This Privacy Policy establishes the commitment of E-FIT, Unipessoal, Lda., holder of NIPC 514 363 002 (“E-FIT”), and Pump, S.A., holder of NIPC 510 773 770 (“Pump”), both headquartered at Lugar do Espido, Via Norte, 4470-177 Maia, with the Users of the Element App regarding the protection of personal data for which they are responsible. It aims to strengthen and consolidate the trust and close relationship with Users through clear and transparent communication about how their data is handled, which rights they have, and how these rights can be exercised.

E-FIT and Pump act in strict compliance with the principles described in this policy, Regulation (EU) 2016/679 (General Data Protection Regulation), and applicable data protection legislation in all personal data processing activities under their responsibility. This Privacy Policy is part of the personal data protection framework of E-FIT and Pump, which includes rules and procedures for managing the security and privacy of personal data.

a. Our Privacy Commitment

E-FIT and Pump operate based on trust and transparency. This commitment extends to the day-to-day relationship with our customers. The privacy and security of the data entrusted to us are a priority.

We are committed to collecting, storing, processing, transmitting, or deleting your personal data only with transparency. We will inform you about how we use your personal data and for which purposes, ensuring that we collect, share, and store your personal data according to best practices in data security and protection.

When your personal data is collected, stored, processed, transmitted, or deleted by other entities, we require the same level of privacy and security.

We want you to feel confident that your personal data is secure with us, as we are fully committed to protecting your privacy and take our responsibilities regarding your personal data very seriously. If you have any questions regarding how we use your personal data, you can contact us at dados@elementfitness.pt.

b. Who is Responsible for Your Personal Data

Under the General Data Protection Regulation and complementary national legislation on personal data protection, E-FIT is responsible for the personal data of Users registered at the Element Health Club in Gaia, and Pump is responsible for the personal data of Users registered at the Element Health Club Nações.

c. Personal Data We Process via the Element App

In this Privacy Policy, “Personal Data” means information relating to you that allows us to identify you, directly or indirectly.

The Element App contains your basic information provided to E-FIT and Pump during your registration as a customer at one of the health clubs, included in your User profile to improve your experience.

The Element App also contains the following personal information of Users:

a) Registered health club;

b) Reserved group classes;

c) User personal information:

Name
Email
QR Code
Companion QR Code
Unique Code

d. How and Why We Use Your Personal Data

We use your personal data via the Element App for the following purposes:

a) To allow check-in at the Element club using the QR Code assigned to you and available in the App;

b) To allow booking of group classes.

e. How Long We Keep Your Personal Data

Your data will be retained for as long as necessary for the purposes for which it was collected.

f. With Whom We May Share Your Personal Data

In some cases, we may disclose your personal data to other entities providing services to E-FIT and Pump. In these cases, we require them to have appropriate security measures in place to protect your personal data.
When required by law, we may have to disclose your personal data to authorities or third parties, in which case our control over how your personal data is protected is limited.

Personal data may also be shared with subcontracted entities by E-FIT and Pump managing and processing management and sports management software, as well as subcontracted entities for marketing campaigns, surveys, satisfaction inquiries, and customer loyalty. E-FIT and Pump remain the data controllers at all times.

g. How You Can Exercise Your Data Protection Rights

Under certain circumstances provided by the GDPR, you have the right to:

1. Request additional information about the use of your personal data;
2. Access your personal data;
3. Request that your personal data be transmitted to another entity (portability);
4. Request the updating of your personal data;
5. Request the deletion of your personal data;
6. Object to the processing of your personal data;
7. Request the limitation of how we use your personal data while correcting or clarifying any doubts about its content or use;
8. Request a channel to challenge decisions based on your personal data.

You also have the right to withdraw or change any consent given for the use of your personal data at any time where such consent was requested.

These rights are restricted when your personal data is used to safeguard public interest, for example, in crime detection and prevention, or when subject to professional secrecy.

To exercise your data protection rights or for questions regarding how your personal data is used, contact us at *[dados@elementfitness.pt].

E-FIT, Unipessoal, Lda. has appointed a Data Protection Officer (DPO), contactable at [dpo@sonaecapital.pt]

.

If you are dissatisfied with how your personal data is used or with our response to your rights requests, you may file a complaint with the Portuguese National Data Protection Commission (CNPD) – Address: Rua de São Bento, 148 – 3º, 1200-821 Lisbon – Phone: +351213928400 – Fax: +351213976832 – Email: [geral@cnpd.pt].

h. How We Protect Your Personal Data

We implement a variety of information security measures aligned with national and international best practices to protect your personal data, including technological, administrative, technical, and physical controls, as well as procedures to prevent unauthorized use, access, disclosure, loss, alteration, or destruction. We are committed to continuous improvement in information security.

Key measures include:

* Restricted access to personal data only to those who need it for the stated purposes;
* Secure storage and transfer of personal data;
* Mechanisms ensuring the integrity and quality of personal data;
* Monitoring of information systems to prevent, detect, and block misuse of personal data;
* Redundancy of storage, processing, and communication equipment to avoid unavailability.

i. Traffic Data

The Element App uses the following traffic data:

* Strictly necessary data: allows navigation and access to App areas. Without these data, some App functionalities cannot be guaranteed.

j. Updates to this Privacy Policy

This Privacy Policy may be updated from time to time and will be communicated via the Element App.