Privacy Policy

Introduction

artifiixak B.V. ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

As a company operating in the Netherlands and serving customers in the European Union, we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller

artifiixak B.V. is the data controller responsible for your personal data. Our contact details are:

Data Collection

The data we collect includes personal information that you provide directly to us, information we collect automatically when you use our services, and information we receive from third parties. We collect this information to provide and improve our fitness services, communicate with you, and comply with legal obligations.

Information You Provide

• Contact information (name, email address, phone number, address)
• Account information (username, password)
• Health and fitness information (fitness goals, medical conditions, injury history)
• Payment information (billing details, payment method)
• Communication preferences
• Feedback and correspondence

Information We Collect Automatically

• Website usage data (pages visited, time spent, clicks)
• Device information (IP address, browser type, operating system)
• Location data (when permitted)
• Cookies and similar tracking technologies

How We Use Your Information

We explain how we use your information to provide our fitness services, improve your experience, and maintain our business operations. The use of your data is based on various legal grounds under GDPR, including your consent, contractual necessity, and our legitimate business interests.

Primary Uses

• Providing fitness services and personal training
• Managing your membership and account
• Processing payments and billing
• Communicating about services, schedules, and updates
• Customising your training programs
• Ensuring facility safety and security

Legal Basis for Processing

• Contract: Processing necessary to provide our services
• Consent: When you agree to specific uses of your data
• Legitimate Interest: For business operations and service improvement
• Legal Obligation: To comply with applicable laws

Data Sharing and Disclosure

We do not sell your personal information. We may share your data with trusted service providers, business partners, or as required by law:

• Service providers (payment processors, software providers)
• Professional advisors (lawyers, accountants)
• Emergency services (if required for health and safety)
• Law enforcement (when legally required)
• Business transfers (in case of merger or acquisition)

Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy or as required by law. Our retention periods are:

• Active members: For the duration of membership plus 3 years
• Former members: Up to 7 years for financial and legal compliance
• Marketing data: Until you withdraw consent or 3 years of inactivity
• Website analytics: 26 months maximum
• Health information: As required by healthcare regulations

Your Rights Under GDPR

As a data subject under GDPR, you have the following rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us at privacy@artifiixak.life.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data in transit and at rest
• Regular security assessments and updates
• Access controls and staff training
• Secure payment processing
• Regular data backups

International Data Transfers

We primarily process your data within the European Economic Area (EEA). If we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard Contractual Clauses
• Binding Corporate Rules
• Your explicit consent

Cookies and Tracking

We use cookies and similar technologies to enhance your experience on our website. For detailed information about our use of cookies, please see our Cookie Policy.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us:

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data in accordance with applicable law.