24 Hour Fitness In-Club (Offline) Privacy Policy
Last modified 07/01/2024 (view archived versions )
Last modified 07/01/2024 (view archived versions )
This Privacy Notice describes the information collection, use, retention, and sharing practices of 24 Hour Fitness USA, LLC, and its affiliates and subsidiaries (“24 Hour Fitness”, “we”, “our”, or “us”), when you interact with us offline and in-person at our 24 Hour Fitness clubs (collectively, our “Services”).
This Privacy Notice does not apply to personal information we collect through our website www.24hourfitness.com (“Website”), our mobile application 24GO® (“Mobile App”), your online browsing, and other electronic and digital means of communication. For information on how we use personal information in those contexts, please visit our Website Privacy Notice.
I. PERSONAL INFORMATION WE COLLECT, WHY, AND FOR HOW LONG
When you engage with our Services, we collect your personal information which is information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly to you, as well as personal information related to individuals that you include as part of your membership plan, such as additional members on your membership plan or a buddy or guest, where there is a legitimate reason to do so in connection with our relationship with you. To the extent we collect personal information of others that you have provided to us, you should inform them that you are providing this information to us and why, and make sure this is acceptable to them.
When you engage with our Services, we collect your personal information when you:
Enroll as a Member. When you enroll as a member of 24 Hour Fitness in person, at the club, we collect, from you:
Your personal identifiers (name, date of birth, phone number, email address, and mailing address) and your protected identifiers (gender), if provided. We use this information to create your membership account, communicate with you about your membership and our Services, send you marketing communications about our Services and facilitate your access to our clubs. Marketing emails may include third party advertisements, but 24 Hour Fitness does not share your email address or information with these third party advertisers. You can unsubscribe at any time by clicking the “unsubscribe” link included with each email. Note that we will continue to send you transactional notifications. Our emails include a tracking pixel that tracks whether you open the email and whether you click banners in the email and your subsequent clicks and usage of our Website. We use this information to send you additional email communications which may be of interest to you based on your interaction with our emails and/or Website. You can avoid downloading the pixel by rejecting the download of images in the email. If you opt in to receive automated promotional text messages, we may use the cellular telephone number you provide to send you automated promotional text messages through an automated dialing system. Message and data rates will apply. Message frequency varies. Consent to receiving automated promotional text messages is not a condition of purchase. You can opt out at any time by replying STOP, CANCEL, or UNSUBSCRIBE. For information about our text programs, or for support, reply HELP or by contacting us toll-free at (888) 914-9661 PIN 036085. Note that we may continue to send you transactional messages.
If you use the enrollment form on our Website, we will also collect from you your internet or other electronic network activity information as set forth in our Website Privacy Notice.
Using our third party payment provider, your financial information (account type, account holder name, bank name, if paying by bank account or cardholder name if paying by credit card) and your sensitive financial information (ABA/routing number and bank account number, if paying by bank account, or payment card number, expiration date, and CVV if paying by credit card). We use this information to process your payment for your membership purchase.
The identifiers (name, date of birth, phone number, email address, mailing address, and gender) of additional members you choose to include on your membership plan, if any. We use this information to communicate with the member(s) you have added to your membership account about our Services and facilitate their access to our facilities.
Your selected Services (membership type, personal training services, Fitness Consultation/Appointment) when you purchase your membership. We use this information to provide you with the services associated with your purchased membership.
Your identifiers on your signed liability waiver (name, signature, date). We use this to confirm your acknowledgment that you are informed of the reasons for the waiver and to obtain the waiver.
Sign-up for Our Fitness Experience Service. When you sign up for a Fitness Experience service, we collect from you your personal identifiers (name, age, gender, email address, address, date of birth, phone number, emergency contact). We also collect from you, with your consent where required by law, your health information (sensitive) such as health conditions which may impact or be impacted by exercise. We use this information, including a physician’s release, if necessary, to determine your eligibility for participating in our Fitness Experience service. We retain your identifiers consistent with the rest of the information described in this section related to enrollment in Fitness Experience. If you are determined eligible for Fitness Experience and you decide to enroll, we will collect from you, with your consent where required by law, additional personal health information (sensitive) (height, date, weight, resting heart rate, training heart rate, body measurements and attributes like body fat and bicep circumference. We use this information to set goals and track progress while you participate in Fitness Experience.
