Privacy Policy

Effective Date: December, 2020

This Privacy Policy outlines Cape Point Group Pty Ltd (Reg: 2021 / 816690 / 07) exclusive agent for (“Anytime Fitness South Africa”, “we” or “us”) current policy on personal data concerning club members, consumers, and franchisees, and covers the operations of our fitness clubs, franchise operations, business development, use of our websites under www.anytimefitness.co.za (the “Sites”) and mobile software applications, including our Anytime Fitness® application and may cover some data pulled from affiliated applications, to the extent that data is included in the Anytime Fitness® application (“Apps”).

By using Anytime Fitness® services, Sites, Apps, products, features, tools or resources, you agree to the terms of this Privacy Policy and our Terms & Conditions. You may refuse or withdraw your consent at any time; however, we may not then be able to provide you with our full range of products and services. You may not use the Sites, Apps, or our products or services if you do not agree to the Privacy Policy.

This policy may change from time to time. Your continued use after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

In the following Privacy Policy, we provide you with information regarding: 

1. Personal Data We Collect through the Sites and Apps 
2. How We Use and Share Your Personal Data and Legal Bases
3. Our Use of “Cookies” on the Sites and Apps 
4. Our Relationship with other Websites
5. Access and Correction of your Personal Data
6. Security of Your Personal Data 
7. Retention of your Personal Data
8. Changes to this Privacy Policy
9. How to Contact Us
10. Country-Specific Addenda

We encourage you to read this whenever you visit our Sites or use our Apps, since we may change this Privacy Policy from time to time. A copy of the current Privacy Policy is always posted at: www.anytimefitness.co.za/privacy

Territories

This Privacy Policy covers our activities throughout the world. We may host the Sites or information within the Apps on servers located within various countries or in any other country we, our service providers, or our service providers’ vendors maintain facilities, including the United States. This means that your personal data may be stored on servers located within any country where there are Anytime Fitness® locations. The locations of our servers may change from time-to-time. Further, our franchisees may maintain individual websites in the country or territory they service.

Privacy requirements and treatment of personal data varies from country to country. To meet these requirements, we have included certain “Country-Specific Privacy Notices” as part of this Privacy Policy. You may locate the Country-Specific Privacy Notices on our page.

Indemnity

BY SUBMITTING YOUR PERSONAL INFORMATION TO US, YOU ACKNOWLEDGE THAT WE WILL PROCESS YOUR PERSONAL INFORMATION IN THE UNITED STATES OR IN ANY OTHER COUNTRY IN THE WORLD AND TO OUR USE AND/OR PROCESSING OF YOUR PERSONAL INFORMATION AS SET FORTH IN THIS PRIVACY POLICY. IF YOU ARE SUBMITTING PERSONAL INFORMATION OF THIRD PARTIES TO US, YOU WARRANT AND REPRESENT YOU HAVE THEIR CONSENT WHERE RELEVANT TO PROVIDE THEIR PERSONAL INFORMATION TO US AND, IRRESPECTIVE WHETHER OR NOT YOU HAVE SUCH THIRD PARTY’S CONSENT, YOU WILL HOLD US HARMLESS FROM AND AGAINST CLAIMS BY SUCH INDIVIDUALS RELATING TO OUR PROCESSING AND USE OF SUCH PERSONAL INFORMATION WITHIN THE TERMS OF THIS PRIVACY POLICY.

1. Personal Data We Collect through the Sites and Apps

In general, you can browse the non-password protected portions of our Sites without telling us who you are or revealing any personal data about yourself, except for our limited processing of data via “cookies” as described in Section 3.  

We may collect personal data from you on our Sites and Apps or through any other digital or personal communication with you.  Data collected by us is voluntarily provided by you and may be integrated with other data you have provided to our franchisees upon signing up for a membership at an Anytime Fitness® club.  

If you are an Anytime Fitness® member, you may choose to integrate data from your membership account with the Sites and our Apps, but you will have the opportunity to opt-in to that integration of data across different platforms.  Our Sites and the Apps may also collect general data about your technology interface or preferences (such as the type of browser used or the files requested).  Some of the data described below is mandatory for the performance of certain services, and if not entered, you may not be able to utilize or participate in some of our online services or features.

