Gary Jonas Computing Ltd. and its worldwide subsidiaries and affiliates that comprise the Jonas Family of Companies (“Jonas,” “we,” “us,” ”our”) are committed to protecting your privacy. There are various ways that you might interact with Jonas, and the information you provide when doing so allows us to improve our services. By using this website and our related websites (collectively, the “Site”) and by supplying your details to Jonas, you consent to Jonas collecting and processing your information.
- What information we collect, and why we collect it;
- How we use that information;
- How we protect that information;
- How you can control your information, including accessing, updating and deleting what we store;
- and How we share information collected.
Jonas adheres to Canadian and international statutes and regulations which govern the protection of personal information. In Canada, Jonas adheres to the Personal Information and Protection of Electronic Documents Act (“PIPEDA”). In the United States, Jonas adheres to statutes of general application and statutes of specific application such as the Health Insurance Portability and Accountability Act (“HIPPA”) where applicable. In Australia, Jonas complies with the Privacy Act, 1988, a federal statute as well as with State and Territory laws pertaining to protection of personal information, including the Health Records Act 2001(VIC) where applicable. In New Zealand, Jonas follows the Privacy Act, 1993. In Europe, Jonas adheres to the Data Protection Act, 1998, the European Union (“EU”) Data Protection (95/46/EC) and ePrivacy (2002/58/ED) Directives (as transposed into national law), the EU Privacy Directive dated May 26, 2012 (regarding cookies and other matters) and registers annually with the Information Commissioner’s Office.
Information We Collect & Share
We may collect or record basic personal information (e.g., name, e-mail address, mailing address, phone number) which you voluntarily provide through forms on our Site, through electronic mail you send to us, or through other means of communication between you and us.
We only collect personal information of a more sensitive nature (e.g. social security or other governmental ID numbers, credit card details and account numbers) where it is appropriate or necessary for conducting business. This information will be collected, stored, accessed and processed in a secure manner. We may also collect general non-personal information pertaining to users of our sites, including IP addresses, source domain names, specific web pages, length of time spent, and pages accessed. This information is collected, among other things, to aggregate statistical information, facilitate system administration and improve the Site. We recognize and have controls in place to ensure that the privacy of personal information about an identifiable individual used in the course of commercial activity is protected and managed.
We also collect use, and disclose identifiable information about individual contacts for our customers (“Business Contact Information”) in the ordinary course of our business for managing and maintaining customer relationships. In particular, we may obtain the following types of Business Contact Information: name, address, invoice information including bank account information, and order information. Unless otherwise specified or prohibited, we may share information with affiliates, business partners, service providers, subsidiaries or contractors who are required to provide you with services which you have requested from us.
We may also post links to third party websites as a service to you. These third party websites are operated by companies that are outside of our control, and your activities at those third party websites will be governed by the policies and practices of those third parties. We encourage you to review the privacy policies of these third parties before disclosing any information, as we are not responsible for the privacy policies of those websites.
How We Use Information
We use the information we collect to provide you with services which you request and to improve our existing services and the content of our Site. When you contact us, we may keep a record of your communication to help solve any issues that you might be facing. Your information may be retained for a reasonable time for use in future contact with you, or for future improvements to our services. You have the option to opt-out or opt-in for further communications from us.
We may also use or disclose your personal information when we believe, in good faith, that such use or disclosure is reasonably necessary to (i) comply with law, (ii) enforce or apply the terms of any of our user agreements, or (iii) protect our rights, property or safety, or the rights, property or safety of our users, or others. We reserve the right to transfer and disclose your information if we become involved in a business divestiture, change of control, sale, merger, or acquisition of all or a part of our business.
In certain cases, we also operate as an information processor for our business customers. Our business customers remain the information controllers with respect to any customer information that they provide to us for our provision of services. We therefore act in accordance with the instructions of such customers regarding the collection, processing, storage, deletion and transfer of customer information, as well as other matters such as the provision of access to and rectification of customer information.
We do not sell our services to children. As such, our Sites are designed for adult user interaction. We do not intentionally collect personally identifiable information from children under the age of 13.
Cookies are a technology that can be used to help personalize your use of a website. A cookie is an element of information that a website can send to your browser, which may then store it on your system. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it or decline at any time. To enable us to assess the effectiveness and usefulness of this Site, and to give you the best user experience, we collect and store information such as pages viewed by you, your domain names and similar information. Our Site makes use of anonymous cookies for the purposes of:
- Completion and support of Site activity;
- Site and system administration;
- Research and development;
- and Anonymous user analysis, user profiling, and decision-making.
An Internet Protocol (“IP”) address is associated with your computer’s connection to the Internet. We may use your IP address to help diagnose problems with our server, to administer the Site and to maintain contact with you as you navigate through the Site. Your computer’s IP address also may be used to provide you with information based upon your navigation through the Site.