Sign-up for Personal Training Services. When you sign up for personal training services, we collect from you your personal identifiers (name, age, gender, email address, address, date of birth, phone number, emergency contact). We also collect from you, with your consent where required by law, health information (sensitive) which may impact or be impacted by exercise (same as what we collect for the Fitness Experience service). We use this information, including a physician’s release, if necessary, to determine your eligibility for participating in our personal training services. We retain your identifiers consistent with the rest of the information described in this section related to enrollment in personal training. If you are determined eligible for personal training services, and you decide to enroll, we will collect from you, with your consent where required by law, additional personal health information (sensitive) as is described above under “Sign-up for our Fitness Experience service.” We use this information to set goals and track progress while you utilize our personal training services.
Sign-up for Third Party Fitness Classes. When you sign up for certain fitness classes made available to you through our partnership with third party fitness class providers, we collect, from you, your personal identifiers (name, email address, telephone number). We share this information with our provider to register and facilitate your participation in these classes. Your participation in the classes is subject to the provider’s own terms and privacy notice, which is made available to you when you sign up. Please make sure you review the third party provider’s policy before you sign up.
Guest Registration. If you register as a guest, we collect from you your identifiers (e.g., name, date of birth, telephone number, email address, and gender (if provided)). We also use this information to send you marketing communications about our Services. Marketing emails may include third party advertisements, but 24 Hour Fitness does not share your email address or information with these third party advertisers. You can unsubscribe at any time by clicking the “unsubscribe” link included with each email. Note that we will continue to send you transactional notifications. Our emails include a tracking pixel that tracks whether you open the email and whether you click banners in the email and your subsequent clicks and usage of our Website. We use this information to send you additional email communications which may be of interest to you based on your interaction with our emails and/or Website. You can avoid downloading the pixel by rejecting the download of images in the email. If you opt in to receive automated promotional text messages, we use the cellular telephone number you provide to send you automated promotional text messages through an automated dialing system. Message and data rates will apply. Message frequency varies. Consent to receiving automated promotional text messages is not a condition of purchase. You can opt out at any time by replying STOP, CANCEL, or UNSUBSCRIBE. For information about our text programs, or for support, reply HELP or by contacting us toll-free at (888) 914-9661 PIN 036085. To confirm your identity, we will ask to review formal identification (e.g., government issued ID, school ID, etc.) at the time of check-in. We use this information only to identify you upon entry to the club and to track your attendance at our clubs. We do not store a copy of your ID.
Buddy Pass Registration. If you or a member registers you as a “buddy,” we collect your personal identifiers (first and last name, email, telephone number, date of birth, physical address), and protected identifiers (gender (if provided)). We also use this information to send you marketing communications about our Services. Marketing emails may include third party advertisements, but 24 Hour Fitness does not share your email address or information with these third party advertisers. You can unsubscribe at any time by clicking the “unsubscribe” link included with each email. Note that we will continue to send you transactional notifications. Our emails include a tracking pixel that tracks whether you open the email and whether you click banners in the email and your subsequent clicks and usage of our Website. We use this information to send you additional email communications which may be of interest to you based on your interaction with our emails and/or Website. You can avoid downloading the pixel by rejecting the download of images in the email. If you opt in to receive automated promotional text messages, we use the cellular telephone number you provide to send you automated promotional text messages through an automated dialing system. Message and data rates will apply. Message frequency varies. Consent to receiving automated promotional text messages is not a condition of purchase. You can opt out at any time by replying STOP, CANCEL, or UNSUBSCRIBE. For information about our text programs, or for support, reply HELP or by contacting us toll-free at (888) 914-9661 PIN 036085. To confirm your identity, we will ask to review formal identification (e.g., government issued ID, school ID, etc.) at the time of check-in. We use this information only to identify you upon entry to the club and to track your attendance at our clubs. We do not store a copy of your ID.
Participate in a Corporate Sponsored Program. When you participate in a corporate sponsored membership, we enroll you as a member (see above) and verify your employment information through employment ID or other verifiable document. This means we review the information but do not retain a copy of the employment document.
Participate in a School-Related Program. When you participate in a school-related program, we enroll you as a member (see above) and manually verify your status as a student through a valid student identification card or official proof of school enrollment for the current year. This means we review the information but do not retain a copy of the document.
Participate in a Health Insurance Related Program. When you participate in a health-insurance related membership, we collect from you your identifiers (unique identifier with your Medicare advantage fitness benefit provider or first name, last name and date of birth). We use this information to enroll you in the membership, and to update the insurance provider of your usage statistics, insurance identification number, how often you use one of our facilities, and to bill your insurance provider the cost of your membership.
