Privacy Policy

Introduction

NovaElementium B.V. ("we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website novaelementium.info, use our services, or interact with us.

This policy applies to all personal data we process about our website visitors, members, and prospective clients. By using our website or services, you consent to the data collection and use practices described in this policy.

Data Collection

We collect information about you in various ways when you use our website and services. The data we collect includes personal information that can identify you, as well as anonymous usage data.

Information You Provide Directly

• Contact details (name, email address, phone number)
• Membership and account information
• Health and fitness information relevant to our services
• Payment and billing information
• Communications with us (emails, contact forms, phone calls)
• Emergency contact information

Information Collected Automatically

• Website usage data (pages visited, time spent, click patterns)
• Device information (IP address, browser type, operating system)
• Location data (general geographic location based on IP address)
• Cookies and tracking technologies data

How We Use Your Information

We use the personal data we collect for various purposes related to providing and improving our services. How we use your information depends on the services you use and your preferences.

• To provide and maintain our CrossFit training services
• To process membership applications and manage accounts
• To communicate with you about classes, schedules, and updates
• To ensure the safety and security of our facility and members
• To process payments and manage billing
• To personalise your experience and improve our services
• To send promotional materials and marketing communications (with consent)
• To comply with legal obligations and protect our rights
• To analyse website usage and improve our online presence

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract: To perform our contract with you for fitness services
• Legitimate Interests: To operate our business, improve services, and ensure safety
• Consent: For marketing communications and non-essential cookies
• Legal Obligation: To comply with applicable laws and regulations
• Vital Interests: To protect health and safety in emergency situations

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

• With service providers who assist us in operating our business
• With payment processors for billing and payment purposes
• With healthcare providers in case of medical emergencies
• When required by law or to protect our legal rights
• With your explicit consent for specific purposes

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and resolve disputes.

• Membership data: Retained for the duration of membership plus 7 years for legal and tax purposes
• Website analytics data: Retained for 26 months
• Marketing communications: Until you unsubscribe or withdraw consent
• Financial records: Retained for 7 years as required by Dutch law
• Health and safety records: Retained for 10 years or as required by law

Your Rights

Under GDPR and Dutch data protection law, you have several rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Request transfer of your data to another organisation
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for marketing or cookies at any time

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data in transit and at rest
• Regular security assessments and updates
• Access controls and staff training on data protection
• Secure storage and backup systems
• Incident response procedures

International Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer your personal data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by posting the new policy on our website and updating the "last updated" date. Your continued use of our services after such modifications constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding your personal data, please reach out to us using the following contact information:

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data appropriately.