1.1 Evini is a trading name of Purified Technology Ltd a UK registered company (number 11187859) who own and host the website evini.com
1.3 This document makes reference to the GDPR, an EU law that has been adopoted by the UK as part of its withdrawal from the EU. References to GDPR throughout this document refer to both the EU and UK laws.
2. What information does Evini collect?
2.1 So that you can benefit from our services you will have chosen to submit some personal data including your name, email address, date of birth, address, phone number, emergency contact information, any medical notes and IP information. We also collect a name, address, legal entity name and VAT number from business customers. We will process your information on the basis that you registered an account and thereafter have given us your explicit consent.
2.2 If you use the Evini Android or Apple app we store information about the device you are using. We may also be informed of location data if you enable this option (see section 3 for details).
2.3 If you add children to your account then we will collect their name, gender and date of birth.
2.4 For the avoidance of doubt we do not collect sensitive personal data as defined by the GDPR, except for health data which we do collect. This is collected so places you join are aware of any relevant medical conditions that may effect your ability to safely use their facilities and services.
3.0 Location Data
3.1 When using the Evini app for Android and Apple devices, you can opt to turn on location tracking. When you do this we will use your GPS data to automatically mark you as attending a class you have previously booked. This may happen in the background if you don't have the Evini app open and have approved background location tracking.
3.2 We are only notified of your location when you are within a certain distance of a facility you're a member of ("a geofence"). Location information is not stored or shared with any third party and only used for the purposes of marking your attendance at a class. We do not track your location outside of geofences.
3.3 You may turn off location services at any time by going to your device settings and toggling off background location.
3.4 This option is not available for children that are added to your account.
4.0 How Evini uses your Information.
4.1 We process the data you provide in accordance with Article 6 1 a) and b) of the GDPR.
4.2 We may use the information collected to personalise your experience on the website, to help you to log-in in future and to continue to use the website. Where we have your explicit consent we may, from time to time, use your information to let you know about similar products, services or deals which may be of interest or benefit to you.
4.3 We include opt-in tick boxes for you to agree to be contacted, if you choose not to opt-in, we will not use your data other than to assist you with providing our service. If you opt-in you can exercise your right to opt-out at any time by following the link in an email we send out or by contact us and requesting we remove you from mailings.
4.4 We also use your information to stop the sign up of an account where we suspect an account may be used for fraud reasons, this is subject to an automated decision but does not have any legal effect on a data subject.
5.0 How long we keep your personal information
5.1 When you close your account we will retain your information no longer than 26 months.
5.2 Children on a parent/guardian account will have their data removed when either a) a parent/guardian removes them from their account b) the parent/guardian has not used their account and it is deleted from our systems in accordance with 5.1 c) the child has not had a booking made for them within the last 14 months
5.3 If you have completed a financial transaction with Evini then we may retain details of your transaction for up to 7 years so that we can comply with regulations and provide subject access requests. All information is held securely, archived and managed in line with our Information Security Management Policy.
6.0 Sharing information with Third Parties
6.1 We will only disclose your personal information to third parties if needed to provide our services. Where we do use a third party who is given access to your data every care is taken to make enquiry to satisfy ourselves that they comply with GDPR. We carry out due diligence checks to ensure that their services are compliant and secure.
6.2 From time to time we use third party suppliers and service providers. Where any service provider collects information directly from you (such as the situation where we ask a service provider to conduct a survey for us) you will be notified of the involvement of the supplier or service provider, and all information disclosures you make will be strictly optional.
6.3 We use third party vendors and hosting partners to provide the necessary equipment to maintain your data securely and administer our website. That information is only given to those third parties for that limited purpose and subject to those third parties agreeing to keep the information secure.
The third parties we use can be found on our third party providers page
6.4 Location data is not shared with third parties
7.0 Accounts for children
7.1 Children under 13 must be added to an account held by a parent/guardian and must not register their own account. As the child does not have a way to login to the service any updates, access or deletions to data must be made by the parent. Data is collected as outlined in 2.3 and kept for the duration outlined in 5.2
7.2 Children between 13 and 18 can be added to an account held by their parent/guardian, or they can have their own account. To comply with our terms children with their own account must be using their own payment method and not that of a parent/guardian.
8.0 Legal disclosure
8.1 We may disclose personal data to the extent permitted or required under any enactment, by rule of law, order of the Court, as requested by other government law enforcement authority, to enforce our legal rights, to operate our systems properly, or to protect ourselves or our users.
9.0 Your consent and your rights
9.1 You acknowledge and agree that in the course of registering or using this website and any services offered via this website, certain information about you will be captured electronically or otherwise and transmitted to us or and, potentially, to any third parties as set out above, or to third parties who host our web servers or assist us in maintaining this website.
9.2 Under the GDPR you have the following rights:
9.3 You have a legal right to see a copy of the information we hold about you, this is referred to as a Subject Access Request or SAR. When you request a SAR it is provided free of charge and within 30 days however, we will need to ask for identification and where applicable authority to release information to a person appointed to act on your behalf.
9.4 You also have the right to correct any errors in the information that we hold about you. This can be done within your account settings.
10.0 How do evini.com protect user information?
10.1 The GDPR’s require that we follow strict security procedures in the storage and disclosure of information which you have provided via this website, to prevent unauthorised access. All data is stored and secured in line with our Information Security Management System Policy.
11.0 What are "Cookies" and how does evini.com use them?
11.2 Most browsers accept cookies automatically, but usually you can alter the settings of your browser to prevent automatic acceptance. If you choose not to receive cookies, you may not be able to use certain features of this website.
13.1 This website contains links to other websites. Please be aware that save for those websites owned by us, we are not responsible for the privacy policies of such other sites. We encourage users to be aware when they leave the website and to read the privacy statements of each and every website that collects personally identifiable information. This privacy statement applies solely to information collected by this website.
13.2 We are not responsible for any third party offering goods and services via websites linked to this website and what they propose to do with information about you. To that end please ensure you read their terms and conditions carefully.
14.0 Representation, governance and complaints
14.1 If you are unhappy with any aspect of personal privacy as part of our service you may complain to us by contacting our support team or in writing to Purified Technology Ltd, Lytchett House, 13 Freeland Park, Wareham Road, Poole, Dorset, BH16 6FA. If you are dissatisfied once we have dealt with your complaint you are entitled to complain to our lead supervisory authority.
14.2 Evini is a UK based company and compliance with the UK GDPR is handled by the ICO. Contact details are on their website.
14.3 For data subjects within the EU our privacy representation is handled by Prighter (Maetzler Rechtsanwalts GmbH & Co KG). Contact details are on their website (please add ID-17166554 to any correspondance)