Cookie Policy

We use cookies to enhance your experience on our website. By continuing to use this site, you agree to our use of cookies.

GDPR COMPLIANCE FOR FITNESS COACHING

General Data Protection Regulation in Fitness Industry

FitCoach Munich is committed to protecting your personal health data and respecting your privacy rights under the General Data Protection Regulation (EU) 2016/679. As a fitness coaching service, we handle sensitive health information and maintain the highest standards of data protection in accordance with GDPR requirements.

Your Health Data Protection Rights

Under GDPR, you have enhanced rights regarding your personal and health data:

Right of Access

Request copies of all personal and health data we hold about you, including fitness assessments and progress tracking.

Right of Rectification

Correct any inaccurate health information or update your fitness goals and medical conditions.

Right to Erasure

Request deletion of your health and fitness data, subject to legal retention requirements.

Right to Restrict Processing

Limit how we process your health information during disputes or investigations.

Right to Data Portability

Transfer your fitness data to another coach or fitness facility in a structured format.

Right to Object

Object to processing of your data for marketing or research purposes related to fitness services.

Legal Basis for Health Data Processing

We process your personal and health data based on the following specific legal grounds:

  • Explicit Consent: Health assessments, body measurements, and medical history for personalized training programs
  • Contract Performance: Delivery of personal training services and coaching sessions
  • Vital Interests: Emergency medical situations during training sessions
  • Legal Obligation: Compliance with health and safety regulations in fitness industry

Health Data Categories We Process

Health Assessment Data

Medical history, current health conditions, medications, injuries, fitness level assessments

Physical Performance Data

Body measurements, weight, BMI, body fat percentage, fitness test results, progress tracking

Training Session Data

Workout routines, exercise performance, heart rate data, training intensity, session notes

Nutritional Information

Dietary preferences, allergies, nutritional goals, meal plans, supplement usage

Digital Health Data

Wearable device data, fitness app integration, online training platform usage

Health Data Retention Periods

We retain your health and fitness data according to industry standards and legal requirements:

  • Active client data: Duration of coaching relationship plus 2 years
  • Health assessments: 7 years (medical record requirements)
  • Training session logs: 3 years for progress tracking
  • Payment records: 10 years (tax and accounting requirements)
  • Marketing preferences: Until withdrawal of consent

International Health Data Transfers

When we transfer your health data outside the European Economic Area (EEA), we ensure appropriate safeguards:

  • Standard Contractual Clauses (SCCs) for health data processors
  • ISO 27001 certified fitness technology platforms
  • HIPAA-compliant health data storage systems
  • End-to-end encryption for all health data transmissions

Data Protection Officer for Health Data

Our specialized Health Data Protection Officer oversees the protection of your sensitive health information:

Dr. Sarah Müller, Health DPO

[email protected]

+49 89 3947 2856 (ext. 205)

Maximilianstraße 67, 80538 Munich, Germany

Exercising Your GDPR Rights

To exercise any of your GDPR rights regarding your health and fitness data:

Secure Email Request

Send encrypted email to [email protected] with your full name and specific health data request.

In-Person Request

Visit our facility with valid ID to discuss sensitive health data requests in a secure environment.

Response Time: Health data requests are processed within 30 days. Complex requests may require up to 60 additional days with notification.

Health Data Supervisory Authority

For health data protection concerns in Bavaria:

Bavarian State Office for Data Protection Supervision
Promenade 18
91522 Ansbach, Germany
Phone: +49 981 180093-0
Email: [email protected]
Website: www.lda.bayern.de

Last updated: May 22, 2025