Updated on 24 September 2020
- Parties and Purpose
B your Best SPRL (hereinafter “PointFit” or the “Controller”)
Avenue Jupiter 191, 1190 FOREST
BCE / VAT : BE 0597773980
Phone : ________
The term “User” refers to any user, whether a natural or legal person, who visits or interacts in any way with the Site.
As such, PointFit determines all technical, legal and organisational means and purposes of processing Users’ personal data. To this end, PointFit undertakes to take all necessary measures to ensure that the processing of personal data complies with the Law of 30 July 2018 on the protection of individuals with regard to the processing of personal data (hereinafter the “Law”) and the European Regulation of 26 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter the “Regulation”).
PointFit is free to choose any natural or legal person who processes users’ personal data at its request and on its behalf (hereinafter the “Subcontractor”). Where appropriate, PointFit undertakes to select a Subcontractor offering sufficient guarantees as to the technical and organisational security measures for the processing of personal data, in accordance with the Law and the Regulation.
- Processing of personal data
The use of the Site by Users may result in the communication of personal data. The processing of such data by PointFit, in its capacity as Data Controller, or by service providers acting in the name and on behalf of PointFit, shall be in accordance with the Law and the Regulations.
- Purpose of the processing of personal data
In accordance with article 13 of the Regulations, the purposes of the processing of personal data are communicated to the User and are as follows:
We use the personal information we obtain about you to perform our contract with you or to take steps at your request prior to entering into a contract with you, including to:
• Provide our services, products and other offerings to you;
• Establish, manage and administer your membership and account with us, including verifying customer information and carrying out billing functions. We reserve the right to use any contact information held on file (including email, mailing address, and telephone or mobile phone) to contact to you when administering your membership.
• Process and fulfill your purchases in connection with our membership opportunities, products and services (e.g., training sessions, retail purchases and spa treatments), and keeping you informed about the status of your membership and purchases.
• Provide customer support services.
• Manage career opportunities, including for recruitment purposes, candidate screening, interviewing and evaluation, and employee onboarding.
• Establish and manage our relationships with our vendors, providers, suppliers and consultants.
We also use the information we obtain based on our legitimate interests and business purposes, including to:
• Personalize and improve your experience on the Sites and at our Clubs.
• Provide you with a more personalized and relevant membership with Equinox.
• Communicate with you about our products and services, and send you promotional and other marketing communications. See the “Your Choices” section below to learn how you can opt out of these communications.
• Communicate with you about, and administer your participation in, sweepstakes, surveys, events, programs, contests, promotions and other offers.
• Enable our affiliated companies and business partners (e.g., on-premises cafes and charitable organizations we partner with) to provide you with products and services, and send you information that you requested or that we think may interest you about their products or services.
• Respond to your requests and inquiries.
• Operate, evaluate, develop, manage and improve our business, including by operating, administering, analyzing and improving our Sites, products and services; conducting research and developing new products and services; managing and evaluating the effectiveness of our communications; performing accounting, auditing, billing, reconciliation and collection activities and other internal functions.
• Perform analytics (including market research, trend analysis, financial analysis, and anonymization of personal information);
• Protect against, identify and prevent safety and security issues, fraud and other criminal activity, claims and other liabilities; and
• Conduct investigations and comply with and enforce applicable legal requirements, relevant industry standards, and our policies and terms, and for the establishment, exercise or defense of legal claims, whether in court proceedings or in administrative or out-of-court procedures.
We use your personal information for these purposes because we have a legitimate business interest in providing services to our members, guests and other interested individuals that is not overridden by your interests, rights and freedoms to protect personal information about you.
Where we need to collect personal information by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (e.g., to process your payment). In this case, we may not be able to provide you with the product or service you have requested but we will endeavor to notify you if this is the case.
We also may use the information we collect about you in other ways for which we will provide specific notice at the time of collection and obtain your consent if required by applicable law.
- Personal data that may be processed
bed, the following personal data:
You may see certain ads on other websites because we engage third-party ad buying networks (such as Google Ads and Facebook). Through such ad networks, we can target our messaging to users through demographic, interest-based and contextual means. These networks track your online activities over time and across multiple websites by collecting information through automated means, including through the use of third-party cookies, web server logs, pixels and web beacons. The networks use this information to show you ads that may be tailored to your individual interests. The information our ad networks may collect on our behalf includes data about your visits to websites that serve Equinox advertisements, such as the pages or advertisements you view and the actions you take on the websites. This data collection takes place both on our Sites and on third-party websites that participate in these ad networks. This process also helps us track the effectiveness of our marketing efforts.
