CLUBWORX PTY LTD – PRIVACY POLICY

Effective from 13th of May, 2026

Clubworx Pty Ltd (ABN 27 165 885 996) (we, us or our) is committed to protecting your privacy. This policy explains how we collect, use and protect your personal information. It applies to all personal information we handle, whether we collect it through our website, mobile app, in person, or through other means.

For individuals located in the European Economic Area (EEA), United Kingdom or Switzerland: Additional rights and protections apply to you under the General Data Protection Regulation (EU) 2016/679 (GDPR) and, for UK residents, the UK General Data Protection Regulation (as incorporated into UK law) and the Data Protection Act 2018 (UK GDPR). Please refer to Appendix 1 at the end of this policy for information specific to your additional rights and how we process your personal information in accordance with GDPR and UK GDPR requirements.

Quick overview

Information we collect

Identity and contact details

Professional details (for our business customers)

Payment and transaction details

Communication information

Service-related information

Digital information

Demographic information

Professional information (for job applicants and workers)

Information collected by our customers through our platform

We provide software and technology services to gyms, fitness centres, and other fitness businesses (our customers). Our customers use our platform to manage their own members and clients, including to onboard new members, manage bookings, process payments, and communicate with their members.

When our customers use our platform for these purposes, they (not us) are responsible for collecting and handling the personal information of their members and clients. In this context, we act as a service provider processing personal information on behalf of our customers, and our customers are the controllers of that personal information.

The types of personal information our customers may collect through our platform about their members and clients include:

Identity and contact details

Membership and fitness information

Member preferences

Health and sensitive information

Payment and transaction details

Communication preferences

Our customers are responsible for ensuring they have appropriate authority to collect this information and that they handle it in accordance with applicable privacy laws. Our customers should have their own privacy policies that explain to their members and clients how their personal information is collected, used and disclosed.

If you are a member or client of a gym or fitness business that uses our platform and you have questions about how your personal information is handled, you should contact that business directly.

How we collect personal information

Why we collect, hold, use and disclose personal information

We collect and use your personal information to run our business and provide our services as set out below.

Business operations

Client onboarding and verification

Communication and support

Service improvement

Marketing and promotions

Employment purposes

Legal and compliance

Our disclosures of personal information to third parties

We may disclose personal information to:

Service providers

Identity verification and compliance screening service providers

Business partners

Corporate transactions

If we merge with or are acquired by another company, or sell our business assets:

Legal and regulatory bodies

Other parties

Overseas disclosure

Storage and access

We store your personal information in Australia. However, your information may be accessed from or transferred to locations outside Australia in these circumstances:

Our approach to overseas disclosure

Before disclosing your personal information overseas, we take reasonable steps to ensure that the recipient treats your information in accordance with applicable law by only sending what is necessary, requiring recipients to protect your information through contractual agreements which require the recipient to comply with the privacy standards in applicable law or through other mechanisms that provide comparable safeguards and by monitoring how recipients handle your information.

Your privacy rights and choices

Providing information

You can choose whether to provide personal information to us, however, if you don't provide certain information, we may not be able to provide some services. Let us know if you don’t want to provide information and we will let you know when information is required versus optional.

Access to your information

You can request access to the personal information we hold about you and we will respond to your request within a reasonable time. We may charge a reasonable administrative fee for providing access and if we cannot provide access, we will explain why and explore alternative ways to share relevant information.

Children and minors

If you are under 16 years of age (or under 18 for certain services), you must have your parent or legal guardian's permission to use our services and provide us with your personal information. We recommend that parents and guardians actively participate in their children's online activities and use of our services.

Correction rights

You can ask us to correct any information that is inaccurate, out of date, incomplete, irrelevant or misleading and we will take reasonable steps to correct your information promptly. If we cannot make the correction, we will explain why and discuss alternatives. You can ask us to add a statement to your information noting your requested correction.

Marketing communications

You can opt-out of receiving marketing communications at any time. Each marketing communication will include an unsubscribe option. You can change your marketing preferences by contacting us. We will process your request as soon as practicable.

How to contact us about your rights or to make a complaint and what happens next

Step 1: Contact us

What to include:

Your full name, contact details, clear details about your request or complaint, and any relevant dates or reference numbers.

Step 2: Our response

We will:

Step 3: If you're not satisfied (complaints only)

If you're not satisfied with our response to your complaint, you can:

This is the same process whether you want to access your information, correct mistakes, change marketing preferences, or make a complaint about our privacy practices.

Protecting your information

We use multiple layers of security to protect your information.

Technical safeguards

Operational security

Physical security

Public information

Please note that any information you choose to share publicly on online platforms (such as comments or reviews) can be accessed and used by others. We cannot control or protect information that you make publicly available.

How long we keep your information

We keep your personal information only as long as we need it for the purposes we collected it, or as required by law. When we no longer need it, we securely destroy or de-identify it.

Cookies and Analytics

What We Use

We use cookies, tracking pixels, and similar technologies on our website and in our emails to improve your experience and our services.

Cookies

Tracking Pixels

How we use these technologies

Essential Functions

Analytics and Performance

Personalisation

Your control

You can manage these technologies by:

Note: Blocking all cookies may affect website functionality and your user experience.

Google Analytics

We use Google Analytics to understand how people use our website. This involves cookies that collect information about your browsing activity. You can opt out of Google's advertising features through your Google account settings, browser add-ons, or your device's privacy settings. Google provides various tools and options to control how your data is used for advertising purposes. You can learn more about how Google uses your data and your available options on Google's privacy pages.

Meta advertising tools

We use Meta's advertising tools (such as Meta Pixel) to understand how our ads perform and to show you more relevant advertisements on Meta platforms like Facebook and Instagram when you visit our website or app. You can manage whether we connect information from our website with your Meta account for advertising purposes by adjusting your settings within your Meta account preferences.

Mobile App

Our mobile app collects information to provide membership and booking services, including login details, class bookings, attendance data, membership status, push notification preferences, and app usage data.

When you sign in with another account (like Facebook or Google)

What we collect

When you use single sign-on to connect with us, we'll receive personal information from that provider based on your privacy settings with them. This may include your name, username, profile picture, and other details you've chosen to share.

How we use it

We use this information to create your profile on our platform and give you access to our services.

Your rights

If you connected through Facebook, you can ask us to delete the personal information we received from Facebook. To do this, email us at our email below and tell us what information you'd like deleted. If we can't delete certain information, we'll explain why.

Artificial Intelligence (AI) Technologies

Overview

We use artificial intelligence and machine learning technologies in our business operations and services, including AI tools provided by third parties. We only use these technologies when legally permitted and necessary for our business.

How we use AI

We may use AI technologies to:

Data protection and security

When we work with third-party AI providers, we ensure they handle your personal information in accordance with privacy laws through contractual requirements and appropriate safeguards.

Your rights and our commitments

Any information generated or inferred about you by AI technologies is treated as personal information, and you maintain all the rights outlined in this privacy policy. When using AI with your personal information, we commit to:

Transparency and control

Security

Risk mitigation

Amendments

We may update this policy at any time by posting the revised version on our website. We recommend that you review our website regularly to stay current with any policy changes.

© LegalVision ILP Pty Ltd  

APPENDIX 1: ADDITIONAL RIGHTS AND INFORMATION FOR INDIVIDUALS LOCATED IN THE EU OR UK

Under the General Data Protection Regulation (EU) 2016/679 (GDPR) and, for UK residents, the UK General Data Protection Regulation (as incorporated into UK law) and the Data Protection Act 2018 (together, the European Data Protection Laws), individuals located in the EU and UK have additional rights which apply to their personal information. Personal information under these Data Protection Laws is often referred to as personal data and is defined as information relating to an identified or identifiable natural person. This Appendix 1 sets out the additional rights we give to individuals located in the EU and UK, as well as the lawful basis on how we process the personal information of individuals located in the EU and UK.  

Legal bases for processing personal information

European Data Protection Law requires us to have proper legal reasons for using your personal data. We can only use your information when we have one or more of these legal bases.

Note that we may process your personal data for more than one legal basis depending on the specific purpose for which we are using your data. We have listed the reasons we process your data and the legal basis below. Please reach out to us if you need further details about the specific legal basis we are relying on to process your personal data.

The full purposes of processing are set out in the policy above under “Why we collect, hold, use and disclose personal information” and the legal basis for this processing is set out below

Purpose: Business operations

Legal basis for using this information:

Types of information we use:  

Purpose: Client onboarding and verification

Legal basis for using this information:

Types of information we use:

Purpose: Communication and support

Legal basis for using this information:

Types of information we use:  

Purpose: Service improvement

Legal basis for using this information:

Types of information we use:  

Purpose: Marketing and promotions

Legal basis for using this information:

Types of information we use:

Purpose: Employment purposes

Legal basis for using this information:

Types of information we use:  

Purpose: Legal and compliance

Legal basis for using this information:

Types of information we use:  

Overseas transfers

Your information may be transferred to locations outside the EU or United Kingdom in these circumstances:

Our approach to overseas transfers

When we transfer your personal data outside the EU or United Kingdom, we ensure it receives appropriate protection by:

Data retention

How long we keep your information

We only keep your personal data for as long as we need it to:

We may keep your information for longer periods if:

How we decide retention periods

When determining how long to keep your information, we consider:

What happens when we no longer need your information

Once we no longer need your personal data, we will securely delete or destroy it in accordance with our data retention policies and legal requirements.

You can request information about retention periods for your data and ask for early deletion where legally possible.

Rights in relation to personal data

In addition to the rights you have in our policy above, you also have the below rights.

Right to Erasure

You can request deletion of your personal data in certain limited circumstances as set out in European Data Protection Law, such as where the data is no longer necessary or has been unlawfully processed. This right is not absolute and we may be required or entitled to retain your data for legal, regulatory or legitimate business reasons.

Right to Restrict Processing

You can ask us to suspend processing where:

Right to Data Portability

Where technically feasible, you can receive your personal data in a structured, commonly used format or have it transmitted to another controller where:

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds.

Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.

Making a complaint to the ICO

If you're not satisfied with our response to your complaint, you can contact the Information Commissioner's Office (Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, helpline number: 0303 123 1113, website: https://www.ico.org.uk/make-a-complaint).

You don't have to contact us first before going to the ICO, but we'd appreciate the opportunity to try to resolve your concerns directly with you.

Contact details for GDPR matters

For any questions about how we process your personal information under GDPR, please contact us at:

support@clubworx.com  

Ready to get started risk free?
Try any of our premium plans for 30 days, if you don’t like it we’ll refund you. No lock-in contracts. Upgrade anytime.