Privacy Policy

Last updated: 6th February 2019

Global Fitness Holdings Ltd (trading as Sudor) (“us”, “our”, “we” or “Sudor”) is the controller of your personal data collected through the App. Sudor is committed to protecting and respecting your privacy.


This privacy policy (“Privacy Policy”) sets out the types of personal data we collect and use when you access and visit our Sudor app (“App”) and how we may use that data.  This Privacy Policy applies to all users of the App, including fans and PTPs.

It is important that you read this Privacy Policy together with any other privacy notice or fair processing notices that we may provide on the App at or around the time that we collect or process personal data about you so that you are fully aware of how and why we are using that data.

This Privacy Policy supplements other terms or notices on our App and is not intended to override or replace them.

By visiting or otherwise using our App, you accept that you have read and understood this Privacy Policy.  If, for any reason, you do not agree with the content of this Privacy Policy, please stop using this App.

We reserve the right to revise or amend this Privacy Policy at any time to reflect changes to our business or changes in the law.  Where these changes are significant, we will endeavour to let you know. However, it is your responsibility to check this Privacy Policy before each use of the App.

The App is not intended for children and we do not knowingly collect personal data relating to children.


What information can we collect?

This Privacy Policy covers the collection of your personal data. Where this Privacy Policy refers to ‘personal data’ it is referring to data about you from which you could be identified – such as your name, your date of birth, your contact details and even your IP address.

The personal data we collect from you may include:

  • Identity Data which includes your name, date of birth and gender.
  • Contact Data which includes your e-mail address, billing address and delivery address.
  • Content Data which includes information stored on your device.
  • Device Data which includes details about the mobile device you use and your mobile operating system.
  • Financial Data which includes your bank account and payment card details.
  • Transaction Data which includes details about payments to and from you and other details or services you have purchased from us.
  • Technical Data which includes your IP address (or other online identifier), your login data and browser type and version.
  • Profile Data which includes your username and password, your interests, preferences, feedback and survey responses.
  • Usage Data which includes information about how you use the App and the services. For example, how long a fan takes to complete a workout or how many fans viewed a PTP’s workout.
  • Marketing and Communications Data which includes your preferences in receiving marketing from us and our third parties.
  • Location Data which includes your current location disclosed by GPS technology.


How is your personal information collected?

Information you give to us

When you use the App to register your account with us, complete a form, request marketing be sent to you, participate in social media functions, contact us by email or by post, take part in an online survey, post a comment, enter into competitions, report a problem or offer information to us directly via the App, we may collect, store and use the personal data that you disclose to us.

It is important that the personal data we hold about you is accurate and current. If you want to update the information you have previously given to us, please contact us at privacy@sudor.fit.

Automated technologies or interactions

Each time you use our App, we will automatically collect personal data including Device, Content and Usage Data.  We collect this data using technologies such as cookies or other similar tracking technologies.

We use this data for several different reasons. Firstly, we use it to ensure that the App works properly and that you are able to receive the full benefit of it. Second, we use the data to monitor online traffic and audience participation across the App. We undertake both of these activities because we have a legitimate interest in doing so.

Please refer to our Cookies Policy for further details.

Location data

We also use GPS technology to determine your current location. If you wish to use the particular feature, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by disabling Location Data in your settings.

Third parties or publicly available sources

We may also receive personal data about you from our third-party partners such as: analytics providers, advertising networks, social media providers and search information providers. In particular, if you choose to login to the App via your social media accounts, the social media business may provide us with certain information about you, such as your name and profile picture.


How and why do we use/share your personal data?

Lawful basis for processing your information

We will only use your personal data when the law allows us to.  Most commonly we will use your personal data in the following circumstances:

  • Where you have asked us to do so, or consented to us doing so;
  • Where we need to do so in order to perform a contract we have entered into with you;
  • Where it is necessary for our legitimate interests (or those of a third party) and your fundamental rights do not override those interests; and
  • Where we need to comply with a legal or regulatory obligation.

Here are some examples about how we may use the information we collect about you and the lawful basis we rely on to do so.

Activity Examples of the types of personal data we may collect Lawful basis for processing
To install the App and register you as a new App user. Identity, contact, profile, usage, marketing and communications and technical information. Your consent
To process in-App purchases including managing payments and collecting money owed to us Identity, contact, financial, transaction and device information. Performance of a contract with you 

Necessary for our legitimate interest (to recover debts due to us)

To manage our relationship with your and notify you of changes to the App. Identity, contact, profile and marketing communications information. Your consent 

Performance of a contract with you

Necessary for our legitimate interests (to keep records updated and to analyse how customers use our services)

Necessary to comply with legal obligations (to inform you of any changes to our terms and conditions)

To administer and protect our business and this App (including troubleshooting, data analysis and system testing.) Identity, contact, technical and device information. Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security)
To deliver relevant content and advertisements to you. Identity, contact, technical, profile, usage, device, content marketing and communications, location and technical information. Your consent 

Necessary for our legitimate interests (to develop our products/Services and grow our business)



We may use your personal data to contact you about our latest news, our products or our services (we call this marketing).

