Privacy Policy

OOMPH Privacy Policy

 

 

This Privacy Policy was last updated on September 18, 2019

 

This privacy Policy (“Privacy Policy”) applies to the treatment of personally identifiable information submitted by, or otherwise obtained from, you in connection with the associated application (“Application”). The Application is provided by OOMPH Fitness Inc. (“OOMPH”). By using or otherwise accessing the Application, you acknowledge that you accept the practices and policies outlined in this Privacy Policy.

INTRODUCTION

OOMPH is committed to protecting our customer privacy and takes its responsibility regarding the security of customer information and data very seriously. We will be clear and transparent about the information we are collecting and what we will do with that information or data.

This Policy sets out the following:

  • What personal data we collect and process about you in connection with your relationship with us as a customer and through your use of our website, apps, mobile applications, and online services;
  • Where we obtain the data from;
  • What we do with that data;
  • How we store the data;
  • The persons to which we transfer or disclose personal data;
  • How we deal with your data protection rights;
  • How we comply with the data protection rules.
  • That personal data is collected and processed in accordance with applicable data protection laws.
  •  

DATA CONTROLLER

“OOMPH” (referred to as “we”, “us”, “our” or “OOMPH”) in this policy primarily refers to OOMPH Fitness Inc., the main operating company of the OOMPH group, and, where appropriate, to other companies in the OOMPH group or other entities over which OOMPH exercises management control.  OOMPH is the “data controller” of all personal data that is collected and used about OOMPH customers for the purposes of privacy and data protection laws, principles and regulations which may apply in your country.

 

 

WHAT PERSONAL INFORMATION DOES OOMPH FITNESS INC. COLLECT?

Personal data means any information relating to you which allows us to identify you, such as your name, phone number, social media name or ‘handle’, postal address, email address, details of products or services you have purchased, payment details and information about your access to our website. We may collect personal data from you (either directly or indirectly, through our third party partners or providers) in a number of ways.

Specifically, we may collect the following categories of personal data:

 

  1. Name, home address, e-mail address, telephone number, credit/debit card or other payment details;
  2. Information such as nationality, place and date of birth, and gender;
  3. Medical conditions or requirements;
  4. Information you provide about yourself and any preferences in your account;
  5. Information about your purchases of products and services from us or our partners;
  6. Information about your use of our website or app;
  7. Communications with us or directed to us via letters, emails, chat services, calls, and social media; and
  8. Location, including real-time geographic location of your computer or device through GPS, Bluetooth and your IP address, along with crowd-sourced Wi-Fi hotspot and cell-tower locations, but only if you use location-based features and turn on the location services settings on your device or computer.

 

Personal details including about your physical or mental health are considered “sensitive” personal data under applicable data protection laws. We will process any such data only if you have given your explicit consent, or it is necessary (for instance if you request special assistance), or you have deliberately made it public.

WHAT DOES OOMPH FITNESS INC. USE YOUR PERSONAL DATA FOR, WHY, AND FOR HOW LONG

Your data may be used for the following purposes:

  1. Provide products and services you request: we use the information you give us to perform the services for which you have signed up;
  2. Credit or other payment card verification/screening; and payment information for accounting, billing and audit purposes and to detect or prevent any fraudulent activities;
  3. Administrative or legal purposes: we use your data for statistical and marketing analysis, systems testing, customer surveys, maintenance and development, or in order to deal with a dispute or claim. We may perform data profiling based on the data we collect from you for statistical and marketing analysis purposes, but only with your prior consent, and by making best endeavours to ensure that all data it is based on is accurate. By providing any personal data you explicitly agree that we may use it to perform profiling activities in accordance with this privacy policy;
  4. Security, health, administrative, crime prevention/detection: we may pass your information to government authorities or enforcement bodies for compliance with legal requirements;
  5. Customer service communications: we use your data to manage our relationship with you as our customer and to improve our services and enhance your experience with us;
  6. Provide tailored services: we use your data to provide information we believe is of interest to you, prior to, during, and after your interactions with us, and to personalise the services we offer to you, such as special offers.

We will only process your personal data where we have a legal basis to do so, which will depend on the reasons for which we have collected and need to use your personal data. In most cases we will need to process your personal data so that we can enter into our contract and fulfil the provision or delivery of goods or services to you.

