Privacy Policy

We, Bodyguards Fitness Service Ltd, of Jesmond House, Clayton Road, Newcastle NE2 1UJ, are the data controller for the personal data you provide when becoming a member, using the gym, or signing in and out of the premises. We will only process your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Types of personal data we process

We may collect and process the following categories of personal data:

·       Your name, date of birth, contact details (such as email address, phone number, and home address).

·       Emergency contact details and any injury or medical information you provide (for example, pre‑existing conditions, injuries, or allergies) which may constitute “special category data” under UK GDPR.

·       Records of your visits to the gym (including sign‑in and sign‑out entries in a logbook or access system).

·       CCTV footage captured on our premises, including at entrances, reception, and other common areas, for security and health‑and‑safety purposes.

Purposes and lawful basis for processing

We process your personal data for the following purposes and on the following lawful bases:

·       To administer your membership, manage your attendance, and identify you in the gym environment (necessary for the performance of the contract between you and us).

·       To contact you about your membership, changes to our services, or important safety information (necessary for the performance of the contract and/or our legitimate interests).

·       To record and manage any injury or medical information provided by or about you, in order to ensure your safety and that of other members, and to enable appropriate first‑aid or emergency response (necessary for the purposes of preventive or occupational medicine and health‑and‑safety, and/or on the basis of your explicit consent where required).

·       To maintain CCTV footage and access‑log records for security, crime prevention, and investigating accidents or incidents on our premises (our legitimate interests, and in some cases compliance with health‑and‑safety obligations).

Special category data (such as health, injury, or medical information) will only be processed where at least one of the conditions in Article 9 UK GDPR applies, such as explicit consent, the purposes of preventive or occupational medicine, or the exercise of rights in the field of social security and social protection. Where we rely on explicit consent, this will be obtained separately from your membership agreement and can be withdrawn at any time.

How we use CCTV and sign‑in logs

CCTV is used primarily for crime prevention, security, and to support investigations where an incident occurs on our premises. Cameras are not placed in areas where there is a reasonable expectation of privacy (such as changing rooms, showers, or toilets), and footage is reviewed only when necessary.

We may also require you to sign in and out of the gym with your name recorded in a logbook or similar system. This is used to:

·       Monitor attendance and ensure safe capacity levels.

·       Support health‑and‑safety and emergency procedures, such as quickly identifying who was present in the event of an incident or emergency.

All CCTV footage and access‑log information will be stored securely and only for as long as necessary for the stated purposes, or as required by law.

Sharing your data

·       We will only share your personal data with third parties where:

·       It is necessary for the performance of our contract with you (for example, with payment processors or third‑party billing providers).

·       It is required by law (for example, disclosure to the police or emergency services in the event of an incident).

·       You have given explicit consent (where applicable, such as for certain health‑related services).

·       Any third party with whom we share your data will be under appropriate contractual obligations to protect it in line with UK GDPR.

Retention of your data

We will retain your personal data for no longer than is necessary for the purposes for which it was collected. Specific retention periods may vary, for example:

·       CCTV footage will typically be retained for no longer than [insert number, e.g. 30‑90 days], unless it is required as evidence for an ongoing investigation.

·       Visit‑log records will be kept for [insert number, e.g. 6‑12 months], unless there is an incident or legal requirement to retain them for longer.

·       Contact details and membership information will be retained in accordance with applicable statute‑of‑limitations and contractual‑retention requirements.

Your rights under UK GDPR

You have the right, under UK GDPR, to:

·       Access the personal data we hold about you.

·       Request that inaccurate data be corrected.

·       Request that your data be erased where there is no overriding reason for us to keep it.

·       Object to, or restrict, certain processing activities (for example, marketing or secondary uses of your data).

·       Lodge a complaint with the Information Commissioner’s Office (ICO) if you believe we are not complying with data‑protection law.

If you wish to exercise any of these rights, please contact us at info@bodyguardsapt.com.

Security and data protection

We take appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. This includes secure storage of paper records (such as logbooks and medical / injury forms), access controls, and appropriate physical and digital security measures.