Last updated: 30 April 2021
Trainimal AB, Swedish Corp. ID no. 556078-0073 (“Trainimal” or “we” in some form) want to safeguard your privacy and always make every effort to protect your personal data as well as always working in accordance with data protection regulations. For more information about us, see section 8.
1. Categories of personal data, purposes, and lawful basis
We generally collect personal data directly from you. Not providing your personal data may be disadvantageous to you, e.g. you may not receive the information about us that you would want. Unless there are other issues, not providing your personal data will not lead to any legal consequences for you. We may also collect personal data from third parties.
1.1. Business partners or potential business partners
If you represent one of our business partners or potential business partners, we will process personal data to facilitate our business relationship with the organisation that you represent, such as contact details such as name, title, organisation, email address and, if necessary, bank and transaction details.
The lawful basis for our processing of personal data is to fulfil our agreements or for the purposes of our legitimate interests in running our business. We will retain the personal data as long as we have a business relationship, and for potential business partners up to one (1) year after our latest contact.
1.2. Customer support
To be able to provide customer support we process personal data such as name, email, information about the case, times and login data on our support portal. The lawful basis for our processing of personal data is for the purposes of our legitimate interests in running our business and communicating with the person who has contacted customer support.
We will retain the personal data as long as we have a contractual relationship.
To be able to provide services to our customers, we collect and process personal data when the customer creates an account with us. These include details such as first name and surname, gender, email address, residential address, telephone number and date of birth. In addition, if you shop in our online store, we ask you for delivery address details and payment information. If you use our personal training and nutritional advice service online, we might also request that you register information relating to any allergies, medication, exercise habits and other details that are required for us to be able to optimise your nutrition and exercise programmes, such as food, exercise sessions, measurements and weight as well as images of you for us to be able to provide personal training and nutritional advice. In addition to this, we process details of communications with you including your IP address. The lawful basis for our processing of personal data is for the purposes of our legitimate interests in fulfilling our agreement with you and/or performing our obligations to you within that agreement.
We will retain the personal data as long as you are a customer plus up to a year after that in order to facilitate the potential reactivation of your membership, and no longer than seven (7) years after the end of an agreement.
1.4. Newsletters and press releases
We may process your email address to send you press releases, email marketing material and product information, and newsletters. The lawful basis for our processing of personal data is consent or for the purposes of our legitimate interests in marketing our services. If the lawful basis is consent, this may be revoked at any time by contacting us at firstname.lastname@example.org.
We will retain personal data no longer than five (5) years after the latest activity.
2. Data storage periods
Your personal data will be stored for as long as is necessary for the provision of our products, services or communications or to maintain our business relationship (or to manage our potential business relationship). In addition to storage for these purposes, we may also store your personal data for up to one (1) year after the termination of your membership to facilitate its potential reactivation, comply with applicable legislation, such as accounting legislation, or if we need your personal data to establish, exercise or defend legal claims.
3. Who do we share your personal data with?
We use third-party solutions as communication channels for our group memberships, such as Facebook or Zoom. Data is stored in the cloud with Google Inc, who are our data processors. Google Inc. are only entitled to store and manage data in line with our instructions, i.e. storage is only on our behalf. Google Inc. manage all the information you submit to us. For support and customer service we use the Freshdesk service, which our data processor Freshworks provides. Freshworks only processes names and email addresses on our behalf so that we can provide you with support and customer service. Emails from all our services are done through Mandrill and newsletters are mailed out via Mailchimp. Both services are provided by The Rocket Science Group, who is our data processor.
They only process email addresses on our behalf so that 1) we can communicate with you from those services of ours that you use, and 2) we can deliver our newsletters to you if and when you request them. We also share information with payment service providers when you shop in our online store. In addition to the above, we may, in accordance with applicable data protection legislation, transfer personal data to public authorities, legal advisers, external consultants or business partners. In the event of a corporate merger or acquisition, personal data may be transferred to those third parties that are involved in the merger or acquisition, including potential buyers, investors and professional advisers.
4. Transfer of personal data
We will take all necessary steps to ensure that transfers to countries outside the EU/EEA and UK are adequately protected, as required by the applicable data protection legislation. As regards transfers to countries that are not considered by the EU Commission, or UK data protection laws, to provide an adequate level of data protection, we base those transfers on appropriate protective measures, such as the standard contractual clauses for data protection adopted by the EU Commission or equivalent under UK data protection laws for transfers of personal data from the UK. You can request a copy of such protective measures by contacting us as stated below in section 8.
You have the following rights:
- Right of access to the personal data we process. You can request information about which personal data of yours is stored with us, the purposes of processing this personal data and information about the source from which this personal data has been collected.
- Right to request that your personal data be rectified if it is inaccurate or incomplete
- Right in certain cases to have your personal data deleted, for example if your personal data is no longer necessary for the purposes for which it was collected.
- Right in certain cases to have our processing of your personal data limited, for example if you have objected to your personal data being processed on the basis of legitimate interests. In the period in which a check is being undertaken as to whether our reasons prevail over your interests, rights and freedoms, the processing of your personal data may also be limited.
- Right to revoke or change the consent you gave us at any time
- Right in certain circumstances to have some of your personal data extracted and transferred in electronic format, and in some cases to another data controller (data portability).
If you wish to
You will still always have the right to file a complaint to the appropriate data protection authority if you feel that our processing of your personal data is not being conducted in accordance with applicable legislation. In Sweden the appropriate authority is the Swedish Authority for Privacy Protection. In the United Kingdom, the data protection authority is the Information Commissioner’s Office.
6. Cookies and other tracking technologies
8. Contact information