Check-In at a 24 Hour Fitness. To check-in, you may utilize a touchless, biometric, or manual check-in as set forth below:
Utilize Our Touchless Check-In System. If you prefer to check-in at 24 Hour Fitness using the Touchless Check-In System available on 24GO® App, you will need to upload a photo to the App, subject to your consent collected separately. With the assistance of Muuv Solutions, LLC (our service provider that manages our 24GO® App), we will store a digital copy of the photo that you upload to our system. Your photo will appear when you scan the barcode provided on your 24GO® App to help identify you at the time of entry. We will use your photo only to confirm your identity at the time of check-in. We do not sell, lease, rent, trade, or otherwise transfer your digital photo on the 24GO® App to any third parties. If, at any point, you’d like to delete your profile photo, contact 24GO support at support@24go.zendesk.com and your photo will be deleted from the App. Your photo will also be deleted no later than 15 days after your membership is terminated. However, your photo will remain as part of our backup data for as long as reasonably necessary to achieve the purposes described herein, or any other notice provided at the time of collection, taking into account applicable statutes of limitation and records retention requirements under applicable law. If you choose to delete your photo, you will need to use one of our other check-in methods like presenting formal photo ID for us to confirm your identity or our cardless entry methods.
Utilize Our Biometric/Cardless Check-In System. If you prefer to check-in at 24 Hour Fitness using the Biometric/Cardless Check-In, and subject to your consent collected separately, we collect from (by scanning on our machine) you your biometric identifiers (finger or thumb scan) to generate a unique identification number and your self-selected 10-digit check-in code. As part of this process, when you scan your finger (or thumb), we chart the distance between a few distinct points that are unique to you. We then, through our third party provider, attribute a unique mathematical representation of your fingerprint. Each time you scan your finger, a new representation is created and compared against the one stored in our system and attributed to you. We use this information only to verify your identity and keep track of member attendance at our facilities. We do not sell, lease, rent, trade or otherwise transfer the data collected by the Biometric/Cardless Check-In system to any third parties. We retain your identifying representation, and 10-digit check-in code and the parameters matching the code to the scan for as long as you retain your membership. We will automatically delete these identifiers from our system within thirty (30) days after you terminate your membership with us. You may request that we delete this information at any time by going into a 24 Hour Fitness club and opting out of Cardless Check-in Enrollment (bio enrollment). Upon deletion, this data is deleted both in memory and on disc; however, it remains as part of our backup data for a period of no more than (30) days, at which point the data is overwritten by newly stored data. If you opt out of using our Biometric/Cardless Check-In System, you will need to use one of our other check-in methods like presenting formal photo ID for us to confirm your identity or our touchless entry method. For more information, please see our Website Privacy Notice.
Utilize Our Manual Check In. To confirm your identity, we will ask to see formal identification (e.g., government issued ID, school ID, etc.). We use this information only to identify you upon entry to the club and to track member attendance at our facilities. We do not store a copy of your ID.
If You Use Our In-Club Wireless Access. You will need to create an account with our third party provider and agree to the provider’s terms and privacy notice. We do not receive from the provider any information in relation to your use of the in-club wireless access.
Marketing Activities. We use your personal identifiers, collected as described above, as well as from third party providers (for example: age range, membership type, average income, education), and information regarding your engagement with our services (frequency of visits, interaction with personalized services like personal training, classes taken etc.) to identify user trends and insights in efforts to improve our existing products and services and assist in developing new products or services. We also share this information with third parties for the purpose of marketing and advertising to you on other platforms as described in Sharing in the Preceding 12 Months.
Aggregated Information. In addition to the above, we aggregate or deidentify the personal information we collect from you to use for benchmarking, research, and marketing purposes.
For Legal Purposes. We may process your personal information where we are legally required to do so, such as in response to court orders, requests by law enforcement, including for national security purposes; to establish, protect, or exercise our legal rights, as required to enforce our terms of service or other contracts; to defend against legal claims or demands; to detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person; or to comply with the requirements of any applicable law.
Data Retention. We retain each category of personal information identified above for as long as reasonably necessary to achieve the purposes described herein, or any other notice provided at the time of collection, taking into account applicable statutes of limitation and records retention requirements under applicable law, unless otherwise stated above. We may need to use and retain your personal information for longer than the periods indicated for purposes of:
II. HOW WE SHARE YOUR PERSONAL INFORMATION
A. General Sharing
24 Hour Fitness shares personal information in the following instances:
Within 24 Hour Fitness. We share your personal information within 24 Hour Fitness for the legitimate business purposes of efficiently and effectively providing Services.
