Privacy Policy of EGYM Wellpass GmbH
The protection of your personal data is very important to us. We treat this matter with great care and therefore inform you below about how we handle your personal data when you visit our website, register for the corporate fitness offering, use the functionalities of our mobile application (“App”) or make use of any other services offered on our website or in our App (e.g. subscribing to our newsletter, etc.).
1. Controller and Data Protection Officer
The controller within the meaning of Art. 4(7) of the European General Data Protection Regulation (GDPR) for the offering at www.egym-wellpass.com, our App and the services and functionalities offered there is EGYM Wellpass GmbH, Einsteinstraße 172, 81677 Munich. You can contact us at any time via the contact channels stated in our legal notice (Impressum), e.g. by email at datenschutz@egym.com. You can reach our Data Protection Officer with data protection matters, for example by email at support@egym-wellpass.com or by post to our postal address marked “for the attention of the Data Protection Officer”.
2. Your rights
You have the following rights against us with regard to the personal data concerning you: - Right of access (Art. 15 GDPR), - Right to rectification (Art. 16 GDPR), - Right to erasure (Art. 17 GDPR; “right to be forgotten”), - Right to restriction of processing (Art. 18 GDPR), - Right to object to processing (Art. 21 GDPR), - Right to data portability (Art. 20 GDPR).
You also have the right to lodge a complaint with a data protection supervisory authority in the Member State of your residence, place of work or the place of the alleged infringement regarding our processing of your personal data, if you consider that the processing of the personal data concerning you is unlawful.
Insofar as you have given us consent to process your data, you can withdraw it at any time with effect for the future. The lawfulness of the processing of your data up to the withdrawal remains unaffected by this.
To exercise your rights or for any other data protection matters, you can contact us at any time via the contact channels stated in section 1 above and/or those listed in our legal notice (Impressum).
3. Additional notice regarding your right to object
We additionally point out that insofar as processing of your personal data takes place on the basis of legitimate interests within the framework of the balancing of interests pursuant to Art. 6(1)(f) GDPR and/or your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data.
4. Purposes and legal bases for the processing of your personal data
Within the scope of using the services offered on our website and when using our App, we collect and process your personal data in the cases listed below:
a. Use of our website
aa. Registration for the EGYM Wellpass corporate fitness offering
Insofar as your company/employer participates in the EGYM Wellpass corporate fitness programme and you belong to the group of employees of your employer who are eligible to participate, you can register as an employee of the respective company/employer on your company's/employer's EGYM Wellpass registration page or via your company's/employer's internal contact person for the corporate fitness offering. The verification of your eligibility to participate is carried out by manual confirmation by your employer after registration has taken place or – depending on the agreement between EGYM Wellpass and your employer – on the basis of eligibility lists provided by your employer or via a connection to your employer's HR system (see section 5 below). For registration via the company-specific EGYM Wellpass registration page, the following data is required: email address, salutation, first and last name, date of birth, registration date, payment data (for processing the monthly membership fee after registration has taken place, as well as for error checking within existing memberships). We process the data you provide in order to properly verify and carry out your registration. We need your email address to confirm receipt of your registration and to give you access to our Wellpass App. In order to be able to train at the EGYM Wellpass training facilities after successful registration, registration in the EGYM Wellpass App is possible; in this case the verification of your training eligibility takes place after successful registration in the App by scanning the QR code of the respective EGYM Wellpass training facility. Please note that the EGYM Wellpass training facility you select may, when you check in there, record your name/first name and the time of your check-in via a paper list for check-ins provided by EGYM Wellpass, and pass this information on to EGYM Wellpass. In this case, the collection of the data is required for billing between EGYM Wellpass and the partner facility. For information on the alternative check-in via synchronisation between the studio management software of the EGYM Wellpass training facility and EGYM Wellpass/EGYM, please see the separate information below in section 4 b) cc). The legal basis for the processing described above is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract with the data subject).
ab. Registration for EGYM Wellpass Plus1 members
Insofar as you have received an invitation link from an EGYM Wellpass member with an active EGYM Wellpass membership, you can register online with EGYM Wellpass as an EGYM Wellpass Plus1 member and, for the duration of the active membership of the EGYM Wellpass member who invited you, obtain access to participating studios within our partner network. For registration and booking of the EGYM Wellpass Plus1 membership via the EGYM Wellpass registration page for Plus1 members, which you reach after clicking on the invitation link, the following data is required: email address, salutation, first and last name, date of birth, registration date, a password chosen by you, payment data (for payment of the monthly membership fee after registration has taken place). We process the data you provide in order to properly verify and carry out your booking and registration as an EGYM Wellpass Plus1 member. We need your email address to confirm receipt of your booking. The legal basis for the processing described above is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract with the data subject). After successful booking and registration, the EGYM Wellpass member who invited you can see in the EGYM Wellpass App that you have successfully registered as their EGYM Wellpass Plus1 member. This is necessary because the term of your Plus1 membership is determined by the duration of the EGYM Wellpass membership of the EGYM Wellpass member who invited you (insofar as you do not cancel your Plus1 membership yourself before the membership of the inviting EGYM Wellpass member expires). In order to be able to train at the participating EGYM Wellpass training facilities after booking, you must log in with your access data in the EGYM Wellpass App; after successful registration in the App, you obtain access to the participating EGYM Wellpass training facility by scanning the QR code of the respective EGYM Wellpass training facility.
ac. Subscribing to our newsletter
With your consent, you can subscribe to our newsletter on our website. As a newsletter subscriber, you will be informed regularly by email about new partner facilities in our growing network. To subscribe to the newsletter, only your email address is required. Providing your first and last name is optional and we use it only so that we can address you personally in the newsletter.
For subscribing to our newsletter we use the so-called double opt-in procedure. This means that after your subscription we send an email to the email address you provided, in which we ask you to confirm that you wish to receive the newsletter. After your confirmation, we store your email address for the purpose of sending the newsletter. The legal basis for the processing described above for the purpose of sending the newsletter is Art. 6(1)(a) GDPR (processing on the basis of the data subject's consent).
In addition, we store the respective times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data. The legal basis for this is Art. 6(1)(f) GDPR (processing is necessary to protect the legitimate interests of the controller).
