Privacy Policy

How COR Fitness ApS protects and processes your personal data

Home > Privacy Policy

Data Controller Information

Company: FITNESS ENGROS A/S
Registration Number: 21830895 (Denmark)
VAT ID: DK21830895
Registered Address: Snedkervej 4-6, 2630, Taastrup, Denmark
UK Representative: SAKOWSKI MATEUSZ HUBERT
Email: hello@britishsolutioncor.info
Phone: +44 20 3890 4527

Last updated: 1 January 2025

1. Introduction

FITNESS ENGROS A/S, operating as COR Fitness ApS, is committed to protecting your privacy and personal data. This privacy policy explains how we collect, use, store, and protect information when you use our corporate wellness services, visit our website, or interact with our team.

We are the data controller for all personal data we process in connection with our corporate fitness and wellness services across the United Kingdom. This policy applies to all interactions with our company, including website visits, service enquiries, health assessments, and ongoing wellness programmes.

2. Legal Basis for Processing

We process personal data under the following legal bases as defined by UK GDPR and Danish data protection legislation:

  • Consent: When you explicitly agree to receive marketing communications or participate in health assessments
  • Contract Performance: To deliver corporate wellness services you or your employer has contracted
  • Legitimate Interest: To improve our services, conduct business development, and ensure service quality
  • Legal Obligation: To comply with tax, accounting, and business registration requirements in the UK and Denmark

3. Information We Collect

3.1 Personal Information

  • Name, job title, and company affiliation
  • Email address and phone number
  • Professional correspondence and enquiry details
  • Website interaction data (via cookies and analytics)

3.2 Health Assessment Data

When you participate in employee health assessments, we collect:

  • Physical measurements (height, weight, blood pressure, body composition)
  • Fitness test results (cardiovascular, strength, flexibility scores)
  • Health questionnaire responses (sleep, stress, exercise habits)
  • Medical history relevant to fitness participation (with your consent)

3.3 Corporate Client Data

  • Company contact information and billing details
  • Aggregate workforce health statistics (anonymised)
  • Programme usage analytics and attendance records
  • Employee satisfaction survey responses

4. How We Use Your Information

4.1 Service Delivery

  • Conduct health assessments and provide personalised reports
  • Deliver wellness programmes and track participation
  • Communicate about appointments, class schedules, and programme updates
  • Provide customer support and respond to enquiries

4.2 Health Data Processing

  • Generate individual health reports with improvement recommendations
  • Create anonymised aggregate reports for employer clients
  • Monitor programme effectiveness and health trend analysis
  • Ensure appropriate exercise modifications and safety protocols

4.3 Business Operations

  • Process payments and maintain financial records
  • Improve service quality through feedback analysis
  • Develop new wellness programmes based on client needs
  • Comply with legal and regulatory requirements

5. Data Sharing and Disclosure

5.1 Employee Health Data

Strict Confidentiality: Individual employee health assessment results are NEVER shared with employers without explicit written consent. Employers receive only aggregate, anonymised statistics that cannot identify specific individuals.

5.2 Service Providers

We may share data with trusted third parties who assist in service delivery:

  • Cloud storage providers (with EU/UK data residency requirements)
  • Payment processors for billing and subscription management
  • Professional fitness equipment suppliers for technical support
  • Certified health professionals delivering assessments on our behalf

5.3 Legal Requirements

We may disclose data when required by law, court order, or to protect vital interests in emergency situations.

6. Data Security and Retention

6.1 Security Measures

  • Encryption of all health data in transit and at rest
  • Multi-factor authentication for all team member accounts
  • Regular security audits and penetration testing
  • Staff training on data protection and confidentiality
  • Physical security measures at our Taastrup and London offices

6.2 Data Retention

  • Health Assessment Data: 7 years (for continuity of care and legal requirements)
  • Corporate Client Records: 7 years (for tax and accounting purposes)
  • Marketing Communications: Until unsubscribe request or 3 years of inactivity
  • Website Analytics: 2 years maximum

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Access: Request copies of your personal data we hold
  • Rectification: Correct inaccurate or incomplete information
  • Erasure: Request deletion of your data (subject to legal retention requirements)
  • Portability: Receive your data in a structured, commonly-used format