The User has the right to withdraw his/her consent at any time. Withdrawal of consent does not compromise the lawfulness of the processing based on the consent previously given.
- Storage period of Users’ personal data
In accordance with Article 13 §2 of the Regulation and the Law, the Data Controller shall only keep personal data for the time reasonably necessary to enable the purposes for which they are processed to be fulfilled.
This duration is in any case less than : 1 year
- Recipients of data and disclosure to third parties
Personal data may be passed on to PointFit’s employees, collaborators, subcontractors or suppliers who offer adequate data security guarantees and who collaborate with PointFit in the marketing of products or the provision of services. They act under the direct authority of PointFit, and are responsible, in particular, for collecting, processing or subcontracting such data.
Should the data be disclosed to third parties for direct marketing or canvassing purposes, the User will be informed beforehand to express his/her consent to the use of such personal data.
- Rights of Users
At any time, the User may exercise his rights by sending a message by e-mail to the following address: email@example.com, or a letter by post, enclosing a copy of his identity card to the following address: Avenue Jupiter 191, 1190 FOREST
- Right of access
In accordance with article 15 of the Rules, PointFit guarantees the User’s right of access to his/her personal data. The User has the right to obtain access to the said personal data as well as the following information:
– the purposes of the processing ;
– the categories of personal data concerned;
– the recipients or categories of recipients to whom the personal data has been or will be communicated, in particular recipients who are established in third countries or international organisations;
– where possible, the intended period of storage of the personal data or, where this is not possible, the criteria used to determine that period;
– the existence of automated decision making, including profiling, as referred to in Article 22(1) and (4) of the Regulation, and, at least in such cases, relevant information concerning the underlying logic, as well as the importance and the expected consequences of the processing for the data subject
The Data Controller may charge a reasonable fee based on administrative costs for any additional copies requested by the User.
Where the User submits such a request electronically (e.g. via e-mail address), the information is provided in a commonly used electronic form, unless the User requests otherwise.
A copy of the User’s data will be communicated to the User at the latest within one month after receipt of the request.
- Right of rectification
PointFit guarantees the user’s right to correct and delete personal data.
In accordance with Article 16 of the Regulation, incorrect, inaccurate or irrelevant data may be corrected or deleted at any time. The User first makes the necessary changes himself/herself from his/her user/other account, unless these changes cannot be made independently, in which case the request can be made to PointFit.
In accordance with Article 19 of the Regulation, the Controller shall notify each recipient to whom the personal data have been communicated of any rectification of the personal data, unless such communication proves impossible or requires a disproportionate effort. The Controller shall provide the data subject with information about these recipients if the data subject so requests.
- Right to erasure
The User has the right to obtain the deletion of his/her personal data as soon as possible in the cases listed in article 17 of the Regulations.
Where the Data Controller has made the personal data public and is required to erase them pursuant to the previous paragraph, the Data Controller, taking into account the available technologies and the costs of implementation, shall take reasonable measures, including technical measures, to inform the other data controllers who process such personal data that the data subject has requested the erasure by such data controllers of any link to such personal data, or any copy or reproduction thereof.
The two preceding paragraphs shall not apply insofar as such processing is necessary:
– for the exercise of the right to freedom of expression and information;
– to comply with a legal obligation which requires the processing to be carried out in accordance with Union law or the law of the Member State to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
– the establishment, exercise or defence of legal claims.
In accordance with Article 19 of the Regulation, the Controller shall notify each recipient to whom the personal data have been communicated of any erasure of personal data or any restriction on the processing carried out, unless such communication proves impossible or involves a disproportionate effort. The data controller shall provide the data subject with information on these recipients if the latter so requests.
- Right to limit processing
The User has the right to obtain the limitation of the processing of his/her personal data in the cases listed in article 19 of the Regulations.
In accordance with article 19 of the Regulation, the Data Controller shall notify each recipient to whom the personal data has been communicated of any limitation of the processing carried out, unless such communication proves impossible or requires a disproportionate effort. The Controller shall provide the data subject with information about such recipients if the latter so requests.
- Right of data portability
In accordance with Article 20 of the Rules, Users have the right to receive from PointFit their personal data in a structured, commonly used and machine-readable format. Users have the right to transmit such data to another data controller without PointFit’s interference in the cases provided for in the Regulation.
Where User exercises its right to data portability pursuant to the previous paragraph, User has the right to have personal data transmitted directly from one data controller to another, where technically possible.
The exercise of the right of data portability shall be without prejudice to the right to erasure. This right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
The right of data portability does not affect the rights and freedoms of third parties.
- Right of opposition and automated individual decision-making
The User has the right at any time to object to the processing of his/her personal data due to his/her particular situation, including the automation of data by PointFit. In accordance with article 21 of the Regulations, PointFit will no longer process personal data, unless there are legitimate and compelling reasons for the processing that prevail over the interests and rights and freedoms of the User, or for the ascertainment, exercise or defence of legal rights.
When personal data is processed for canvassing purposes, the User has the right to oppose at any time the processing of personal data concerning him/her for such canvassing purposes, including profiling insofar as it is related to such canvassing.
Where the person concerned objects to the processing for canvassing purposes, the personal data is no longer processed for such purposes.
- Right of complaint
The User has the right to lodge a complaint regarding the processing of his/her personal data by PointFit with the Data Protection Authority, which is competent for the Belgian territory. Further information can be found on the website: https://www.autoriteprotectiondonnees.be.
You can lodge a complaint at the following addresses:
Data Protection Authority
Rue de la Presse 35, 1000 Brussels
Phone + 32 2 274 48 00
Fax + 32 2 274 48 35
The User may also file a complaint with the Court of First Instance of his domicile.
- General principles
A “Cookie” is a file that is temporarily or permanently deposited on the User’s hard disk when consulting the Website, with a view to later connection. Thanks to cookies, the server recognises the User’s computer.
Cookies can also be installed by third parties with whom PointFit collaborates.
Some of the cookies used by PointFit are necessary for the proper functioning of the Website, others are used to improve the User’s experience.
The User can customize or disable cookies by setting up his browser.
By using the Website, the User expressly agrees with the management of cookies as described in this article.
- Type of cookies and purposes
Different types of cookies are used by PointFit on the Site:
– Technical cookies: they are necessary for the operation of the Website, allow the communication of the data entered and are intended to facilitate the User’s navigation;
– Cookies for statistical and audience measurement: these cookies allow the recognition of the User and are used to count the number of Users of the Website over a certain period of time. Since they also indicate browsing behaviour, they are an effective means of improving the User’s browsing, by displaying proposals and offers likely to be of interest to the User. They also allow PointFit to identify and correct possible bugs on the Website.
– Functional Cookies: These cookies facilitate the use of the Website by remembering certain choices that have been entered (for example, user name or language);
– Tracking cookies: PointFit uses tracking cookies via Google Analytics to measure the interaction of Users with the content of the Website and produce anonymous statistics. These statistics enable PointFit to improve the Website. Google supports the explanation of these cookies at http://www.google.nl/intl/en_uk/policies/privacy/.
- Cookie Retention Time
Cookies are kept for the time necessary to achieve the intended purpose. The cookies that may be stored on the User’s hard disk and their retention period are as follows:
- Cookie management
If the User deactivates certain cookies, he/she accepts that the Website may not function optimally. Certain parts of the Website may therefore not be usable, or may only be partially usable.
If the User wishes to manage and/or delete certain cookies in this way, he or she can do so by using the following link(s):
For Users with the following browser:
– Internet Explorer: http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
– Microsoft Edge: http://windows.microsoft.com/en-gb/windows-10/edge-privacy-faq
– Chrome: https://support.google.com/accounts/answer/61416?hl=fr
– Firefox: https://support.mozilla.org/fr/kb/activer-desactiver-cookies-preferences
– Safari: https://support.apple.com/kb/ph21411?locale=fr_CA
If the User refuses to allow Google Analytics cookies to be used, he/she is invited to set his/her browser to this effect on the following website: http://tools.google.com/dlpage/gaoptout.
- Limitation of liability of the Data Controller
The Website may contain links to other websites owned by third parties not related to PointFit. PointFit is not responsible for the content of these sites and their compliance with the Law and Regulations.
The holder of parental authority must give his or her express consent for a minor under the age of 16 to disclose information or data personal information on the website. PointFit strongly advises persons exercising parental authority over minors to promote responsible and safe use of the Internet. The Data Controller cannot be held responsible for collecting and processing information and personal data from minors under the age of 16 whose consent is not effectively covered by that of their legal parents or for incorrect data – in particular concerning age – entered by minors. Under no circumstances will personal data be processed by the Data Controller if the User specifies that he/she is under 16 years of age.
PointFit is not responsible for the loss, corruption or theft of personal data caused in particular by the presence of viruses or following computer attacks.
The Data Controller implements organizational and technical measures to guarantee an appropriate level of security for the processing and collection of data. These security measures depend on the costs of implementation with regard to the nature, context and purposes of the processing of personal data.
The Data Controller uses standard encryption technologies within the IT sector when transferring or collecting data on the Site.
- Applicable law and competent jurisdiction