You can withdraw your consent to receiving the newsletter at any time and unsubscribe from the newsletter. You can declare the withdrawal, for example, by clicking on the unsubscribe link provided in every newsletter email or, for example, by sending a message to the contact details stated in the legal notice.
b. Use of our App
ba. Downloading the App
When downloading the App, the required information is transmitted to the respective App Store, in particular the username, email address and customer number of your account, the time of the download and the individual device identifier. We have no influence over this data collection and are not responsible for it. You can find information on this in the privacy policy of the respective App Store.
bb. Registration, user profile, verification of membership
In order to be able to use the functions of our App, you must register. For registration, the following data is required: first name, last name, email address and a password chosen by you. Your data is needed in order to set up a user account that enables you to train at an EGYM Wellpass partner facility (insofar as you are eligible to do so) and to use this App and navigate it easily. Before the first check-in at a partner, a profile photo must be selected in the App so that the partner can verify your identity. Scanning the QR code of the respective EGYM Wellpass partner facility or other forms of verifying eligible membership with EGYM Wellpass are needed so that you can check in at an EGYM Wellpass partner facility (for information on checking in via synchronisation between the partner facility's studio management software and EGYM Wellpass, please see the separate information below in dd)). The legal basis for the processing described above is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract).
In addition to entering your email address and password for authentication, we also offer you, alternatively and optionally, the possibility of logging in to the App using biometric features. Please note that we do not have access to your biometric data at any time as a result. The recognition is carried out entirely on your device, and we do not receive any biometric information such as facial features, fingerprints or other data used for authentication. We only receive the information that verification by means of biometric features was successful. Further information on data protection in connection with biometric authentication can be found directly with the respective provider of your device/operating system, e.g. for Apple at https://www.apple.com/legal/privacy/data/en/face-id/.
bc. Registration with your EGYM account, use of your EGYM Wellpass account for EGYM products (“EGYM ID”)
If you already have an EGYM ID from our affiliated company EGYM, e.g. because you use EGYM strength equipment at your training facility or use the EGYM Fitness App, we offer you, alternatively and optionally, the possibility of also registering for the EGYM Wellpass membership with your EGYM login data (“EGYM ID”). In this case, your EGYM login data is processed for carrying out the registration with EGYM Wellpass and you can log in to the EGYM Wellpass App in future without having to create a separate EGYM ID for using EGYM Wellpass. The General Terms and Conditions of EGYM Wellpass and this Privacy Policy and the processing of personal data described herein within the scope of the EGYM Wellpass membership also apply in the case of registration with your EGYM login data. You will be informed accordingly of this when registering with your EGYM login data.
If you decide to register via your existing EGYM ID, the legal basis for the processing described above is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract). Conversely, if you wish, you can also use your existing EGYM Wellpass access data to log in to other EGYM products, e.g. on EGYM strength equipment at your training facility or in the EGYM Fitness App. You can find further information on registering for EGYM products with your EGYM Wellpass access data in the EGYM Privacy Policy.
bd. Check-in, access and verification functions at participating EGYM Wellpass training facilities (including location-based functions)
In order to enable you to access participating EGYM Wellpass training facilities and to verify your training eligibility, we make various check-in, access and verification functions available in our App. Depending on the training facility, the type of offering (e.g. free training or class booking) and the technical connection of the respective training facility, different procedures are used. This also includes the display of and search for training facilities near you (“studio search”), insofar as you actively use this function, as well as a location-based verification of your check-in (“Smart Check-in”). This includes in particular automated or manual check-in procedures, check-in via systems provided by the training facility, and a location-based verification of your check-in (“Smart Check-in”).
Processing of location data
The processing of location data takes place for different purposes depending on the function. In the studio search, it serves to show you training facilities near you and to make the use of the App more convenient. With the Smart Check-in, it serves to verify your presence at a training facility and to prevent misuse.
Location-based check-in function (“Smart Check-in”)
In the case of location-based verification at participating training facilities, we process the location data of your device at the time of check-in in order to check whether you are in the immediate vicinity of the respective training facility. This requires that you have activated location sharing on your device. This serves the reliable execution of the check-in as well as the prevention of misuse and the assurance of a fair system for all members and participating training facilities.
The location query is carried out exclusively on an event-related basis, i.e. only when you actively use a corresponding function in the App (e.g. when opening the check-in or when searching for nearby training facilities). The location data is not stored permanently, not logged and not used to create movement profiles. We process the location information exclusively on a temporary basis to carry out the distance check or to display training facilities near you. There is no use beyond this and no continuous tracking.
Insofar as you already use location-based functions in the App (e.g. the display of training facilities near you), you may have already granted the App access to the location of your device via the settings of your operating system. This setting remains unchanged. In this case, the use of location data within the scope of the Smart Check-in takes place additionally and exclusively on an event-related basis to verify the check-in when you actively use this function. Sharing is carried out via the settings of your operating system and can be adjusted or deactivated there at any time with effect for the future.
Legal basis
Insofar as location data is processed (e.g. within the scope of the location-based check-in function), this takes place on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR.
Our legitimate interests consist in particular of enabling you to have a user-friendly display of training facilities near you, simplifying the use of our offering, ensuring proper use, preventing improper use and guaranteeing fair billing towards the participating training facilities.
In designing the processing, it was taken into account in particular that the location data is processed exclusively on an event-related basis, that no storage takes place and that no tracking or profiling takes place, and that, in the case of the Smart Check-in, alternative options for the check-in are available, in order to keep the intensity of the interference for you as low as possible.
You have the right, on grounds relating to your particular situation, to object at any time to the processing of your personal data which is based on Art. 6(1)(f) GDPR (Art. 21 GDPR).
If you wish to exercise this right, you can deactivate location sharing for the Wellpass App at any time in the settings of your device. In this case, alternative check-in options are available to you, e.g. the check-in option described under 4 be. or through manual assistance on site at the training facility.
be. Check-in, access and optimised support at participating EGYM Wellpass training facilities with an existing EGYM Wellpass interface
In addition to the general check-in and access verification functions described above, at training facilities with an existing EGYM Wellpass connection we offer further options in connection with check-in, access to the training facility, the booking of services and on-site support.