The data we may collect through your use of the Sites may include, but is not limited to:   

• Where the account registration feature is available, your contact data to create an Anytime Fitness® account, such as your first name, last name, phone number, and email address; 
• Where the account registration feature is available, your profile username and password to enter the password-protected portion of the Sites; 
• Your transaction history relating to the use of our clubs, purchase of certain products or other data you wish to share with us and integrate with the Sites; 
• If integration with your membership is available to you, membership-related data, such as your home address, Anytime Fitness® location, key FOB number, and membership number; 
• Fitness-related data provided in the membership process, such as your height, weight, general fitness-related goals or other data helpful to achieving your fitness goal; 
• Data regarding training sessions, classes, or other data regarding your utilization of services at the club-level; 
• Where the account registration feature is available, correspondence with your personal training or Anytime Fitness® club regarding your activity; 
• Data provided by you when you participate in a survey or communication to you regarding your use of the Sites, or utilizing Anytime Fitness® services; 
• Data provided by you to participate in advertising contests or sweepstakes; 
• Various account data related to your Anytime Fitness® membership to allow you to update credit card, bank account, other payment data, or any other data regarding your profile; 
• If you are a prospective franchisee, we may collect detailed data such as your first name, last name, email address, phone number, address, and general financial data such as liquidity and assets, to evaluate your qualifications for an Anytime Fitness® franchise; 
• If we offer alternative sign ins, we may collect certain sign on information you have provided to third parties, such as Facebook or Twitter, when you sign on to use our Sites or Apps through these third parties;
• Computer data or files, obtained via so-called “cookies,” which may be sent by your web browser and stored on an individual computer to allow our server to “recognize” you through the navigation of the Sites and for us to credit your account for various online transactions;
• Computer data files, obtained via so-called “web beacons” that are collected from emails or links on third-party sites that allow our server to evaluate the popularity of those links or the information contained in emails or on third-party sites; and 
• Your IP address to measure our website traffic and to help provide a more personalized experience.
• If you are a prospective employee and/or job applicant of Anytime Fitness South Africa, we will collect data from you. This data includes, your full name, educational information, employment history and contact details. By enquiring about employment opportunities at Anytime Fitness South Africa or applying for employment, we infer that we are acting in your and our legitimate interests when we process your personal data for recruitment purposes, which may include screening as well as background and reference checks by third parties. 

To fully utilize the products and services available through our Apps, you may choose to download separate applications, and may opt to have the data entered into those applications automatically integrate with the Anytime Fitness® App.  We may also integrate the Apps with other applications or platforms, or additional applications that are useful to integrate your fitness goals and activity.  If you choose to integrate data collected by a separate application or entity, once integrated with the Apps, we will also have access to and the right to use the data provided to your Anytime Fitness® profile. Any of these third-party applications will have their own privacy policies and terms regarding the collection, use and maintenance of data entered through that third-party application.  

The data we may collect through your use of the Apps may depend on the version of the Apps or the country you are in, but this data may include, but is not limited to:   

• Data to register for your App account, such as first name, last name, email address and other Anytime Fitness® membership data, as well as a username and password to access the App; 
• Your activity history regarding your use of the Apps, such as your visits to clubs, participation in training activities, classes or utilization of other Anytime Fitness® products or services; 
• Membership-related data, such as your home address, Anytime Fitness® location, key FOB number, and membership number; 
• Fitness-related data provided in the membership process, such as your height, weight, general fitness-related goals, fitness-related habits or other data helpful to achieving your fitness goals; 
• Certain location or geolocation data pulled directly from your mobile device, your wireless carrier or certain third-party providers, to allow tracking of your activity. This collection and tracking may occur even when the Apps or other related applications are not actively open and running; 
• Data regarding personal training sessions and communication with your personal trainer or other Anytime Fitness® staff; 
• Records of copies of your correspondence, if you contact us;
• Data provided by you when you participate in a survey or communication to you regarding your use of the Apps, or utilizing Anytime Fitness® services; 
• Various account data related to your Anytime Fitness® membership to allow you to update credit card, bank account, other payment data, or any other data regarding your profile; 
• If we offer alternative sign ins, we may collect certain sign on information you have provided to third parties, such as Facebook or Twitter, when you sign on to use our Apps through these third parties; and
• Computer data or files, obtained via so-called “cookies,” which may be sent by your mobile device to allow our server to “recognize” you through the navigation of the Apps and for us to link your activity on the Apps with your membership.

