Privacy Policy

Introduction

sambucnvuv B.V. ("we," "our," or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our fitness center, use our services, or interact with our website at sambucnvuv.life.

This policy applies to all personal data processed by sambucnvuv in connection with our fitness center services, membership programs, and related activities. We act as the Data Controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller Information

The data controller responsible for your personal information is:

Data Collection

The data we collect includes personal information that you provide to us directly, information we collect automatically when you use our services, and information we may receive from third parties. We collect this information to provide and improve our fitness services, communicate with you, and fulfill our legal obligations.

Information You Provide

• Personal details (name, address, phone number, email address, date of birth)
• Emergency contact information
• Health and fitness information (medical conditions, fitness goals, dietary requirements)
• Membership and payment information
• Communication preferences
• Feedback and survey responses

Information Collected Automatically

• Facility access logs and attendance records
• Website usage data (IP address, browser type, pages visited)
• Cookies and similar tracking technologies
• Security camera footage (where applicable)

How We Use Your Information

We use your information in accordance with applicable data protection laws and explain how we use your information for various legitimate business purposes. The use of your data is based on legal grounds including contract performance, legitimate interests, legal obligations, and your consent where required.

Primary Uses

• Providing fitness center services and managing your membership
• Processing payments and managing billing
• Communicating about services, schedules, and important updates
• Ensuring facility security and safety
• Personalizing your fitness experience and providing recommendations
• Complying with legal and regulatory requirements

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract: To perform our membership agreement and provide services
• Legitimate Interest: To improve our services and ensure facility security
• Legal Obligation: To comply with health, safety, and financial regulations
• Consent: For marketing communications and special health data processing

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• With service providers who assist us in operating our business (payment processors, IT support)
• With healthcare professionals in case of medical emergencies
• When required by law or to protect our legal rights
• In connection with a business transfer or merger (with appropriate protections)

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, and protect our legitimate interests. Our retention periods are as follows:

• Membership data: For the duration of membership plus 7 years for financial records
• Health information: For the duration of membership plus 3 years
• Security footage: Typically 30 days unless required for incident investigation
• Website data: As specified in our Cookie Policy
• Marketing data: Until you withdraw consent or request deletion

When data is no longer needed, we securely delete or anonymize it in accordance with our data retention schedule and applicable legal requirements.

Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent for processing where applicable

To exercise any of these rights, please contact us at privacy@sambucnvuv.life. We will respond to your request within one month and may ask for verification of your identity.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data in transit and at rest
• Regular security assessments and updates
• Access controls and staff training on data protection
• Secure physical storage of paper records
• Regular backups with secure storage

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously work to improve our security measures.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and analyze website usage. For detailed information about our use of cookies, please see our Cookie Policy.

You can control cookie settings through your browser preferences, though disabling certain cookies may affect website functionality.

International Data Transfers

sambucnvuv primarily processes data within the European Economic Area (EEA). If we transfer your personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard Contractual Clauses
• Binding Corporate Rules
• Certification schemes approved by data protection authorities

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16 without appropriate parental consent. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@sambucnvuv.life.

For members aged 16-18, we may require parental consent for certain activities and will implement additional safeguards for processing their personal data.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on our website with a new effective date
• Sending email notifications for significant changes
• Providing notice at our fitness center facility

Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.

Contact Us

If you have any questions about this Privacy Policy, need to exercise your data protection rights, or want to make a complaint, please contact us using the following information:

We aim to respond to all privacy-related inquiries within 30 days. For urgent matters, please call us directly at +31 304009278.

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data appropriately. Contact information for the Dutch DPA can be found at autoriteitpersoonsgegevens.nl.