Insofar as your EGYM Wellpass training facility/facilities have an existing connection between the respective studio management software or the member management system of the respective training facility and the EGYM Wellpass interface, you can use simplified check-in, access and booking functions depending on the technical equipment of the respective training facility. This may include in particular access via a turnstile or other access systems, the use of a QR code, barcode, RFID/NFC medium or comparable access means, as well as the creation of a local access or member profile in the studio management software of the respective training facility.
At certain training facilities, the creation of such a local profile is carried out manually by the training facility's staff. In this case, you show the staff at the respective EGYM Wellpass training facility the relevant screen in the App with your personalised verification code (Verification TAN). The staff then, insofar as you have an active EGYM Wellpass membership, create you as an EGYM Wellpass member in the training facility's member management software and may, for example, hand you an access means of the training facility with which you can use the training facility's access system on future visits. For the manual creation in the member management software of the respective EGYM Wellpass training facility described above, the personal data required for this is displayed on the screen in your EGYM Wellpass App. This may include in particular first and last name, gender and email address. Insofar as the function provides for this, you have the option of hiding the data displayed on the screen in the App.
At certain training facilities with a corresponding technical connection, the creation of a local access or member profile can also take place automatically. This concerns in particular training facilities at which simplified or staff-free access via the App is enabled, e.g. via QR code, barcode, RFID/NFC medium or a comparable access means. In these cases, we transmit the personal data required for this to the respective EGYM Wellpass training facility or to its studio management software when you actively use the corresponding booking, check-in or access function, in particular when setting up access for the first time or when using a corresponding booking or access function for the first time.
The data transmitted for this purpose includes – depending on the technical connection and insofar as required for the respective function – your first and last name, your email address, a technical user or member identifier, as well as information about the status or the term of your EGYM Wellpass membership. The transmission serves to create you in the studio management software of the respective training facility as an EGYM Wellpass member or access-eligible member, to verify your training eligibility and to enable you to use the respective access or booking system. The automated transmission only takes place insofar as this is necessary for the use of the respective booking, check-in or access function.
The respective training facility processes the local profiles created in its studio management software and the data stored there under its own data protection responsibility. Insofar as the training facility uses a provider of studio management software or a member management system for this purpose, this regularly takes place as a processor of the training facility. For any further processing of your personal data by the respective training facility, e.g. if the training facility collects additional information from you when you use it on site or offers its own support services, the data protection provisions of the respective training facility apply.
Insofar as the creation as an EGYM Wellpass member in the member management software of the training facility also serves to enable optimised support by the training facility or its trainers, e.g. through the creation of a training plan in the EGYM Trainer App or the carrying out of anamneses, the respective terms of use and data protection notices of the training facility as well as – where necessary – separate consents additionally apply in this respect.
The legal basis for the processing described above is Art. 6(1)(b) GDPR, insofar as the processing is necessary to provide the check-in, booking, access or support function you have requested.
bf. Training data/fitness activities (health-related data)
Should you make use of the relevant training functionalities in the App, we additionally collect health-related data in your EGYM Wellpass profile, but only with prior, explicit consent for the respective purpose pursued. This concerns information about your fitness and physical characteristics that is needed to provide you with a desired training progression, progress towards fitness goals, challenges and participation in rewards programmes, as well as information about gender, weight, the name of your personal trainer, training plan, your training data (such as the length and intensity of the training, training time, equipment used, calories burned, distance and average speed). For the use of some training functionalities or the recording/display of the relevant training data and training progress as described above (relating, e.g., to the display of training plans from your trainer that the trainer stores in the EGYM Trainer App, or training data from the use of EGYM strength equipment at your EGYM Wellpass training facilities), an EGYM ID activated for EGYM (see section 4 b) cc) above) and an active synchronisation of the training data between the member management software of your training facility/facilities and EGYM (when the EGYM Trainer App is used by your trainer at the training facility) is required. The legal basis for the processing described above is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract) in conjunction with Art. 6(1)(a) GDPR in conjunction with Art. 9(2)(a) GDPR (consent of the data subject). You can withdraw your consent at any time with effect for the future. Please note that in this case you will no longer be able to use the relevant functionalities.
bg. Compatible fitness trackers/wearables, devices (information from other sources)
Insofar as you wish, for example, to link or synchronise data from compatible fitness trackers/wearables, fitness devices, etc. from third-party providers in the App with your EGYM Wellpass profile, we process, with your consent, the data transmitted by these third-party providers, including – depending on the third-party provider – health-related data, for the purpose of linking/synchronisation in your EGYM ID activated for EGYM. You can deactivate the link again at any time in the settings. The legal basis for the processing described above is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract) in conjunction with Art. 6(1)(a) GDPR in conjunction with Art. 9(2)(a) GDPR (consent of the data subject).
bh. Data in connection with rewards, referrals, challenges and promotions
We collect information about offers/promotions in which you participate in the App, which you save, redeem and use, reward points that you collect and spend, and the number of referrals that you submit. The legal basis for the processing described above is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract).
bi. Data in connection with participation in prevention courses
If you wish to participate in a prevention course in our App, we store and process the following personal data from you, which is necessary in order to enable you to participate in the course: first/last name, name/ID of the course in which you participate, start/completion of the course, confirmation that there are no reasons preventing participation, storage of the user's progress in the course (so that you can continue at the same point), number of completed units in the course, total duration of participation in the course. The legal basis for the processing described above is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract with the data subject). No health data is stored/processed within the scope of participation in prevention courses.
bj. Information about your goals and challenges
If you set your goals and/or accept a challenge, we record and store your goal information (name, type, requirement, status, progress) and information about the challenge (accepted challenges, completed, leaderboard, including the usernames of other competitors). The legal basis for the processing described above is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract).
bk. Email notifications about news/announcements, etc.
