Trainimal Woman Privacy Policy

Last updated: 30 April 2021

Trainimal AB, corp. ID no. 556078-0073 (“Trainimal” or “we” in some form) want to safeguard your privacy and always make every effort to protect your personal data as well as always working in accordance with data protection regulations. For more information about us, see section 8. 

We want our customers, suppliers and other business partners to know how, when and why we process personal data. This Privacy Policy describes how Trainimal, as personal data controller, processes personal data according to the EU’s General Data Protection Regulation (EU) 2016/679 (“GDPR”) and UK’s General Data Protection Regulation (“UK GDPR”). 

1. Categories of personal data, purposes, and lawful basis 

We generally collect personal data directly from you. Not providing your personal data may be disadvantageous to you, e.g. you may not receive the information about us that you would want. Unless there are other issues, not providing your personal data will not lead to any legal consequences for you. We may also collect personal data from third parties. 

1.1. Business partners or potential business partners 

If you represent one of our business partners or potential business partners, we will process personal data to facilitate our business relationship with the organisation that you represent, such as contact details such as name, title, organisation, email address and, if necessary, bank and transaction details.  

The lawful basis for our processing of personal data is to fulfil our agreements or for the purposes of our legitimate interests in running our business. We will retain the personal data as long as we have a business relationship, and for potential business partners up to one (1) year after our latest contact. 

1.2. Customer support 

To be able to provide customer support we process personal data such as name, email, information about the case, times and login data on our support portal. The lawful basis for our processing of personal data is for the purposes of our legitimate interests in running our business and communicating with the person who has contacted customer support. 

We will retain the personal data as long as we have a contractual relationship. 

1.3. Customers 

To be able to provide services to our customers, we collect and process personal data when the customer creates an account with us. These include details such as first name and surname, gender, email address, residential address, telephone number and date of birth. In addition, if you shop in our online store, we ask you for delivery address details and payment information. If you use our personal training and nutritional advice service online (PT Online), we also request that you register information relating to any allergies, medication, exercise habits and other details that are required for us to be able to optimise your nutrition and exercise programmes, such as food, exercise sessions, measurements and weight as well as images of you for us to be able to provide personal training and nutritional advice. In addition to this, we process details of communications with you including your IP address. The lawful basis for our processing of personal data is for the purposes of our legitimate interests in fulfilling our agreement with you and/or performing our obligations to you within that agreement. 

We will retain the personal data as long as you are a customer plus up to a year after that in order to facilitate the potential reactivation of your membership, and no longer than seven (7) years after the end of an agreement. 

1.4. Newsletters and press releases 

We may process your email address to send you press releases, email marketing material and product information, and newsletters. The lawful basis for our processing of personal data is consent or for the purposes of our legitimate interests in marketing our services. If the lawful basis is consent, this may be revoked at any time by contacting us at support@mammafitness.se.  

We will retain personal data no longer than five (5) years after the latest activity. 

2. Data storage periods 

Your personal data will be stored for as long as is necessary for the provision of our products, services or communications or to maintain our business relationship (or to manage our potential business relationship). In addition to storage for these purposes, we may also store your personal data for up to one (1) year after the termination of your membership to facilitate its potential reactivation, comply with applicable legislation, such as accounting legislation, or if we need your personal data to establish, exercise or defend legal claims. 

3. Who do we share your personal data with? 

For the purposes stated in this Privacy Policy, we may share your personal data with service suppliers and collaboration partners who operate as data processors for us. These may include the provision of services relating to communications, mailings, storage, and support and customer service activities.  

We use third-party solutions as communication channels for our group memberships, such as Facebook or Zoom. Data is stored in the cloud with Google Inc, who are our data processors. Google Inc. are only entitled to store and manage data in line with our instructions, i.e. storage is only on our behalf. Google Inc. manage all the information you submit to us. For support and customer service we use the Freshdesk service, which our data processor Freshworks provides. Freshworks only processes names and email addresses on our behalf so that we can provide you with support and customer service. Emails from all our services are done through Mandrill and newsletters are mailed out via Mailchimp. Both services are provided by The Rocket Science Group, who is our data processor.  

They only process email addresses on our behalf so that 1) we can communicate with you from those services of ours that you use, and 2) we can deliver our newsletters to you if and when you request them. We also share information with payment service providers when you shop in our online store. In addition to the above, we may – in accordance with applicable data protection legislation – transfer personal data to public authorities, legal advisers, external consultants or business partners. In the event of a corporate merger or acquisition, personal data may be transferred to those third parties that are involved in the merger or acquisition, including potential buyers, investors and professional advisers.  

4. Transfer of personal data 

We will take all necessary steps to ensure that transfers to countries outside the EU/EEA and UK are adequately protected, as required by the applicable data protection legislation. As regards transfers to countries that are not considered by the EU Commission, or UK data protection laws, to provide an adequate level of data protection, we base those transfers on appropriate protective measures, such as the standard contractual clauses for data protection adopted by the EU Commission or equivalent under UK data protection laws for transfers of personal data from the UK. You can request a copy of such protective measures by contacting us as stated below in section 8. 

You have the following rights: 

  1. Right of access to the personal data we process. You can request information about which personal data of yours is stored with us, the purposes of processing this personal data and information about the source from which this personal data has been collected.  
  1. Right to request that your personal data be rectified if it is inaccurate or incomplete  
  1. Right in certain cases to have your personal data deleted, for example if your personal data is no longer necessary for the purposes for which it was collected.  
  1. Right in certain cases to have our processing of your personal data limited, for example if you have objected to your personal data being processed on the basis of legitimate interests. In the period in which a check is being undertaken as to whether our reasons prevail over your interests, rights and freedoms, the processing of your personal data may also be limited.  
  1. Right to revoke or change the consent you gave us at any time  
  1. Right in certain circumstances to have some of your personal data extracted and transferred in electronic format, and in some cases to another data controller (data portability). 

If you wish to exercise any of your rights, you are welcome to contact us via the contact details given in section 8 of this Privacy Policy. To protect your privacy and your personal data, we may ask you to confirm your identity in connection with your request. 

You will still always have the right to file a complaint to the appropriate data protection authority if you feel that our processing of your personal data is not being conducted in accordance with applicable legislation. In Sweden the appropriate authority is the Swedish Authority for Privacy Protection. In the United Kingdom, the data protection authority is the Information Commissioner’s Office.  

6. Cookies and other tracking technologies 

This website uses cookies. For more information, please see our Cookie Policy Information about cookies – MammaFitness. 

7. Changes to our Privacy Policy 

We reserve the right to change this Privacy Policy at any time. Where appropriate, we will notify you of all substantial changes to the Privacy Policy. In such cases, we will notify you by means of a message or by email. You will also find the date of the latest change in the Privacy Policy at the top of this website. 

8. Contact information 

This website is owned and operated by Trainimal AB. We are registered in Sweden, Company ID 556078-0073, and our registered address is Tulegatan 19, SE-113 53 Stockholm. If you have any questions relating to this Privacy Policy, please contact us at support@trainimal.com