has occurred and to ensure that we become aware should a breach or a potential breach come to the attention of any of our staff, members of our club or any other individual:
Any individual who requires advice or support in relation to this policy or an incident they feel it may cover should first of all speak to their manager or the owner of the club at which they work. If this is not possible or felt to be appropriate or if further advice or support is needed then the matter may be referred to any of the following:
NB Please use email or ‘phone if you feel that your query needs to be addressed urgently.
This policy requires that any individual who is included in its scope (described above) who suspects that a theft, breach, unintended exposure or unauthorised access of the data described above must report the fact as soon as is reasonable possible and in any case within one working day of the information coming to their attention.
If possible, a written description of the nature of the breach or suspected breach along with details of the date and time at which occurred should be provided to any of the contacts listed above as sources of help and advice. Information may be supplied anonymously but it would be most helpful if the name and contact information of the person reporting the breach could be supplied.
An examples of practices which may be likely to lead to a breach should also be reported in the same way.
What we will do when Issues are Reported to us
The matter will be initially reviewed by the Data Protection Officer (DPO) who will consider the circumstances and the information which has been supplied. One or more of the following actions may be taken:
Any Énergie Global Brand Management personnel found in violation of this policy may be subject to disciplinary action, up to and including termination of employment. Any third-party partner company found in violation may have their network connection terminated.
Version | Date Of Revision | Author | Description Of Changes |
1.0 | 10th August 2017 | David Waugh | Initial Version |
We welcome any queries, comments or requests you may have regarding this policy please do not hesitate to contact us via the website www.energiefitness.com
If you would prefer to write to us then our contact address is:
Data Protection Enquiries
énergie Group
Icon Unit 1
Pitfield
Kiln Farm
Milton Keynes
MK11 3LW
The énergie group operates a health and fitness franchise business in the United Kingdom as well as in several other countries.
This is the policy for the use of CCTV in clubs operating under the following brands in England and Wales:
The purpose of this policy is to make a clear statement of the way in which énergie, and the clubs operating under its various brands in the United Kingdom, make use of CCTV.
The policy describes the following:
CCTV allows us to monitor activity in and around our clubs. It can be used to help us investigate the actions of individuals in connection with specific events such as an accident, theft or assault.
The main reasons we use CCTV include, but are not limited to, the following:
The layout of our clubs varies from site to site. However, in general terms, we would use CCTV in the following areas:
We would never install CCTV in the following areas:
We make members of the public, staff who work in the clubs and any other visitors aware of the fact that CCTV is in operation by displaying prominent signage such as the example shown below:
A sign such as the above would be displayed in each area in which a camera was located. We will also publicise the reasons why we are making recordings as well as the contact details for the data controller. For example, by display information such as the following:
WARNING CCTV cameras in operation
Images are being monitored and recorded for the purpose of crime-prevention,
for the safety of our staff and visitors and for the protection of énergie fitness, its franchisees and their property.This system will be in operation 24 hours a day, every day. These images
may be passed to the police or any law enforcement authority
This scheme is controlled by énergie Global Brand Management and operated by The Control Group
For more information contact ………[phone number]…………
We do not conceal our cameras. They are clearly visible and would be recognisable by the overwhelming majority of the public. We are very happy to point out the location of all cameras in areas normally accessible to the public to any person who makes a request to have this happen.
We store the images we record in two main ways: • In a small and reducing number of clubs, we store images on a hard drive located in a secure area of the club
In all cases, these stored images are accessible only by properly authorised individuals. Access to them is protected by passwords and other security. Supervising access to the images and maintenance of the CCTV systems are the responsibility of the franchisee or club manager.
Images are normally stored for 30 days before being automatically deleted. Images of specific events or incidents might be kept much longer than this, particularly, although not exclusively, if they were connected with an accident or were the subject of a police investigation.
We would release images to third parties outside of the énergie group under very limited circumstances which would include the following:
Any person whose image has been recorded has a right, on written request, to be given a copy of the information recorded which relates to them, provided always that such an image/recording exists i.e. has not been deleted and provided also that an exemption/prohibition does not apply to the release. Where the image/recording identifies other individuals, those images may only be released where they can be redacted/anonymised so that no other individual is identifiable. To exercise their right of access, a data subject must make an application in writing to énergie Global Brand Management or the franchisee which owns the club in qeuestion.