Insofar as you have expressly consented during the registration process, you will be informed by email about news and announcements from EGYM Wellpass as well as about your progress, goals and challenges in which you participate. You can withdraw this consent at any time. The legal basis for the processing described above is Art. 6(1)(a) GDPR (consent of the data subject).
bl. Anonymisation and aggregation of check-in data and metrics, creation of non-personal statistics
We evaluate data from the use of the EGYM Wellpass offerings exclusively in anonymised and aggregated (i.e. summarised) form, not related to individual persons, and record it in statistics. This relates, for example, to the total number of check-ins at the individual EGYM Wellpass training facilities, the cities or municipalities with the highest usage activity (“Top Cities”), the most popular or most frequently used EGYM Wellpass partner locations (“Top Locations”), the most popular/most frequently used courses and offerings at the facilities, as well as further aggregated usage metrics in the EGYM Wellpass App. Insofar as you also use EGYM functionalities at the same time within the scope of your EGYM user account, e.g. use EGYM equipment at the training facilities, have your trainer create training plans in the EGYM Trainer App and have consented to the synchronisation of data between EGYM, EGYM Wellpass and the training facility, the data recorded in this way is anonymised and summarised in the statistics listed above. This data recorded by our group company EGYM SE is processed by EGYM on our behalf and on our instructions within the framework of a data processing agreement between us and EGYM pursuant to Art. 28 GDPR for the EGYM Wellpass statistics listed above. Any reference to you as a person or a re-identification is excluded by the anonymisation and aggregation. Furthermore, this excludes any conclusions about your individual activities/check-ins, your training habits, your fitness or your state of health. The statistics we create are used by us for internal purposes to optimise our offering. Furthermore, we may make available to your employer statistics relating exclusively to the entire company. The legal basis for the aforementioned processing in the form of anonymisation and aggregation in statistics is our legitimate interest in expanding our offerings in the interest of our members and customers, or the legitimate interest of your employer in understanding whether its investments in corporate sport pay off through the subsidisation of membership fees, and which can contribute to evaluating the use and acceptance of the corporate fitness programme offered. Your legitimate interests are taken into account through the anonymisation/aggregation. Furthermore, in this context we have defined thresholds such that statistics are only made available by us above a certain minimum number of employees in a company. This applies in particular also to location-based evaluations such as city, region or location overviews. A presentation takes place exclusively in aggregated form, without stating times, individual usage frequencies or other individual information, and only insofar as a re-identification is excluded due to the number of active users. In this way, in addition to the technically secure anonymisation, we ensure that your employer in no case has the possibility of drawing conclusions about individual employees or re-identifying them on the basis of the statistics. You have the right to object at any time to the processing described above in the form of anonymisation and creation of statistics, with effect for the future, in your App settings with a simple click.
bm. Transmission of check-ins to your employer in exceptional cases on the basis of an internal agreement between you and your employer
Please note that, in a few exceptional cases, your employer may make the subsidisation of the membership conditional on active participation/use on the basis of an internal agreement with the employees, and reserve the right to discontinue the subsidisation for the employee concerned in the event of low activity or to terminate the membership of the employee concerned. In these exceptional cases, and in deviation from section 4 bk. above, we transmit your name and the number of check-ins per month to your employer. In doing so, your employer only receives the number of check-ins, but no information about exactly when and exactly where you trained. Your employer may only process the data for the purpose of verifying eligibility for membership on the basis of the agreement reached with you in the company. In this case, the transmission of the aforementioned data is necessary for the performance of the internal agreement reached between you and your employer (the legal basis is Art. 6(1)(b) GDPR). Insofar as the aforementioned exceptional case applies to your membership with EGYM Wellpass, you will be informed about this separately and directly by your employer.
bn. Class booking
The EGYM Wellpass App offers the possibility of reserving places for training activities, in particular for participation in courses or group classes as well as for booking free training times, at participating EGYM Wellpass training facilities. Insofar as you use this booking function, we transmit the personal data required for carrying out the booking and the check-in to the respective EGYM Wellpass training facility.
This includes in particular your first and last name as well as information about the booked service, e.g. course, date, time and booking status. In certain cases, it may additionally be necessary to transmit your email address to the respective training facility, for example if the training facility needs to contact you in connection with the specific booking, e.g. in the case of course changes or cancellations, or if the email address is required for the technical execution of the booking in the training facility's studio management software.
At training facilities with a corresponding technical connection, in order to carry out the booking, the check-in or access to the booked service, it may also be necessary to create a local profile in the studio management software or the member management system of the respective training facility upon first use of the booking function. In this case, we transmit the data required for this, in particular first and last name, email address, a technical user or member identifier as well as booking-related information, to the respective training facility or its studio management software. This serves to manage the booking at the training facility, to verify your training eligibility and to enable you to use the booked service or to access the training facility.
The training facilities process the transmitted personal data under their own data protection responsibility exclusively to carry out the booked service, to verify your training eligibility and to enable the associated access. The legal basis for the processing described above is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract with the data subject).
Please note that, for any further processing of your personal data by the respective training facility, for example if additional information is requested from you when using the training facility, exclusively the data protection provisions of the respective training facility apply.
bo. Support and chat function in the App
In our App we provide you with a chat function via which you can contact our support team and submit support or service requests. The use of the chat function takes place exclusively on your own initiative, by you actively opening the chat. To provide and handle the chat function, we use the service provider Intercom. When you open and use the chat function, the personal data required for carrying out the support communication is transmitted to Intercom. This includes in particular your internal user identifier (UserID) as well as – insofar as stored – further contact data (e.g. name, email address) and technical information about your device and the App (e.g. App version, operating system). In addition, the contents of the messages you enter in the chat as well as the associated metadata (e.g. timestamps, processing status) are processed in order to handle your request and to communicate with you. We use the data processed within the scope of the chat function exclusively to handle your request and to ensure and improve the quality of our customer and support service. For internal evaluation and improvement of our support processes, certain usage-related information about the chat function is evaluated in aggregated form (e.g. the time and duration of the handling of a request or the status of support requests); however, no contents of the chat communication are analysed in this respect. The legal basis for the processing of your personal data within the scope of the support and chat function is Art. 6(1)(b) GDPR (processing for the performance of the contractual relationship) as well as additionally Art. 6(1)(f) GDPR (legitimate interest in an efficient and high-quality customer service).
c. Contacting us / use of the contact form and partner enquiries
When you contact us (e.g. by email, telephone or via a contact form), we process the data you provide in order to handle your request and to communicate with you.
Insofar as your enquiry relates to a possible partnership with us (e.g. as an interested sports partner), we additionally process your data to initiate a possible partnership with you. This also includes contacting you (e.g. by email or telephone), in particular for further coordination and scheduling appointments.