Data obtained from your Social Media Accounts

You may choose to log into your Anytime Fitness® account on the Sites or through our Apps via certain social media networking services, such as Facebook and Twitter (“Social Media Accounts”). By integrating these Social Media Accounts into your account, we are able to offer you more personalized services, but may also collect certain personal data provided in your Social Media Accounts, such as your profile data, email address, profile picture and friend list.  If you do not want us to have access to this data, do not utilize the Social Media Account sign-in feature. 

Children Under the Age of 18

Our Sites and Apps are not designed for children and we do not knowingly collect data from any person under the age of 18. If you are under the age of 18, please do not submit any personal data to us through the Sites or any Apps. If we learn we have collected or received personal data from a child under 18, we will delete that data.

2. How We Use and Share Your Personal Data and Legal Bases

We will use your personal data to provide the services we offer on the Sites and through our Apps, including: 

• Processing and updating your membership data, including personal data you provide, credit card data or other electronic payment processing; 
• Processing your billing data, which may be contracted to our third-party payment processing vendor; 
• Contacting you regarding services you have engaged in or with, including personal training or collection efforts; 
• Providing you with data regarding club locations nearest to you or certain data regarding your club; 
• Conducting marketing and research, through direct surveys to you, but also through our or our franchisees’ communication with you; 
• Providing you with information you have requested from us, our franchisees or trainers you have engaged with; 
• Developing and displaying content and advertising tailored to your interests and preferences; 
• Processing your franchise application and contacting you regarding franchise opportunities; 
• Conducting contests and sweepstakes; 
• Sending you electronic communications you have requested, such as text messages, push notifications, notifications through our Apps or through your mobile device; 
• Providing you with updates and content based on your geo-location data you have provided to us; 
• Providing assistance with your fitness goals, such as encouragement on workouts, training schedules, recommended dietary changes, and other data to help you reach your fitness goals; and 
• Contact you regarding updates to the Sites, Apps, or provide administrative notices to you;
• Providing your personal information to a debt collection agency if your account is in arrears and or your membership has been terminated in arrears with the club. 

We strive to offer you an integrated, comprehensive way to manage your lifestyle, fitness goals and activity.  In order to operate the Sites and Apps as one seamless experience, however, we must share your personal data with our parent company, subsidiaries, and affiliates to provide you with the integrated services offered through the Sites and Apps. We may also share such data with our franchisees, or other business partners with whom we collaborate or work with to provide specific services to you or if we think the products or services, they offer would be of interest to you. We may provide user data to third-party service providers or vendors for purposes of, including without limitation, initiating direct marketing programs on our behalf, data tracking, maintenance or development of our Sites or Apps, development of online products and services, customer service or new product development, or other contracted promotional opportunities provided to our users. We, as well as our franchisees, vendors, or other business partners may use this data for marketing and solicitation purposes. This may require that we transfer your personal data to natural or legal persons in countries outside South Africa. Those countries’ laws might not protect your personal data in the same way or on the same level as the law in South Africa, however, we will take reasonable steps to ensure that any recipients of your personal data in other countries have appropriate privacy measures in place by, for example, concluding a legal agreement with the recipient. 

Your fitness club visit data (for all Anytime Fitness® clubs that you visit), App data, and personal data may be made available to those clubs’ franchisees, management and employees, or other contracted service providers whom you have engaged to provide services to you. Each of those parties is obligated to maintain the confidentiality of your personal data, and is permitted to access and use your personal data solely for the purpose of providing or enhancing services you use through the Anytime Fitness® club system or Apps. Additionally, you may choose to share personal data from the Sites or Apps with personal trainers or other Anytime Fitness® members to assist you in evaluating your activities and goals. 

We try to be selective in working with third parties and, where applicable we ensure that third parties with whom we share your personal data will process your personal data in accordance with the provisions of POPIA, however, we are not responsible for their use of your personal data outside the scope of our mandate with such third parties. Where payments are involved, we must release your credit card data to credit card authorization service providers and associated banks to process your payment for purchases, returns or refunds.  

We may transfer to our online service providers personal data you provide to us so that these parties may store and process your personal data to provide their services to us.‎

We may share aggregate data with vendors, potential advertisers, business partners, or other third parties. Aggregate data does not include personal data.

Except as described in this section, we will not give or sell your personal data to any other party.

Additional Disclosures.

We may also disclose personal data in any of the following circumstances: (1) in response to a subpoena, search warrant, court order, or other legal process or request, or as may otherwise be required by applicable law or regulation; (2) to protect and defend our rights or property or those of its franchisees, suppliers, related entities, affiliates, business partners, or others; or (3) as we, in our sole discretion, believe is appropriate under exigent circumstances in response to a perceived threat to the personal safety, property, or rights of any other person or organization.