We may also process your personal data for one or more of the following reasons:

• To comply with a legal obligation;

• Where you have consented to our using your personal data (eg. for marketing related uses);

• To protect your vital interests or those of another person (eg. in case of a medical emergency);

• If it is in our legitimate interests to do so (eg. for administrative purposes).

 

Only children above a certain age (generally 16 years or older, but varying from country to country) can provide their own consent. For children under this age, the knowledge and consent of the parents or legal guardians is required.

We will not retain your data for longer than is necessary to fulfil the purpose for which it is being processed. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it, and whether we can achieve those purposes through other means.

We also consider the periods for which we might need to retain personal data in order to meet our legal obligations, or to deal with complaints and queries, and to protect our legal rights in the event of a claim being made.

When we no longer need your personal data, we will securely delete or destroy it. We will also consider if and how we can minimize over time the personal data that we use, and if we can anonymise your personal data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.

SECURITY OF YOUR PERSONAL DATA

We follow strict security procedures in the storage and disclosure of your personal data, and to protect it against accidental loss, destruction or damage. The data you provide to us is protected using SSL (Secure Socket Layer) technology. SSL is the industry standard method of encrypting personal information and credit card details so that they can be securely transferred over the Internet.

 

SHARING YOUR PERSONAL DATA

 

Your personal data may be shared with other companies within the OOMPH group.

We may also share your personal data with the following third parties for the purpose described in this privacy policy:

 

  1. Government authorities, law enforcement bodies and regulators for compliance with legal requirements;
  2. Other companies, contractors or agents to provide services to you including delivery, marketing, support ticket providers, or marketing platform providers, communications, legal services, debt collection, administration services, customer services, information technology providers, credit card or other payment methods to conduct transactions;
  3. The host of our online store (Shopify Inc.), which provides us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases, and the general Shopify application. By using services provided by Shopify Inc. you agree to their terms and conditions, which are available at https://www.shopify.com/legal/terms, including their privacy policy;
  4. Credit and debit card companies which facilitate your payments to us, and for anti-fraud screening, which may need information about your method of payment to process payment or ensure the security of your payment transaction. These may include third party payment gateway providers, including at www.paypal.com or www.apple.com. Before entering your personal details we suggest that you read and become familiar with the privacy policy for any such third-party provider;
  5. Legal and other professional advisers, law courts and law enforcement bodies in countries in which we operate, in order to enforce our legal rights in relation to our contract with you;
  6. Our trusted third party ancillary partners (identified on our website), who many offer products and services on or through our website. If you choose to purchase products or services offered on our websites by third parties, you may be a customer of both OOMPH and these third parties, and we and our partners may collect and share information about you, such as your contact details and your billing information. We are not responsible for third parties’ use of your personal data where such use is permitted for their own purposes. You should consult their privacy policies for further information.
  7. Business Transfers: In some cases, we may choose to buy or sell assets. In these types of transactions, customer information is typically one of the business assets that are transferred. Moreover, if OOMPH Fitness Inc., or substantially all of its assets were acquired, or in the unlikely event that OOMPH Fitness Inc. goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of OOMPH Fitness Inc. may continue to use your personal information as set forth in this policy.
  8. Social media: You may be able to access third party social media services through our website or app or before coming to our website or app. When you are registered with your social media account, we will obtain the personal data you choose to share with us through these social media services pursuant to their privacy settings in order to improve and personalize your use of our website or app. We may also use social media plugins on our website or app. As a result your information will be shared with your social media provider and possibly presented on your social media profile to be shared with others in your network. Please refer to the privacy policy of those third-party social media providers to find out more about these practices.

 

Protection of OOMPH Fitness Inc. and Others: We may release personal information when we believe in good faith that release is necessary to comply with the law; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of OOMPH Fitness Inc., our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.

 

With Your Consent: Except as set forth above, you will be notified when your personal information may be shared with third parties, and will be able to prevent the sharing of this information.

 

INTERNATIONAL DATA TRANSFER

 

OOMPH operates businesses in multiple jurisdictions, some of which are not located in the European Union or European Economic Area (EEA). While countries outside the EEA do not always have strong data protection laws, we require all services providers to process your information in a secure manner and in accordance with EU and other applicable laws on privacy and data protection.