The legal basis for the processing is Art. 6(1)(f) GDPR. Our legitimate interest lies in the efficient handling and answering of enquiries that you yourself address to us, as well as in appropriate communication with you. Insofar as your enquiry is directed at initiating a possible partnership with us, the processing of your data additionally takes place on the basis of Art. 6(1)(b) GDPR.
You have the right, on grounds relating to your particular situation, to object at any time to the processing of your data on the basis of Art. 6(1)(f) GDPR. You can also object at any time, with effect for the future, to being contacted in connection with your enquiry.
We delete the data arising in this context as soon as it is no longer necessary to achieve the purpose, or we restrict the processing insofar as statutory retention obligations exist.
d. Obligation to provide personal data
If you wish to make use of the services and functionalities offered on our website and/or in our App, you must provide the personal data that is required for the respective service. If you do not provide us with this data, it is not possible for us to provide you with the desired service.
e. No automated decision-making
We point out that, within the scope of using our website or the App and making use of the services/functionalities offered, you are not subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you.
5. Disclosure of data to third parties/recipients, use of service providers
Your personal data is only disclosed or transmitted by us to third parties insofar as this is necessary for the performance of the contract with you, there is a legitimate interest on our part or on the part of a third party, you have given your consent to this, and/or insofar as we are obliged to do so on the basis of statutory provisions or by official or judicial orders.
Your personal data is transmitted by us to third parties in the cases described below and for the purposes described below: - Within the group/EGYM: We also disclose personal data within the group to the group company EGYM SE, Einsteinstraße 172, 81677 Munich, within the framework of processing on behalf of the controller, under which EGYM SE provides personal data of EGYM Wellpass for the purpose of group-wide, internal administrative purposes and further related services, such as hosting and server capacities, for us, on our behalf and on our instructions. Furthermore, EGYM SE provides, within the framework of processing on behalf of the controller as above, services in connection with the collection of anonymised data for usage statistics as described in detail in section 4 b) bl) above. - Your employer: In order to verify whether you are eligible to participate in and train under your employer's/company's corporate fitness programme, the data you provide during registration is transmitted to your employer for verification/confirmation. After your registration, your employer can view your name/first name, date of birth and your personnel number as well as the time of registration in our company portal. Insofar as the personnel number you provided is incomplete or incorrect (e.g. typing error, incomplete personnel number), your employer has the option of correcting or rectifying this information on the basis of the data stored about you by your employer in the company portal; such corrections/rectifications take place exclusively for the purpose of properly carrying out and completing the verification that you are eligible to participate in the corporate fitness programme, in particular with regard to any subsidisation of your participation by your employer. The legal basis for the transmission to your company/employer is Art. 6(1)(b) GDPR (processing is necessary for carrying out pre-contractual measures and for the performance of the contract). (The foregoing does not apply to EGYM Wellpass Plus1 members.) Where applicable, we make available to your employer anonymised and aggregated statistics as described in detail in section 4 b) bl) above, insofar as you have not objected to this. We only transmit personalised check-ins to your employer if your employer, on the basis of an internal agreement with you in the company, makes eligibility for membership with EGYM Wellpass conditional on active participation/use; see section 4 bm. above. - Connection to/interface with your employer's HR system or transmission of eligibility lists (joint controllership): Insofar as the HR system used by your employer (e.g. Personio) is connected to EGYM Wellpass via an interface, personal data is transmitted to EGYM Wellpass, which enables your employer to simplify the organisation of the EGYM Wellpass memberships of employees eligible to participate in the company. In the event of an employee's registration, this enables us to carry out an automated check of whether you are eligible to participate. Furthermore, this enables your employer to terminate memberships (e.g. due to the end of employment or a change to an excluded location/subsidiary), depending on how your employer has specifically defined eligibility to participate in the company. Insofar as the connection of the HR system between your employer and EGYM Wellpass is activated, your employer and EGYM Wellpass process your personal data within the framework of so-called joint controllership pursuant to Art. 26 GDPR and conclude a written agreement for this purpose that sets out the obligations of both controllers. In this case, you will be informed separately by your employer about the essence of the agreement concluded between your employer and EGYM Wellpass and about the exact scope and purpose of the processing of your personal data. The above provisions apply accordingly also in the event that your employer uses a so-called eligibility list (“Allowlist”) instead of the technical HR system connection. In this case, your employer regularly provides EGYM Wellpass with a list of the employees eligible to participate (e.g. first and last name, date of birth, email address) in order to automatically check eligibility to participate, to manage memberships and – if eligibility to participate ceases – to terminate memberships accordingly. Even when using the eligibility list, your employer and EGYM Wellpass process your personal data within the framework of joint controllership pursuant to Art. 26 GDPR. The essential contents of the joint controllership agreement concluded between your employer and EGYM Wellpass will be made available to you by your employer. The affected employees are informed about the data processing by the employer. - Fitness facilities (EGYM Wellpass partner facilities): We share information, including your name, the account ID and your check-ins, with the EGYM Wellpass partner facilities at which you train. This is necessary for proper billing between EGYM Wellpass and the EGYM Wellpass partner facility. - Fitness facilities (EGYM Wellpass partner facilities) and their software providers: Within the scope of check-ins, course and training bookings as well as to enable certain access and verification functions via the EGYM Wellpass App, we transmit the personal data required for this to the respective EGYM Wellpass partner facilities. This includes in particular your first and last name, booking- and check-in-related information, information about the status or term of your EGYM Wellpass membership as well as – insofar as required for the respective function – your email address and a technical user or member identifier. This may be necessary in particular to carry out a booking, to verify your training eligibility, to create a local access or member profile in the training facility's studio management software or to enable you to access the training facility via QR code, barcode, RFID/NFC medium or comparable access means. You can find further details on the data processing in connection with check-in, access and booking functions above under sections 4 b) bd., 4 b) be. and 4 b) bn. The training facilities process the transmitted data under their own data protection responsibility and may use their own software providers for this purpose. The use of the transmitted data for other purposes, e.g. for the training facility's own advertising or marketing purposes, is not permitted. - Participation in challenges/promotions of EGYM Wellpass / your employer: From time to time you may take on a challenge in the App or take up a promotion offered via the App that EGYM Wellpass offers in cooperation with your company/employer. If you participate in a challenge of EGYM Wellpass, we may make available to your company/employer summarised information not related to individual users about the total number of participants in a challenge, total results of the challenge, total number of participants who completed the challenge and further statistical and aggregated data, but not data personally identifying you, such as your email address or your name. (The foregoing does not apply to EGYM Wellpass Plus1 members.) - Other EGYM Wellpass users/members: You can also choose whether you wish to make information about your activities and performance in the App available to other members/trainees as well (e.g. within the scope of ranking lists), by making your information “public” in the privacy settings of the application, or you can set it to “private” so that no one other than you can see it. - Email dispatch service provider: For sending our newsletter to you, we use the email dispatch service provider Mailchimp (The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, Georgia 30308, USA), which processes your email address on our behalf and only within the scope of our instructions on the basis of a data processing agreement pursuant to Art. 28 GDPR for the purpose of sending the newsletter, but not for other purposes and not for the email dispatch service provider's own contact. The email addresses of the newsletter recipients are stored on Mailchimp's servers outside the European Union/the European Economic Area in the USA. The EU Standard Contractual Clauses have been concluded with Mailchimp. - Partners/retailers in connection with the rewards programme: If you participate in our rewards programme and wish to redeem a reward that is provided by a partner or retailer (e.g. a physical reward or the redemption of a voucher with a partner), we transmit the data required for the redemption or receipt of the respective reward to the partner/retailer, insofar as this is necessary for the redemption of the reward by you. - Other EGYM Wellpass users/members: When participating in a challenge, the following data/information about you is visible to other EGYM Wellpass members who are also participating in the challenge within the ranking list: If you set your profile to “public” in the settings of the application, other EGYM Wellpass members who participate in the challenge can see your name, your photo (if stored) as well as your overall progress and your ranking within the challenge in the ranking list. However, you can set your profile to “private” and provide a self-chosen username for the challenge, which does not have to be identical to your real name. In this case, only the username you have chosen yourself and your overall progress and ranking are visible in the ranking list to other EGYM Wellpass members who participate in the challenge. - To provide the support and chat function in our App, we use the service provider Intercom as a processor. Intercom processes personal data exclusively on our behalf and on the basis of a data processing agreement pursuant to Art. 28 GDPR. - In addition, we use service providers who provide services for us in connection with web hosting and we also use cloud- or web-based software solutions of third parties that enable us to manage and host personal data in the cloud with external service providers, in order to relieve our own servers and to work effectively with new software solutions. We have concluded data processing agreements with the respective service providers that ensure that the respective service providers do not process the data for their own purposes, but only within the scope of our instructions and on our behalf. The legal basis for the use of the service providers is Art. 6(1)(f) GDPR (processing is necessary to protect the legitimate interests of the controller) in conjunction with Art. 28 GDPR (processing on behalf of the controller). - Some of the service providers we use, who process personal data for us on our behalf and within the scope of our instructions as so-called processors pursuant to Art. 28 GDPR, are based outside the EU/the EEA. Before transmitting data to processors outside the EU/the EEA, we ensure that an adequate level of data protection exists at the processor. This results, for example, for processors in countries such as Canada and Israel from an adequacy decision of the EU Commission (so-called safe third countries) and, for other processors, from the conclusion of the EU Standard Contractual Clauses before the start of the processing by the respective processor. In addition, we also select the service providers according to whether they provide additional safeguards, such as acquired protection certificates and/or evidence of additional and adequate technical and organisational measures to protect your personal data (e.g. encryption of data). - Payment service providers: For the secure payment processing of your membership fees, we use the payment service providers Stripe (Stripe Payments Europe, Limited (SPEL), 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H10, Ireland) and Adyen (Adyen N.V., Simon Carmiggeltstraat 6-50, 1011 DJ Amsterdam, Netherlands), which process your payment data and personal details on our behalf and only within the scope of our instructions on the basis of a data processing agreement pursuant to Art. 28 GDPR for the purpose of debiting your membership fee. Further information can be found in Stripe's privacy policy and in Adyen's privacy policy.
6. Storage period and deletion of data
We generally store personal data only for as long as this is necessary to achieve the respective processing purposes or we are legally obliged to retain it. If the respective purpose ceases to apply or there is no legal basis for further storage, the data is deleted or – where applicable – its processing is restricted. In detail, the following principles apply in particular: - Data in connection with your EGYM Wellpass user account and your membership: We generally process personal data in connection with your Wellpass membership, your App user profile and in connection with the use of the App for the duration of your membership. After the membership ends, this data is deleted, insofar as its further storage is not exceptionally necessary, in particular for handling outstanding contractual or billing relationships or for fulfilling statutory retention obligations. - Check-in and booking data: We store data on check-ins and bookings of training activities beyond the end of your membership for a period of up to twelve months, insofar as this is necessary in order to carry out billing towards participating EGYM Wellpass partner facilities and to be able to trace and clarify any queries, complaints or incorrect bookings. After this period has expired, the corresponding data is deleted, unless statutory retention obligations preclude this. - Communication data: We generally store personal data from communication with us, for example in connection with support requests, the use of the chat function or other contacts, only for as long as this is necessary to handle your request. After final handling, this data is generally deleted within six months of your request being dealt with. Insofar as your communication relates to the contractual relationship/your membership, it is retained for a period of six years after the end of the membership on the basis of the statutory retention obligations for contractual communication. - Data in connection with sending our newsletter: We store data that we process in connection with sending our newsletter for the duration of your subscription to the newsletter. After unsubscribing or withdrawing your consent, the corresponding data is deleted. - Anonymised or aggregated data: Anonymised or aggregated data, for which a personal reference is permanently excluded, is not subject to a personal storage period. This concerns in particular summarised statistical evaluations of the use of the EGYM Wellpass offering (e.g. aggregated check-in statistics or location-based evaluations), for which conclusions about individual persons are no longer possible.