Aggregate information is used to measure the visitors’ interest in, and use of, various areas of the Site and the various programs that we administer. We will rely upon aggregate information, which is information that does not identify you, such as statistical and navigational information. With this aggregate information, we may undertake statistical and other summary analyses of the visitors’ behaviors and characteristics. Although we may share this aggregate information with third parties, none of this information will allow anyone to identify you, or to determine anything else personal about you.
Collection and Use of Employee Personal Information We also collect personal information from our employees and from job applicants (human resource data) in connection with administration of our human resources programs and functions. These programs and functions include, but are not limited to: job applications and hiring programs, compensation and benefit programs, performance appraisals, training, access to our facilities and computer networks, employee profiles, employee directories, human resource recordkeeping, and other employment related purposes. It is our policy to keep all past and present employee information private from disclosure to third parties. There are certain business related exceptions and they are:
- To comply with municipal, regional, provincial or federal agency requests;
- Inquiries from third parties with a signed authorization from the employee to release the information, except in situations where limited verbal verifications are acceptable (see below);
- Third parties with which we have contractual agreements to assist in administration of company sponsored benefits.
Prospective employers, government agencies, financial institutions, and residential property managers routinely contact us requesting information on a former or current employee’s work history and salary. All such requests of this type shall be referred to and completed on a confidential basis by the human resources department or payroll department. For written verification of employment requests, information will be provided on the form only when it is accompanied by an employee’s signed authorization to release information. The form will be returned directly to the requesting party and filed as part of the human resources or payroll department’s confidential records.
The security of your personal information is important to us. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.
We use reasonable measures to safeguard personally identifiable information, which measures are appropriate to the type of information maintained, and follow applicable laws regarding the safeguarding of any such information under our control. In addition, in some areas of our Sites, we may use encryption technology to enhance information privacy and help prevent loss, misuse, or alteration of the information under our control. We also employ industry-standard measures and processes for detecting and responding to inappropriate attempts to breach our systems.
No method of transmission over the Internet, or method of electronic storage, can be 100% secure. Therefore, we cannot guarantee the absolute security of your information. The Internet by its nature is a public forum, and we encourage you to use caution when disclosing information online. Often, you are in the best situation to protect yourself online. You are responsible for protecting your username and password from third party access, and for selecting passwords that are secure.
Monitoring and Enforcement
Accessing and Updating Your Personal Information
If you have provided us with your personal information, you may have the right to inspect the information stored by us for accuracy, or may request that the information be removed from our files. We will make a reasonable effort to comply with such requests except where it would require a disproportionate effort (for example developing a new system or changing an existing practice). We may require that you verify your identity before we act on a request to edit or remove your information. Please direct any questions about your information to the Privacy Contact identified below to review any personal information held about you.
Social Media and Online Engagement
We occasionally use a variety of new technologies and social media options to communicate and interact with customers, potential customers, employees and potential employees. These sites and applications include popular social networking and media sites, open source software communities and more. To better engage the public in ongoing dialog, certain businesses of ours use certain third-party platforms including, but not limited to, Facebook, Twitter and LinkedIn. Third-Party Websites and Applications (TPWA) are Web-based technologies that are not exclusively operated or controlled by us. When interacting on those websites, you may reveal certain personal information to us or to third parties. Other than when used by our employees for the purpose of responding to a specific message or request, we will not use, share, or retain your personal information.
Who is collecting the data?
MiGym, aka Apps That Fit LLC, aka Jonas Holdings is headquartered at 330 S Warminster Rd, Hatboro, PA.
What data is being collected?
The MiGym platform currently collects, processes and stores the following personal information about some app users, depending on which features are enabled:
- device ID
- membership number
- IP address
- bookings and check in history
- favorite classes
- app engagement statistics MiGym currently collects, processes and stores the following personal information for our clients:
- email address
- phone numbers
- billing information
What is the legal basis for processing the data?
MiGym has a “legitimate interest” in processing app users’ data. MiGym processes only the data required to provide the features and functions of the app and report on app usage to internal and external stakeholders and customers. MiGym has put in place necessary security and safeguards to protect and manage data under the GDPR as a data processor and subprocessor for our partners and customers.
Will the data be shared with any third parties?
MiGym shares data with third party data processors in the performance and function of the apps and the platform. These third parties include processors providing: push notifications, analytics, raw data storage, data backups, and systems monitoring. Each has been reviewed for compliance with the GDPR.
How will the information be used?
MiGym uses the personal information processed in order to provide the features and functions of the app, including scheduling, favorites filters, push notifications, account management, lead generation, and location-based search.
How long will the data be stored for?
MiGym stores database backups for up to thirty days. Our live dataset has no expiration and will be stored until an erasure request is received or during periodic purges as needed.
What rights does the data subject have?
MiGym will comply with any legitimate request for personal information under the GDPR for all EU citizens, and will endeavor to process other legitimate requests on a case by case basis.
How can the data subject raise a complaint?
App users must initiate a request with their club. In order to fully process requests including device ID information, a personal information request may be submitted via the Personal Information Request form in the app’s Settings. All other requests may be submitted to firstname.lastname@example.org.