COOKIES AND SITE TRACKING

 

We may collect data from other sources which may not always be obvious, such as through the use of “cookies”. We may also gather information from both online and offline data providers. This information could include internet browsing behaviour, demographic data or interest-based data.

A cookie is a small text file stored on your computer that contains information that helps the website to identify and track the visitor. Cookies do no harm to your computer, consist only of text, cannot contain viruses, and occupy virtually no space on your hard drive.

Two types of cookies are used: "Session Cookies", and cookies that are saved permanently on your computer. The first type of cookie commonly used is "Session Cookies". During the time you visit the website, our web server assigns your browser a unique identifier string so as not to confuse you with other visitors. A "Session Cookie" is never stored permanently on your computer and disappears when you close your browser. To use some of our websites without troubles you need to have cookies enabled.

The second type of cookie saves a file permanently on your computer. This type of cookie is used to track how visitors move around on the website. This is only used to offer visitors better services and support. The text files can be deleted. On this website we use this type of cookie to keep track of your shopping cart and to keep statistics of our visitors. The information stored on your computer is only a unique number, without any connection to personal information.

 

Here is a list of cookies that we currently use. We have listed them here so you that you can choose if you want to opt-out of cookies or not:

 

• _session_id, unique token, sessional, allows Shopify to store information about your session (referrer, landing page, etc.)

• _shopify_visit, no data held, persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits

• _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, counts the number of visits to a store by a single customer.

• _cart_, unique token, persistent for 2 weeks, stores information about the contents of your cart.

• _secure_session_id, unique token, sessional storefront_digest, unique token, indefinite; if the shop has a password, this is used to determine if the current visitor has access.

 

To opt out of cookies, you can alter the settings on your internet browser to accept or reject a website from using cookies. This may affect functionality of the website. Some third parties may use cookies and other technologies. We recommend that you read their privacy policies or policies relating to the use of cookies and technology. When you browse our store, we automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. We may also collect data: regarding device IDs or identifiers, connection information, device software, statistics of page views, ad data, referral URLs and IP data; to determine your general geographic location, so that we can provide location-specific content to you; to assist in responding to complaints and queries; to investigate any possible breach of our terms or conditions including fraud or illegal activities with the use of your personal data; and with your permission, we may send you emails about our store, new products, and other updates.

 

If we do ask for your personal information for a secondary purpose such as marketing and you are an individual in the European Economic Area (EEA), we will either ask you directly for your express consent, or provide you with an opportunity to say no. If after you opt-in, you change your mind, you may withdraw your consent for us to contact you for the continued collection, use or disclosure of your information, at any time, by contacting us or by using the unsubscribe link within any of our emails. If you are outside of the European Economic Area (EEA), you may withdraw your consent for us to contact you for the continued collection, use or disclosure of your information, at any time, by contacting us or by using the unsubscribe link within any of our emails.

We use tracking software to monitor customer traffic patterns and site usage to help us develop the design and layout of websites. This software does not enable us to capture any of your data.

Your personal information will not be shared, sold, rented or disclosed other than as described in this privacy policy.

 

DATA PROTECTION OFFICER

 

We have appointed a Data Protection Officer (“DPO”) to oversee compliance with this policy. You have the right to make a complaint at any time to a supervisory authority. The data protection supervisory authority for you depends upon the country or geographical area in which you are located.

 

YOUR DATA PROTECTION RIGHTS

 

Under certain circumstances, by law you have the right to:

  1. Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.
  2. Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  3. Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  4. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see e. below).
  5. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  6. Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your personal information or profiling of you.
  7. Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  8. Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
  9. Withdraw consent. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes to which you originally agreed, unless we have another proper and legitimate basis for doing so.

If you want to exercise any of these rights, then please contact our DPO by email at dataprotection@oomph.app.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly completely unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

CONDITIONS OF USE

If you decide to use or otherwise access the Application, your use/access and any possible dispute over privacy is subject to this Privacy Policy and our Terms of Service, including limitations on damages, arbitration of disputes, and application of Ontario Provincial law.

THIRD PARTY APPLICATIONS/WEBSITES

The Application may permit you to link to other applications or websites. Such third party applications/websites are not under OOMPH Fitness Inc.’s control, and such links do not constitute an endorsement by OOMPH Fitness Inc. of those other applications/websites or the services offered through them. The privacy and security practices of such third party application/websites linked to the Application are not covered by this Privacy Policy, and OOMPH Fitness Inc. is not responsible for the privacy or security practices or the content of such websites.