Please note that a restriction of processing takes the place of deletion insofar as statutory retention obligations preclude deletion. This includes in particular retention obligations under commercial and tax law (e.g. pursuant to Section 257 of the German Commercial Code (HGB) or Section 147 of the German Fiscal Code (AO)), according to which certain documents relevant to contracts and billing (e.g. contractual communication, invoices, payment transactions/bookings and contracts) must be retained for periods of up to ten years. In these cases, the data concerned is blocked for other purposes and only deleted after the statutory retention periods have expired. The user's payment data is stored for a maximum period of 90 days after the end of the membership and is then irrevocably deleted.
7. Technically required files / log files / information transmitted by your browser – website and App
a. Technically required data when using our website / log files
In the case of merely informational use of our website, i.e. when you do not use our contact form to request further information or one of the services offered on our website (e.g. booking a newsletter), we only collect the data that your browser transmits to our server. For the use of cookies for web analysis and advertising purposes, please see the separate information in section 8 below.
Each time the internet is used, your internet browser automatically transmits certain information that is stored by us in so-called log files. This concerns the following data, which is necessary in order to display our website to you and to ensure stability and security: IP address (internet protocol address), date and time of the request, content of the request (specific page), access status/HTTP status code, the amount of data transferred in each case, the website from which the request comes, the browser, operating system and its interface, language and version of the browser software. We cannot draw conclusions about individual persons on the basis of this data.
This data is stored by us for reasons of technical security, e.g. to defend against attacks on our web server, whereby the data is anonymised after seven days at the latest by shortening the IP address at the domain level, so that it is no longer possible to establish a reference to the individual website user. Storage or retention of the log files beyond the aforementioned period only takes place if the further storage or retention is necessary for evidentiary purposes in the event of a security incident, e.g. in the event of an attempted attack on our website/server, and the log files are deleted after the relevant security incident has been clarified. The legal basis for the processing described above is Art. 6(1)(f) GDPR (processing is necessary to protect the legitimate interests of the controller).
b. Technically required data when using our App
When using the App, we collect the personal data described below in order to enable the convenient use of the functions. If you wish to use our App, we collect the following data that is technically necessary for us in order to offer you the functions of our App and to ensure stability and security (the legal basis is Art. 6(1)(f) GDPR – processing within the scope of the legitimate interests of the controller): IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, the amount of data transferred in each case, the website from which the request comes, the browser, operating system and its interface, language and version of the browser software. To ensure that you use our App in accordance with our contractual provisions pursuant to our General Terms and Conditions, in particular that you do not make your user account and your access data accessible to third parties without authorisation, we process your device ID when you use our App. This processing is necessary for the rights and obligations arising from the performance of the contractual relationship; the legal basis for this is Art. 6(1)(b) GDPR.
8. Use of cookies in our EGYM Wellpass App
a. Use of cookies and tracking technologies on our website
For the use of cookies and tracking technologies on our website, please see the separate information in our Cookie Policy.
b. Use of cookies and tracking technologies in our App
The following policies apply to the use of tools and tracking technologies in our EGYM Wellpass App:
ba. For which purposes do we use tools and tracking technologies in the App?
When you use the App, we use tracking technologies to enable you to access your user account, to analyse and remedy App errors and stability problems, to obtain aggregated insights into the use of the App by users and to enable you to have a better user experience. In doing so, we also use the technologies of third-party service providers, which we list individually in section b below and which act for us within the framework of processing on behalf of the controller pursuant to Art. 28 GDPR and thus process data only on our behalf and within the scope of our instructions. Some of the service providers we use, who process personal data for us on our behalf and within the scope of our instructions as so-called processors pursuant to Art. 28 GDPR, are based outside the EU/the EEA, e.g. in the USA. Before transmitting data to processors outside the EU/the EEA, we ensure that an adequate level of data protection exists at the processor. This results, for example, for processors in countries such as Canada and Israel from an adequacy decision of the EU Commission (so-called safe third countries) and, for other processors, from the conclusion of the EU Standard Contractual Clauses before the start of the processing by the respective processor. In addition, we also select the service providers according to whether they provide additional safeguards, such as acquired protection certificates and/or evidence of additional and adequate technical and organisational measures to protect your personal data (e.g. encryption of data). The legal basis for the use of the tracking technologies for the aforementioned purposes in our App is Art. 6(1)(f) GDPR (processing is necessary to protect the legitimate interests of the controller). You can find details on this below in connection with the individual tools used. The use of location data from your device within the scope of check-in, access and search functions takes place independently of the tracking and analysis technologies described in this section and is not part of the App analysis or user tracking. You can find further information on this above under section 4 b) bd).
bb. Tools and tracking technologies used
Below you will find information on the individual tools used by us and by third parties in our App for the aforementioned purposes: - Google Analytics App Tracking:
Our App uses Google Analytics, an analytics service of Google Inc. (“Google”). Google Analytics uses so-called “IDs”, i.e. identifiers that are stored on your mobile device and that enable an analysis of your use of the App as well as an analysis of the visitor flow. The information generated by the IDs about your use of the App is generally transmitted to a Google server in the USA and stored there. We have activated IP anonymisation within this App. Therefore, your IP address is shortened beforehand by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this App, Google will use this information to evaluate your use of the App, to compile reports on the App activity and to provide further services to the App operator associated with the use of the App. The IP address transmitted from your mobile device within the scope of Google Analytics is not merged with other data held by Google.
You can find more detailed information on this at http://www.google.com/intl/de/analytics/privacyoverview.html (general information on Google Analytics and data protection).
In addition, you can opt out of the collection of the data directly in the settings on your mobile device. For applications on mobile devices from Apple (iOS operating system) and Android, you can opt out in the App's privacy settings. However, please note that you may sometimes not be able to use the functions of the App to their full extent if you opt out. - Use of Crashlytics:
We use the tool Crashlytics in the App. With the help of this tool, analyses of crashed apps can be carried out in order to enable us to react more quickly to errors and bugs and to continuously improve the stability of our App. In doing so, exclusively aggregated and anonymised data is transmitted to Crashlytics, in no case personal data. You can find more detailed information on Crashlytics at http://try.crashlytics.com/terms/, there under section 2 (Developer Information).
