September 09, 2016
EU-US Privacy Shield Policy
Privacy Shield Certification
Lift Brands, Inc., and several of its wholly owned subsidiaries, including Snap Fitness, Inc., HealthFran, LLC, GoFit, LLC, and Wholesale Fitness Supply, LLC, (the “Certified Entities”) comply with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. The Certified Entities have certified that they adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.
Scope of This Policy
Types of Information We Receive from Third Parties in the European Union
The Certified Entities may receive the following information from third parties in the European Union: your name, postal address, telephone number, e-mail address, credit card number or other payment account information, and, if you are an employee of one of the Certified Entities or one of their affiliates or franchisees, information related to your employment (collectively, “Personal Information”).
How We Use Personal Information
Generally, we use the information we receive from third parties in the European Union:
- to provide the information, products and services you request;
- for security, credit or fraud prevention purposes;
- to provide you with effective customer service;
- to provide you with a personalized experience when you use our services;
- to contact you with information and notices related to your use of our services;
- to contact you with special offers and other information we believe will be of interest to you (in accordance with any privacy preferences you have expressed to us);
- to invite you to participate in surveys and provide feedback to us (in accordance with any privacy preferences you have expressed to us);
- to better understand your needs and interests;
- to improve our products and services;
- to improve our marketing and promotional efforts, including the content, functionality and usability of our websites;
- in the case of employees and job applicants, for employment-related purposes; and
- for any other purpose identified in an applicable privacy notice, click-through agreement or other agreement between you and us.
Please see below for information about the choices you have about the ways we use your information.
If we intend to use Personal Information for a purpose that is incompatible with the purposes described here or if we intend to disclose it to a type of third party not identified below, we will notify you and offer you the opportunity to opt out of such uses and/or disclosures where it involves non-sensitive information or opt-in where sensitive information is involved.
How to Access, Correct, or Delete Your Information
You have the right to request access to your Personal Information and to request to correct or delete it. If you have created a profile on one of the Certified Entities’ websites, you may be able to access, correct, or delete your Personal Information through your account settings. Otherwise, you may need our help. Please contact us using the information provided below. We will respond to you within a reasonable time and, in any case, within the time limits established by applicable law. We may ask you for additional information to verify your identity. In most cases, we will provide access and correct or delete any inaccurate information you discover. In some cases, however, we may limit or deny your request if it is unreasonable and/or the law permits or requires us to do so or if we are unable to verify your identity.
Steps We Take to Safeguard your Information
We maintain reasonable administrative, physical and technological measures to protect the confidentiality and security of Personal Information we receive from third parties in the European Union. Unfortunately, no website, server, or database is completely secure or “hacker proof.” We therefore cannot guarantee that your Personal Information will not be disclosed, misused or lost by accident or by the unauthorized acts of others.
How We Share Information With Others
The Certified Entities may share Personal Information they receive from third parties in the European Union with vendors who act on their behalf. However, these vendors are restricted from using the Personal Information for purposes other than providing the services to the Certified Entities. Vendors that receive Personal Information governed by this Policy and that are not subject to the Data Protection Directive or another adequacy finding must either (i) subscribe to the Privacy Shield principles or (ii) contractually agree to provide at least the same level of protection for Personal Information as is required by the relevant Privacy Shield principles.Within the Lift Brands Corporate Family.
Any one of the Certified Entities may share information received from third parties in the European Union with other companies in the Lift Brands corporate structure. These affiliate companies are permitted to use your information for their own marketing purposes and in a manner otherwise consistent with this Policy. With our Franchisees. The Certified Entities may share information received from third parties in the European Union with the owner of any one of our locations that you have used or in which you have expressed interest. Our franchisees are required by contract to keep your information confidential and they may use this information only in accordance with the terms of the contract. As Part of a Business Transfer. Any one of the Certified Entities may transfer your Personal Information to a successor organization if, for example, the Certified Entity merges with or is acquired by another organization, or if it liquidate its assets. If such a transfer occurs, the successor organization’s use of your Personal Information will still be subject to this Policy and the privacy preferences you have expressed to us.To Comply With Laws and Protection of Our Rights and the Rights of Others.
Privacy Shield Complaint Resolution
In compliance with the EU-US Privacy Shield Principles, the Certified Entities commit to resolve complaints about your privacy and our collection or use of Personal Information received from third parties in the European Union. European Union individuals with inquiries or complaints regarding this Policy should first contact us by e-mail at firstname.lastname@example.org or by mail at 2411 Galpin Court, Suite 110, Chanhassen, MN, USA 55317. The Federal Trade Commission shall have enforcement jurisdiction over our compliance with the Privacy Shield. We may have potential liability in cases of onward transfer to third parties. We have further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU Privacy Shield, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
Finally, in certain limited circumstances and as a last resort, it may be possible for European Union individuals to invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.