An applicant should provide all the necessary information to assist énergie Global Brand Management or its franchisee in locating the CCTV recorded data, such as the date, time and location of the recording. If the image is of such poor quality as not to clearly identify an individual, that image may not be considered to be personal data and may not be handed over.
In giving a person a copy of their data, the énergie Global Brand Management or its franchisee may provide a still/series of still pictures, a tape or a disk with relevant images. However, other images of other individuals will be obscured before the data is released.
Our franchisees are responsible for the operation of the clubs which they own, except in the case the clubs are owned directly by énergie Global Brand Managament or one of its subsidiaries. Compliance to this policy is part of the operation of each club and will be scrutinised as part of the audit process to which every club is periodically subjected.
The CCTV systems in use in énergie’s clubs are controlled by a security company contracted by énergie Global Brand Management and its franchisees.
The contract with the security company details the areas to be monitored, how long data is to be stored, what the security company may do with the data, what security standards should be in place and what verification procedures apply. The contract also states that the security company will give the fitness club all reasonable assistance to deal with any subject access requests made under section 4 of the Data Protection Acts 1988 and 2003 which may be received by the club.
Security companies that place and operate cameras on behalf of clients are considered to be "Data Processors." As data processors, they operate under the instruction of data controllers (their clients). Sections 2(2) and 2C of the Data Protection Acts place a number of obligations on data processors. These include having appropriate security measures in place to prevent unauthorised access to, or unauthorised alteration, disclosure or destruction of, the data, in particular where the processing involves the transmission of data over a network and against all unlawful forms of processing. This obligation is met by having appropriate access controls to image storage or having robust encryption where remote access to live recording is permitted. Staff of the security company have been made aware of their obligations relating to the security of data.
We welcome any queries, comments or requests you may have regarding this policy please do not hesitate to contact us via the website www.energiefitness.com
If you would prefer to write to us, then our contact address is:
CCTV Use Enquiries
énergie Group
Icon Unit 1
Pitfield
Kiln Farm
Milton Keynes
MK11 3LW
Version | Date Of Revision | Author | Description Of Changes |
1.0 | 28th May 2017 | David Waugh | Initial Version |
CCTV – Closed-circuit television is the use of video cameras to transmit a signal to a specific place on a limited set of monitors. The images may then be recorded on video tape or DVD or other digital recording mechanism.
The Data Protection Acts – The Data Protection Acts 1988 and 2003 confer rights on individuals as well as responsibilities on those persons handling, processing, managing and controlling personal data. All staff must comply with the provisions of the Data Protection Acts when collecting and storing personal information. This applies to personal information relating both to employees of the organisation and individuals who interact with the organisation
Data - information in a form that can be processed. It includes automated or electronic data (any information on computer or information recorded with the intention of putting it on computer) and manual data (information that is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system).
Personal Data – Data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the data controller.
Access Request – this is where a person makes a request to the organisation for the disclosure of their personal data under Section 3 and/or section 4 of the Data Protection Acts.
Data Processing - performing any operation or set of operations on data, including:
- Obtaining, recording or keeping the data,
- Collecting, organising, storing, altering or adapting the data,
- Retrieving, consulting or using the data,
- Disclosing the data by transmitting, disseminating or otherwise making it available,
- Aligning, combining, blocking, erasing or destroying the data.
Data Subject - an individual who is the subject of personal data.
Data Controller - a person who (either alone or with others) controls the contents and use of personal data.
Data Processor - a person who processes personal information on behalf of a data controller, but does not include an employee of a data controller who processes such data in the course of their employment, for example, this might mean an employee of an organisation to which the data controller out-sources work. The Data Protection Acts place responsibilities on such entities in relation to their processing of the data.
In deciding that we will routinely install CCTV in our clubs we undertaken a privacy impact assessment which considered the points listed below and the outcomes of this assessment have informed this policy:
Now it’s never been easier to keep on top of your fitness! Record your workouts at the click of a button, enter yourself into our latest fitness challenges and take advantage of exclusive member deals. Your motivation no longer needs to be a picture stuck on a fridge or a screenshot on your phone! Simply let the App handle everything for you and focus on hitting those goals.