9. Data protection notices on data processing within the scope of our presences on social media platforms
On the social networks, services and platforms (hereinafter “social networks”) Instagram (https://www.instagram.com/egym.wellpass.de/), YouTube (https://www.youtube.com/@egym.wellpass-de), LinkedIn (https://www.linkedin.com/company/egym-wellpass-de/) and TikTok (https://www.tiktok.com/@egym.wellpass.de), we maintain presences and communication channels in order to provide you with information about our company and our services within social networks, to communicate with you, to publish content (e.g. videos) and to draw attention to career opportunities. In addition, we use the platforms to display advertisements. In the following, we inform you about which data we or the respective social network process about you in connection with accessing and using our presences on social media channels.
a. Controller and contact for the Data Protection Officer
The controller within the meaning of Art. 4(7) of the European General Data Protection Regulation (GDPR) is EGYM Wellpass GmbH, Einsteinstraße 172, 81677 Munich, Germany. You can contact our Data Protection Officer at any time with data protection-related matters by email at datenschutz@egym.de or by post to the above address marked “Data Protection Officer”.
b. Your rights
You have the following rights against us with regard to the personal data concerning you (for personal data processed by the social networks, please see the information under d below): – Right of access (Art. 15 GDPR), – Right to rectification (Art. 16 GDPR), – Right to erasure (Art. 17 GDPR; “right to be forgotten”), – Right to restriction of processing (Art. 18 GDPR), – Right to object to processing (Art. 21 GDPR), – Right to data portability (Art. 20 GDPR). You also have the right to lodge a complaint with a data protection supervisory authority in the Member State of your residence, place of work or the place of the alleged infringement regarding our processing of your personal data, if you consider that the processing of the personal data concerning you is unlawful. Insofar as you have given us consent to process your data, you can withdraw it at any time with effect for the future. The lawfulness of the processing of your data up to the withdrawal remains unaffected by this. To exercise your rights or for any other data protection matters, you can contact us at any time via the contact channels stated in section a above and/or those listed in our legal notice (Impressum).
c. Additional notice regarding your right to object
We additionally point out that insofar as processing of your personal data takes place on the basis of legitimate interests within the framework of the balancing of interests pursuant to Art. 6(1)(f) GDPR and/or your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data.
d. Data that we process about you
aa. Contacting us via messenger / direct message
If you wish to contact us via messenger or direct message through the respective social network, we generally process your name or username through which you contact us and, where applicable, store further data communicated by you (e.g. your name/your address), insofar as this is necessary to handle/answer your request. The legal basis is Art. 6(1)(f) GDPR (processing is necessary to protect the legitimate interests of the controller). We have a legitimate interest in offering persons interested in our company simple and convenient ways of contacting us, including on our social media presences. The use of the messenger or direct message functions of the social networks is voluntary. Alternatively, you can reach us at any time via the contact channels stated in this Privacy Policy (e.g. email, post or contact form).
bb. (Static) usage data that we receive from the social networks
Via the Instagram Insights and LinkedIn Insights functionalities, we receive statistics provided regularly and automatically concerning our social media presences. The statistics contain, among other things, the total number of page views, likes, information on page activities and post interactions, reach, video views as well as information on the proportion of men/women among our followers and statistics/measurement data on the reach and success of the advertisements we place on the social networks. The statistics made available to us are aggregated and do not allow us to draw conclusions about individual identifiable persons. Insofar as we use so-called Insights, statistics or analysis functions from the social networks, the processing of the personal data associated with this takes place in part in joint controllership pursuant to Art. 26 GDPR with the respective platform operator. The joint controllership is in each case limited to the creation and provision of aggregated usage statistics.
cc. Participation in prize draws/promotions
Insofar as you have a user account with the respective social network and wish, for example, to participate in a prize draw or a similar promotion organised by us on Instagram, we collect the data from you that is necessary for participation in and the carrying out of the prize draw, including notification of the prize and its dispatch. This is generally the username of the participant, and from the winners additionally, after the prize notification has been sent, the request for the real name and address as well as, where applicable, the email address. The legal basis is Art. 6(1)(b) GDPR (processing is necessary for the performance of a contract-like relationship with the data subject). We provide additional information on the respective data processing within the scope of the terms of participation of the respective prize draw.
e. Which data the social networks process about you / your rights against the social networks
In order to be able to view the content of our social media presences, you generally do not need to be a member of the respective social network and no user account for the respective social network is required in this respect. However, please note that the social networks collect and store data also from website visitors without a user account when the respective social network is accessed (e.g. technical data in order to be able to display the website to you) and use cookies and similar technologies, over which we have no influence whatsoever. You can find details on this in the data protection provisions of the respective social network (see the corresponding links below at the end of this section). Insofar as you wish to interact with the content on our social media presences, e.g. comment on, share or like our postings/posts and/or wish to contact us via messenger functions, prior registration with the respective social network and the provision of personal data is required. We have no influence over the data processing by the social networks within the scope of use by you. To our knowledge, your data is stored and processed in particular in connection with the provision of the services of the respective social network, furthermore for the analysis of usage behaviour (using cookies, pixels/web beacons and similar technologies), on the basis of which advertising based on your interests is displayed both within and outside the respective social network, as well as for advertising and marketing purposes. It can also be assumed that personal data is also transmitted by the platform operators to third countries (in particular the USA). Information, among other things, on the exact scope and the purposes of the processing of your personal data, the storage period/deletion as well as policies on the use of cookies and similar technologies within the scope of registration and use of the social networks can be found in the data protection provisions/cookie policies of the social networks; there you will also find information on your rights and options to object. We recommend that you assert your data protection rights to access, rectification, erasure, restriction of processing, objection and data portability directly against the respective social network, insofar as it concerns data processing by the social networks: - Instagram: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; data protection information: https://privacycenter.instagram.com/policy / cookie information: https://www.instagram.com/privacy/cookie_settings/ - LinkedIn: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; data protection information: https://www.linkedin.com/legal/privacy-policy / cookie information: https://www.linkedin.com/legal/cookie-policy - YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; data protection information: https://policies.google.com/privacy / cookie information: https://policies.google.com/technologies/cookies - TikTok: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland; data protection information: https://www.tiktok.com/legal/page/eea/privacy-policy/en / cookie information: https://www.tiktok.com/legal/page/global/tiktok-website-cookies-policy/en
Last updated: May 2026