In addition, since member data on our Sites and in our Apps is a business asset, in the event we are reorganized or sold to or merged with another company, we may sell, assign, or transfer your personal data to a purchaser of all or substantially all of our business assets, or to an affiliate, as applicable.

We rely on the following legal grounds for the processing of personal data:

General personal data.

• Performance of the contract with you pursuant to section 11(1)(b) of the Protection of Personal Information Act, 2013 (“POPIA”);
• legitimate interests of Anytime Fitness South Africa, our affiliates or other third parties (such as existing or potential franchisees, business partners, suppliers, customers, end-customers, governmental bodies, or courts) pursuant to section 11(1)(f) of POPIA (more information on the balancing test is available upon request));
• consent pursuant to section 11(1)(a) of POPIA, if provided by you for certain purposes and permitted under local data protection law, e.g. pictures of events, surveys;
• compliance with legal obligations pursuant to section 11(1)(c) of POPIA, in particular in the area of data protection law, tax law, and corporate compliance laws; and
• protection of your legitimate interests pursuant to section 11(1)(d) of POPIA.

Sensitive Employee Data.

• Explicit consent pursuant to section 27(1)(a) of POPIA if provided by you for certain purposes and to the extent permitted by EU law or local data protection law;
• carrying out the obligations, exercising or defending the specific rights of Anytime Fitness South Africa, or you in the field of local data protection law pursuant to section 27(1)(b) of POPIA;
• public data as made public manifestly by you pursuant to section 27(1)(e) of POPIA;  and
• establishing, exercising, or defending legal claims pursuant to section 27(1)(b) of POPIA.

3. Our Use of “Cookies” on the Sites and Apps

A “cookie” is a small data file stored on your web browser or on your mobile device that allows us to recognize your computer or mobile device when you visit the Sites or Apps by associating identification numbers with other user data you have provided us.  Some cookies will remain on the hard drive of your computer or mobile device for the duration of your browser or user session, while others will remain until deleted by you. You may also be able to configure your computer or mobile device to limit the collection of these “cookies,” but that limitation may also limit our ability to provide all the services or functionality of the Sites or Apps.  Some third-party service providers may use “flash cookies,” which are saved on your computer, but cannot be rejected, disabled, turned off, opted out of, or deleted in the same way as regular cookies. To learn how to manage your flash cookie settings, visit the Flash player settings page on Adobe’s website.   

In collecting and maintaining cookie-based data or other data collected directly from your mobile device, such as your geolocation, we are able to: 

• Provide you with access to your user preferences, and sign-in on approved devices; 
• Provide the basic functionality of the Apps, such as displaying your live location and movement; 
• Installing and monitoring elements of the Apps for security purposes;
• Help diagnose problems with the Sites or Apps, administer and improve the Sites or Apps, and measure the use of the Sites or Apps;
• Identify your internet provider, page views and other data regarding utilization of the Sites; 
• Gather other web analytics data related to your and other users’ use and navigation of the Sites and Apps; 
• Provide you with relevant content, including advertisements and other offers from third parties; 
• Aggregate cookie data across all users to track overall visitor traffic patterns and provide this aggregated data to vendors, potential advisors, business partners, new agencies, or other parties to identify interests or plan for technical infrastructure requirements; 
• Conduct advertising based on your use of the Sites or Apps, as described below; and
• Otherwise provide improvements and enhancements to the Site. 

We may also use third-party vendors, such as Google Analytics, to advertise to our users online. These third-party vendors may display Anytime Fitness® product advertisements on other websites based on your internet usage. More specifically, these vendors use first-party cookies (such as the Google Analytic cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize, and serve ads based on your past visits to the Sites or another site affiliated with Anytime Fitness® products or services. Any data that these third parties collect via cookies is not linked to any personally identifiable data (name, address, email address, or phone number) we collect, or you provide on the website. You can opt-out of Google Analytics for Display Advertising by using Google’s Ads Settings.

4. Our Relationship with the Websites

In addition to the integration with certain mobile applications as described in this Privacy Policy, the Sites and Apps may contain links to other web sites or other mobile applications. Additionally, other web sites may contain links to the Sites. We do not review or monitor the web sites linked to the Sites and are not responsible for the contents or privacy policies related to any other web sites. If you visit one of these other web sites, you may want to review the privacy policy on that web site. 