WHAT PERSONAL INFORMATION CAN I ACCESS?

 

OOMPH Fitness Inc. allows you to access the following information about you for the purpose of viewing, and in certain situations, updating that information. This list may change in the event the Application changes.

  • Account and user profile information
  • User e-mail address, if applicable
  • Facebook profile information, if applicable
  • User preferences
  • Application specific data

We may share non-personally identifiable information (such as anonymous usage data, referring/exit pages and URLs, platform types, number of clicks, number of users using health kit etc.) with third party analytics providers and other third parties to help them and us understand the usage patterns for certain Services. This Privacy Policy in no way restricts or limits our collection and use of non-personally identifiable information.

 

HEALTHKIT

 

OOMPH Fitness Inc. integrates with Apple’s Healthkit integration to track the following PHR (Personal Health Record) Data; duration, steps taken, calories and distance, and exercise type. PHR data is app-based Personal Health Record information. This data is passed through to Healthkit for the purpose of providing real time metric feedback to the user about their workouts, wellbeing and training program.

The Healthkit data that we collect is classified as Personal Identifiable Information (PII) and Non- Personal Identifiable Information (NPII) For Clarification purposes:

  • PII is any PHR Data that connects to you as an individual such as names, health conditions, and other identifiers. Any additional PHR data that is PII will fall under this scope
  • NPII is PHR Data that is 1) grouped so it does not connect to you as an individual and 2) has names and other identifiers removed or altered.

OOMPH Fitness Inc. WILL NOT release Healthkit PII or non PII to any person, company or other entity for any reason, including but not limited to:

  • Marketing and Advertising
  • Medical and pharmaceutical research
  • Reporting about our company and or customer activity
  • Your insurer and employer
  • We may disclose your personal information to third parties should it be required to do so by law or subpoena or if we believe that such action is necessary to (a) conform to the law, comply with legal process served on us or our affiliates, or investigate, prevent, or take action regarding suspected or actual illegal activities; (b) to enforce our Terms of Use, take precautions against liability, to investigate and defend ourselves against any third-party claims or allegations, to assist government enforcement agencies, or to protect the security or integrity of our site; and (c) to exercise or protect the rights, property, or personal safety of Company, or to otherwise act in the best interests of our users or others.

Your Personal Data is only collected by us from your direct use with the OOMPH app, and if you granted both our app and Apple’s HealthKit permission. If you close or transfer your profile with us, we no longer collect any PHR data.

 

CAN CHILDREN USE THE APPLICATION?

Our site and the services available through OOMPH Fitness Inc. are not intended for children under the age of 13. OOMPH Fitness Inc. does not knowingly or specifically collect information about children under the age of 13 and believes that children of any age should get their parents’ consent before giving out any personal information. We encourage you to participate in your child’s web experience.

CHANGES TO THIS PRIVACY POLICY

OOMPH Fitness Inc. may amend this Privacy Policy from time to time. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. If we make changes in the way we use personal information, we will notify you by posting an announcement on our Site or sending you an email. Users are bound by any changes to the Privacy Policy when he or she uses or otherwise accesses the Application after such changes have been first posted.

QUESTIONS OR CONCERNS

If you have any questions or concerns regarding privacy on our Website, please email us a detailed message at privacy@oomph.app. We will make every effort to resolve your concerns.

LEGAL DISCLAIMER

Please review the following User Agreement carefully before using OOMPH app or any intellectual property owned by OOMPH Fitness Inc. You should also read our Privacy Policy. OOMPH Fitness Inc. strongly recommends that you consult with your physician before beginning any exercise program. You should be in good physical condition and be able to participate in the exercise.

OOMPH Fitness Inc. and its trainers are not a licensed medical care provider and represents that it has no expertise in diagnosing, examining, or treating medical conditions of any kind, or in determining the effect of any specific exercise on a medical condition.

 

You should understand that when participating in any exercise or exercise program, there is the possibility of physical injury. If you engage in this exercise or exercise program, you agree that you do so at your own risk, are voluntarily participating in these activities, assume all risk of injury to yourself, and agree to release and discharge OOMPH Fitness Inc. and its trainers from any and all claims or causes of action, known or unknown, arising out of OOMPH Fitness Inc.’s negligence.