In the Event of a Corporate Reorganization. In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we would share personal information with third parties, including the buyer or target (and their agents and advisors) for the purpose of facilitating and completing the transaction. We may also share personal information with third parties in the course of any bankruptcy or liquidation proceeding we may undergo.
With Third Parties. We may need to disclose your personal information to third parties, such as vendors and service providers to provide the Services, as well as to legal advisors, law enforcement agencies, or government/regulatory bodies to protect our legal interests and other rights, protect against fraud or other illegal activities, prevent harm, for risk management purposes, and to comply with our legal obligations.
For Legal Purposes. We will share your personal information where we are legally required to do so, such as in response to court orders, law enforcement or legal processes, including for national security purposes; to establish, protect, or exercise our legal rights, as required to enforce our terms of service or other contracts; to defend against legal claims or demands; to detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person; or to comply with the requirements of any applicable law.
With Your Consent. Apart from the reasons identified above, we may request your permission to share your personal information for a specific purpose. We will notify you and request consent before you provide the personal information or before the personal information you have already provided is shared for such purpose. You may revoke your consent at any time.
In the preceding twelve (12) months, 24 Hour Fitness has disclosed the following categories of personal information for a business purpose to the following categories of third parties:
We have disclosed consumers’ personal identifiers, financial information, and internet or other electronic network information with third parties who provide services to us such as Website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, text messaging, credit card or other payment account processing, auditing, and similar services.
We have disclosed consumers’ personal identifiers and internet or other electronic network information to IT support to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and to identify and repair errors that impair functionality.
If consumers have a corporate employer sponsored or health insurance sponsored membership, upon the request of respective employers or insurance providers, we have shared personal identifiers, usage statistics, insurance identification number, and how often one frequents our clubs.
C. Sale of Personal Information
In the preceding twelve (12) months, 24 Four Fitness has shared your personal identifiers (name, email address, telephone number) and information with respect to your usage and engagement of our Services with third party marketing providers and ad networks in PERSONAL INFORMATION WE COLLECT, WHY, AND FOR HOW LONG, to create lookalike audiences and to serve targeted advertisements regarding goods and services that may be of interest to you when you use our Websites and online services, based on information relating to your access to and use of our clubs, Websites and other Website and online services on any of your devices, as well as on information received from you both online and offline and from third parties.
Such sharing may be deemed a sale or sharing under the California Privacy Rights Act (“CPRA”) or the Colorado Privacy Act (“CPA). For California or Colorado residents, to opt out of this sale, please visit Do Not Sell or Share My Personal Information
In the preceding twelve (12) months, 24 Four Fitness has also shared your personal identifiers (name, email address, telephone number) to our third party fitness class providers to send you promotional emails. This sharing may be deemed a sale under the CPRA or CPA. For California or Colorado residents, to opt out of this sale, please visit Do Not Sell or Share My Personal Information
III. RIGHTS OF CALIFORNIA AND COLORADO RESIDENTS
The California Privacy Rights Act (“CPRA”) and the Colorado Privacy Act (“CPA”) entitle California residents and Colorado residents, respectively, to certain rights. To the extent the CPRA or the CPA apply to our processing of your personal information, you are entitled to the following rights:
Right to Access/Know. You have the right to request what personal information we have collected, used, disclosed, and sold about you, unless doing so proves impossible or would involve disproportionate effort. You may only make a request for access twice within a 12-month period. To exercise your right to access your personal information, you may submit a request by completing our webform, or by contacting us toll-free at (888) 914-9661 PIN 036085.
Right to Deletion. You have the right to request the deletion of your personal information that we collect or maintain, subject to certain exceptions. For example, we may be required to retain certain records for legal or tax and accounting purposes. To exercise your right to delete your personal information, you may submit a request by completing our webform, or by contacting us toll-free at (888) 914-9661 PIN 036085.
Right to Correct. You have the right to correct inaccurate personal information that we collect or maintain. To exercise your right to correct your personal information, you may submit a request by completing our webform, or by contacting us toll-free at (888) 914-9661 PIN 036085.
Right to Opt Out of Sale/Sharing. You have the right to opt out of the sale or sharing of your personal information to third parties. 24 Hour Fitness does not have actual knowledge that it sells or shares personal information of minors under the age of sixteen (16) years without their consent. To opt out of the sale or sharing of your personal information via cookies, please visit Do Not Sell or Share My Personal Information. To opt out of the offline sale of your personal information for marketing purposes, you may submit a request by completing our webform, or by contacting us toll-free at (888) 914-9661 PIN 036085.