Where the Sites contain a link to another web site owned and/or operated by us, such web site use may be subject to different and additional terms of service.

5. Your rights

If you have declared your consent for any personal data processing activities, you can withdraw this consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal.

Pursuant to applicable data protection law you may have the right to: request access to your personal data, request rectification of your personal data; request erasure of your personal data, request restriction of processing of your personal data; request data portability, and object to the processing of your personal data. Please note that these aforementioned rights might be limited under the applicable national data protection law. 

For further information on these rights please refer to the Exhibit – Your Rights. You also have the right to lodge a complaint with the Information Regulator, the data protection supervisory authority in South Africa. To exercise your rights please contact us as stated in Section 9.

Opting Out or Unsubscribing

You may opt out of certain collections of cookies or other web or mobile device based enhancements, including geolocation data collection, by changing your browser settings or going into your preferences on your mobile device and restricting the transmission of certain data. Your limitation of the collection of this data, however, may disable our ability to provide you with the most relevant products or information regarding the Sites and Apps. Currently, our servers do not respond to browser “do not track” signals. If you would like more information regarding online marketing practices and know your choices about not having this information used by our third party service providers, you may visit www.networkadvertising.org/choices

To limit the integration of the Sites and Apps with other related applications you may disable the application through your setting preferences on the Apps or delete the applicable application from your mobile device. Deletion of the application may not delete data previously obtained through the related application.  

To unsubscribe from our emails or other communication from us or a third party, you may follow the “unsubscribe” link at the bottom of the email or sign onto your account and change your email settings. To unsubscribe from text messages or any other mobile messages, you may follow the instructions provided at the time of opt-in or contact us at http://emailsettings.anytimefitness.com/

6. Security of Your Personal Data

We take reasonable precautions and have implemented managerial and technical procedures to try to protect the security of data and information, including personal data. However, we cannot guarantee against any loss, misuse, unauthorized disclosure, or alteration or destruction of data or personal data. 

7. Retention of Your Personal Data

We keep your personal data only as long as we need it for the purposes for which it was originally collected (or to which you have subsequently consented) or for other legitimate purposes (such as regulatory compliance), or as permitted by applicable law.

When we no longer need to use your personal data, we will remove it from our systems and records and/or take steps to properly anonymize it so that you can no longer be identified from it, unless we need to keep your information, including personal data, to comply with legal or regulatory obligations to which we are is subject, e.g. statutory retention periods, or if we need it to preserve evidence within the statutes of limitation, which is usually [three years] but can be up to [thirty years].

8. Changes to our Privacy Policy

We reserve the right to modify this Privacy Policy, completely or in part, from time to time through the posting of notices on the Sites, at any time. You should check the Sites frequently for notices to identify modifications of the Privacy Policy that may be of interest to you. 

For questions or comments related to this Privacy Policy, please email us at info@anytimefitness.co.za

9. Protection Of Personal Information Policy

1. PURPOSE AND OBJECTIVE

1.1. The purpose and objective of this policy is to give effect to the provisions of the Protection of Personal Information Act 4 of 2013 (hereinafter referred to as the POPI Act) to safeguard personal information.

1.2. Anytime Fitness (hereinafter referred to as “the company”) renders and/or market its gyms to its website users, it collects, processes, store and share personal information of these data subjects.

1.3. This policy sets out the measures and standards for the protection and lawful processing of personal information of the data subjects concerned.

1.4. All employees, subsidiaries, business units, departments and individuals directly associated with the company are responsible for adhering to this policy and for reporting any security breaches or incidents to the Information Officer.

1.5. Any service provider that provides informational technology services, including data storage facilities, to the company must adhere to the requirements of the POPI Act to ensure adequate protection of personal information held by them on the
company’s behalf.

2. MEASURES AND STANDARDS

2.1. The company agrees that the collection, processing, storage and sharing of personal information obtained from data subjects is in compliance and in accordance with the laws applicable to the protection of personal information.

2.2. The company shall ensure that the data subjects are aware that their information is being collected, who is collecting their information by providing them with the company’s details and of the specific reason why the company is collecting their
information. The company shall also ensure that the data subjects’ personal information is obtained with their consent.

2.3. The company will collect personal information directly from data subjects. Should personal information be collected from a source other than directly from the data subjects, The company shall ensure that the data subjects are aware that their
information is being collected, who is collecting their information by providing them with the company’s details and of the specific reason why the company is collecting their information.