You will receive marketing communications from us if you have:

  • subscribed to receive marketing communications from us; or
  • purchased our products or services, and you have not opted out of receiving that marketing when we you provide us with your email address.

To unsubscribe from marketing emails at any time, please click on the unsubscribe link at the bottom of any marketing email, or you can also contact us.

We will get your express opt-in consent before we transfer your personal data to any third party for its own marketing purposes.

Sharing your personal data

Depending on how and why you provide us with your personal data we may share it in the following ways:

  • we may share your personal data with any member of our company group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006;
  • with selected third parties who we sub-contract to provide various services and/or aspects of the App’s functionality (see “Service Providers” below); and
  • with analytics and search engine providers that assist us in the improvement and optimisation of this App as described above.

We may also disclose your personal data to third parties in the following events:

  • if we were to sell or buy any business or assets, in which case we might disclose your personal data to the prospective seller or buyer of such business or assets as part of that sale;
  • if Sudor or substantially all of its assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or if we are asked to provide your details to a lawful authority in order to aid in the investigation of crime or disorder; and/or
  • in order to enforce or apply our App’s terms of use or terms and conditions; or to protect the rights, property, or safety of our company, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.


If you are a fan, we will share your Usage Data with PTPs you are subscribed to.  We share this personal data because it provides PTPs with valuable insight in to their workouts and how they can be improved or optimised. It is therefore in our legitimate interest to share this personal data with PTPs as it develops our commercial relationships with PTPs and also helps grow our business and App.

Service Providers

Our service providers provide us with a variety of administrative, statistical, and technical services. We will only provide service providers with the minimum amount of personal data they need to fulfil the services we request, and we stipulate that they protect this data and do not use it for any other purpose. We take these relationships seriously and oblige all of our data processors to sign contracts with us that clearly set out their commitment to respecting individual rights, and their commitments to assisting us to help you exercise your rights as a data subject.  The following is a list of our trusted service providers we use:

  • Application Developers
  • Analytics Provers
  • Payment Processors
  • Client Relationship Management System Providers

Links to third party sites

This App may include links to third-party sites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party sites and are not responsible for their privacy statements. When you leave our App, we encourage you to read the privacy policy of every other site you visit.


For how long do we keep your personal data?

We will hold your personal information on our systems only for as long as required to provide you with the services you have requested, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.  We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

In some circumstances you can ask us to delete your data: see ‘Your Rights’ below for further information.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.



Sudor takes the protection of your information very seriously. Where we have given you a password that enables you to access certain parts of our App, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.


International Data Transfers

Whenever we do transfer your personal data outside of the European Economic Area (“EEA”), we ensure that a similar degree of protection is afforded to it by ensuring that in most cases at least one of the following safeguards is implemented:

  • we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
  • we will only transfer data to the US, where the business we are transferring your personal data to is part of the Privacy Shield (which requires them to provide similar protection to personal data shared between Europe and the US); and
  • where you we use certain service providers, we will use specific contracts approved by the European Commission which gives personal data the same protection it has in Europe.

By submitting your personal data, you agree to the terms of such transfers. If you would like more information about how the mechanism via which your personal data is transferred, please contact us.


Your Rights

Right of Access

You may, at any time, request access to the personal data we hold about you (you may have heard of this right being described as a “subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Your Right to Rectification

You may request that we correct personal data that we hold about you which you believe is incorrect or inaccurate, though we may need to verify the accuracy of the new data you provide to us.

Your Right to Erasure

You may ask us to erase personal data if you do not believe that we need to continue retaining it (you may have heard of this right described as the “right to be forgotten”).  If for any reason we believe that we have a good legal reason to continue processing personal data that you ask us to erase we will tell you what that reason is at the time we respond to your request.

Your Right to Object to Processing

You may object to processing of your personal data where we rely on legitimate interest for processing that personal data. You also have the right to object where we are processing your personal data for direct marketing purposes.We will comply with your request unless we have a compelling overriding legitimate interest for processing or we need to continue processing your personal data to establish, exercise or defend a legal claim.

Your Right to Restrict Processing

This enables you to ask us to suspend the processing of your personal data in the following scenarios:

  • if you want us to establish the data’s accuracy;
  • where our use of the data is unlawful, but you do not want us to erase it;
  • where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
  • you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.

Your Right to Portability

We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Your Right to object to automated decision making and profiling

You have the right to be informed about the existence of any automated decision making and profiling of your personal data, and where appropriate, be provided with meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing that affects you.

Your right to withdraw consent at any time

You may withdraw your consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you, including the delivery of the App. We will advise you if this is the case at the time you withdraw your consent.

Exercising your rights

When you write to us making a request to exercise your rights, we are entitled to ask you to prove that you are who you say you are. We may ask you to provide copies of relevant ID documents to help us to verify your identity.


Contact Details

If you have any queries regarding this Privacy Policy, if you wish to exercise any of your rights set out above or if you think that the Privacy Policy has not been followed, please contact us by emailing at support@sudor.fit.

You may also lodge a complaint with our lead supervisory authority, the Information Commissioner, or your local supervisory authority about any aspect of our handling or processing of your personal data.  We would, however, appreciate the chance to address your concerns before you approach any supervisory authority, so please contact us in the first instance.