Right to Limit Use of Sensitive Personal Information: You have the right to limit the use of your sensitive personal information when such use goes beyond that which is necessary for providing the services or certain other permissible purposes like fraud, customer service or quality control. Sensitive information includes Social Security number, driver’s license number, biometric information, precise geolocation, and racial and ethnic origin. 24 Hour Fitness does not use sensitive information collected In-Club in a matter that gives rise to this right.
Right to Non-Discrimination. You have the right to be free from discriminatory treatment if and when you exercise your rights to access, delete, correct, opt out, or limit use of sensitive personal information under the CPRA or CPA.
For additional information regarding how to exercise your rights, please see EXERCISING YOUR RIGHTS below.
IV. ADDITIONAL RIGHTS FOR COLORADO RESIDENTS
The CPA entitles Colorado residents to the rights referenced in Section III, plus the additional rights described below. To the extent the CPA applies to our processing of your personal information, you, as a Colorado resident, are entitled to the following additional rights:
Right to Data Portability. You have the right to ask that we transfer the personal information you provided us from one organization to another or provide it to you. However, you may exercise this right no more than two times per calendar year. To exercise your right to data portability, you may submit a request by completing our webform, or by contacting us toll-free at (888) 914-9661 PIN 036085.
Right to Opt Out of Sale and Targeted Advertising. You have the right to opt out of the processing of your personal information for targeted advertising purposes. To exercise your right to opt out of targeted advertising, you may submit a request by completing our webform, or by contacting us toll-free at (888) 914-9661 PIN 036085.
Right to Appeal. You have the right to appeal an action taken (or not taken) by 24 Hour Fitness in response to your request. We will inform you of any action we have taken in response to your request without delay and, in any event, within forty-five (45) days after we receive your request. To exercise your right to appeal, you may submit your appeal by completing our webform, or by contacting us toll-free at (888) 914-9661 PIN 036085. If you are concerned with our response as a result of your appeal, you may submit a complaint to the Colorado Attorney General here.
For additional information regarding how to exercise your rights, please see EXERCISING YOUR RIGHTS below.
V. EXERCISING YOUR RIGHTS (California or Colorado Residents Only)
To exercise your rights, as applicable, you may submit a request by completing our webform or by contacting us toll-free at (888) 914-9661 PIN 036085.
For requests submitted via telephone, you must provide us with sufficient information that allows us to reasonably verify you are the person about whom we collected the personal information and describe your request with sufficient detail to allow us to properly evaluate and respond to it. This would generally be your name and the membership number. In doing so, we will take steps to verify your request by matching information provided by you with the information we have in our records. If we are not able to verify your identity for access and deletion requests with the information provided, we may ask you for additional information.
Only you, or a person that you authorize to act on your behalf may make a request related to your personal information. If you are an authorized agent making a request on behalf of another individual, you must provide us with signed documentation that you are authorized to act on behalf of that individual.
VI. INFORMATION SECURITY
We implement and maintain reasonable security measures to protect the personal information that we collect and maintain from unauthorized access, destruction, use, modification, or disclosure. These security measures include: data protection, secure configuration of assets, account management, access control management, vulnerability management, audit log review, malware defenses, network monitoring and defenses, a security awareness training program, and security incident response. However, no security measure or modality of data transmission is 100% secure, and we are unable to guarantee the absolute security of the personal information we have collected from you.
VII. CHILDREN’S PRIVACY
We do not have knowledge that we sell the personal information of members in the club who are under the age of sixteen (16) without their affirmative consent. We do not collect the personal information of anyone under the age of thirteen (13). If we learn that we have collected or received personal information from individuals under the age of thirteen (13), we will delete the personal information. If you believe we have personal information on individuals under the age of thirteen (13), please contact us at the contact information provided below.
VIII. CHANGES TO THIS PRIVACY NOTICE
We may amend this Privacy Policy in our sole discretion at any time. If we do, we will post the changes to this page, and will indicate the date the changes go into effect. We encourage you to review our Privacy Notice to stay informed. If we make changes that materially affect your privacy rights, we will notify you by prominent posting on the Website and/or via email, and obtain your consent, if required.
IX. CONTACT US
If you have any questions or concerns regarding this Privacy Notice, please contact Member Services here or send us a letter by mail at the following address: 24 Hour Fitness, P.O. Box 2689, Carlsbad, CA 92018.