2.4. The company undertakes to only obtain personal information in a manner relevant for the specific purpose for which it is to be processed. Personal information shall not be processed further in a way that is incompatible with the purpose for which the
information was collected initially.

2.5. Once the data subject’s information is in the company’s possession, it shall ensure that it will only process and release the data subject’s personal information with their consent, except where the company is required to do so by law. In the latter instance, the company will inform the data subject thereof.

2.6. The nature of the personal information which is collected and processed by the company relates to information which includes but is not limited to names and surnames, addresses, contact details, Birth date, gender, emergency contact, banking details, identity numbers,exercise history, medical history.

2.7. Processing of the personal information includes, but is not limited to collection, receipt, recording, collation, storage, updating or modification, retrieval, adaption or alterations, consultation, use provision, dissemination by means of transmission, distribution or aking available in any other form, erasure or deletion of data.

2.8. The company is responsible for ensuring that data subject information is complete, up to date and accurate before it is used. This entails that it may be necessary to request data subjects, from time to time, to update their personal information provided and confirm that it is still relevant. Should the company not be able to reach data subjects for this purpose, their information shall be deleted from the company’s records.

2.9. Data subjects are entitled to know particulars of their personal information held by the company and to correct any personal information held by the company. 2.10. The company will take all reasonable steps to ensure that personal information
obtained from data subjects is stored safely and securely.

2.11. The company shall ensure that technical and organisational measures are in place to ensure the integrity of personal information, and guard against the risk of loss,damage or destruction thereof. Personal information shall also be protected against any unauthorised or unlawful access or processing.

2.12. Notwithstanding the technical and organisational security measures taken by the company, manipulation by third parties or loss of data cannot be completely ruled out. In case of any data breach, the company will promptly report this to the affected
data subject and the relevant authority.

3. INFORMATION OFFICER AND OPERATIONAL CONSIDERATIONS

3.1. The Information Officer shall be responsible for administering and overseeing the implementation of this policy and, as applicable, supporting guidelines, standard operating procedures, notices, consents and appropriate related documents and
processes.

3.2. All employees, subsidiaries, business units, departments and individuals directly associated with the company are to be trained, according to their functions, in the regulatory requirements and guidelines as set out in this policy’s measures and standards to govern the protection of personal information. The company will conduct periodic reviews and audits, where appropriate, to ensure compliance with this policy and its guidelines.

3.3. The details of the Information Officer can be obtained directly from the company should there be any questions and/or queries pertaining to this policy.

4. AMENDMENTS, BREACH AND RIGHT TO DISCIPLINE

4.1. Amendments of this policy will take place on an ad hoc basis as or when required by the company.

10. How to Contact Us

For further information or enquiries regarding your personal data (including to request access to or correction of your personal data or to make a privacy complaint), please contact our Data Protection Officer at:

Elite South Africa t/a Anytime Fitness South Africa 

Attention: Data Protection Officer

16 Triplets Way, Erinvale Estate

Somerset West, Cape Town

Western Cape, 7130

South Africa

info@anytimefitness.co.za

If you have a complaint about how we have collected or handled your personal data, please contact our Data Protection Officer at the mail address set forth above. 

Our representative can be contacted as follows: info@anytimefitness.co.za.

Exhibit – Your Rights

• Right of access

You may have the right to obtain from us confirmation as to whether or not personal data concerning you is processed by us, and, where that is the case, to request access to the personal data. The access information includes – inter alia – the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data have been or will be disclosed. However, this is not an absolute right and the interests of other individuals may restrict your right of access. 

You may have the right to obtain a copy of the personal data undergoing processing. For further copies requested by you, we may charge a reasonable fee based on administrative costs.

• Right to rectification

You may have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

• Right to erasure (“right to be forgotten”)

Under certain circumstances, you may have the right to obtain from us the erasure of personal data concerning you and we may be obliged to erase such personal data. 

• Right to restriction of processing

Under certain circumstances, you may have the right to obtain from us restriction of processing your personal data. In this case, the respective data will be marked and may only be processed by us for certain purposes.

• Right to data portability

Under certain circumstances, you may have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you may have the right to transmit those data to another entity without hindrance from us.

• Right to object

Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data by us and we can be required to no longer process your personal data.

Moreover, if your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case your personal data will no longer be processed for such purposes by us.

• Right to lodge a complaint

You have a right to lodge a complaint to the Information Regulator if you believe that we have interfered with the protection of your personal information. Should you wish to do so, you may contact the Information Regulator at the following address: