Privacy Policy

Introduction

Lumero B.V. ("we", "our", or "us") is committed to protecting your privacy and personal data. This privacy policy explains how we collect, use, and protect your information when you use our services or visit our facility located at Berkenlaan 149, 5083 QG Tilburg, Netherlands.

As the Data Controller, we are responsible for ensuring your personal data is processed in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

Data Collection

The data we collect includes personal information such as your name, email address, phone number, address, date of birth, fitness goals, health information relevant to your training, payment details, and membership information. We collect this information when you register for membership, book services, visit our facility, or communicate with us.

We may also collect information automatically through our website using cookies and similar technologies, including your IP address, browser type, pages visited, and time spent on our site.

Health and fitness data is collected only with your explicit consent and is used solely to provide you with safe and effective training programmes.

How We Use Your Information

We explain how we use your information to provide our fitness and wellness services, including personal training, group classes, and nutrition coaching. Your data helps us create personalised fitness programmes, manage your membership, process payments, and communicate with you about our services.

The use of your data is based on the following legal bases under GDPR: contract performance (to provide our services), legitimate interests (to improve our services and communicate with you), consent (for health data and marketing communications), and legal obligations (for tax and regulatory compliance).

We may use your information to send you service updates, safety information, and promotional materials about our services, but only if you have consented to receive such communications.

Data Sharing

We do not sell your personal data to third parties. We may share your information with trusted service providers who help us operate our business, such as payment processors, IT service providers, and professional advisors. These partners are contractually obligated to protect your data and use it only for the specified purposes.

We may also disclose your information if required by law, to protect our rights or safety, or in connection with a business transfer or merger.

Data Retention

We retain your personal data only for as long as necessary to provide our services and comply with legal obligations. Membership data is retained for the duration of your membership plus seven years for financial and legal compliance purposes.

Health and fitness data is retained for the duration of your membership and deleted within one year after membership termination, unless you consent to longer retention for continuity of care.

Marketing data is retained until you withdraw consent or for three years from your last interaction with us, whichever is sooner.

Your Rights

Under GDPR, you have several rights regarding your personal data, including the right to access, rectify, erase, restrict processing, data portability, and object to processing. You also have the right to withdraw consent at any time where processing is based on consent.

You can exercise these rights by contacting us using the details provided below. We will respond to your request within one month, though this may be extended in complex cases.

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data appropriately.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include encryption, secure servers, access controls, and regular security assessments.

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to using industry-standard practices to protect your information.

Cookies and Tracking

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse website usage. For detailed information about our use of cookies, please see our Cookie Policy.

You can manage your cookie preferences through your browser settings or our cookie consent banner.

International Transfers

We primarily process your data within the European Economic Area (EEA). If we need to transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

We encourage you to review this policy periodically to stay informed about how we protect your personal data.

Contact Us

If you have any questions about this privacy policy or wish to exercise your rights, please contact us using the following information: