

Privacy Policy
Effective Date: 27th August, 2025
Aerilon Ltd trading as Apex Gyms (“Apex Gyms”, "Apex", “we”, “our”, or “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard your personal information when you interact with us — whether in person at one of our clubs, online through our website (www.apexgyms.co.uk), via mobile app, or through other communication channels.
We adhere to the principles set out in the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and relevant ICO guidance.
Aerilon Ltd trading as Apex Gyms (“Apex Gyms”, "Apex", “we”, “our”, or “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard your personal information when you interact with us — whether in person at one of our clubs, online through our website (www.apexgyms.co.uk), via mobile app, or through other communication channels.
We adhere to the principles set out in the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and relevant ICO guidance.
1. Personal Data We Collect
We may collect and process the following categories of personal data:
a. Membership & Identity Data
Full name, date of birth, gender
Address, email address, phone number
Membership ID and preferences
Proof of identity documents (if applicable)
b. Health & Lifestyle Data
Health declarations (e.g., PAR-Q forms)
Medical conditions disclosed voluntarily
Emergency contact details
Note: Health data is considered “special category data” and is processed with your explicit consent.
c. Financial & Transactional Data
Payment details (e.g., bank account or card details)
Billing history, invoices, failed payment records
Direct debit or recurring billing info
d. Technical & Usage Data
IP address, device ID, browser type, cookies
Log-in and location data (via app or web portal)
Session times, class bookings, check-ins
Communications history (email, SMS, chat)
e. Visual & Audio Data
CCTV footage from gym premises
Photographs (e.g., for ID verification)
Customer service call recordings (where applicable)
We may collect and process the following categories of personal data:
a. Membership & Identity Data
Full name, date of birth, gender
Address, email address, phone number
Membership ID and preferences
Proof of identity documents (if applicable)
b. Health & Lifestyle Data
Health declarations (e.g., PAR-Q forms)
Medical conditions disclosed voluntarily
Emergency contact details
Note: Health data is considered “special category data” and is processed with your explicit consent.
c. Financial & Transactional Data
Payment details (e.g., bank account or card details)
Billing history, invoices, failed payment records
Direct debit or recurring billing info
d. Technical & Usage Data
IP address, device ID, browser type, cookies
Log-in and location data (via app or web portal)
Session times, class bookings, check-ins
Communications history (email, SMS, chat)
e. Visual & Audio Data
CCTV footage from gym premises
Photographs (e.g., for ID verification)
Customer service call recordings (where applicable)
2. How We Use Your Data
We use your personal data for the following purposes:
We use your personal data for the following purposes:
Purpose
To set up and manage your membership.
To process payments and billing
To contact you about class bookings, cancellations, or gym updates
To send marketing messages (email/SMS)
To ensure health & safety on premises
To operate CCTV and ensure security
To personalise your experience (e.g., app recommendations)
To comply with legal and regulatory requirements
Purpose
To set up and manage your membership.
To process payments and billing
To contact you about class bookings, cancellations, or gym updates
To send marketing messages (email/SMS)
To ensure health & safety on premises
To operate CCTV and ensure security
To personalise your experience (e.g., app recommendations)
To comply with legal and regulatory requirements
Legal Basis
Contract
Contract / Legal Obligation
Legitimate Interest
Consent
Legal Obligation
Legitimate Interest
Legitimate Interest
Legal Obligation
Legal Basis
Contract
Contract / Legal Obligation
Legitimate Interest
Consent
Legal Obligation
Legitimate Interest
Legitimate Interest
Legal Obligation
Legal Basis
Contract
Contract / Legal Obligation
Legitimate Interest
Consent
Legal Obligation
Legitimate Interest
Legitimate Interest
Legal Obligation
3. Marketing & Communication
With your consent, we may send you:
Newsletters
Class updates
Promotions and offers
Surveys and feedback requests
You can opt out at any time by clicking “unsubscribe” in our emails or managing preferences in your member account.
With your consent, we may send you:
Newsletters
Class updates
Promotions and offers
Surveys and feedback requests
You can opt out at any time by clicking “unsubscribe” in our emails or managing preferences in your member account.
4. CCTV Monitoring
We use CCTV in all Apex Gym premises for:
Preventing and detecting crime
Ensuring the safety of members and staff
Monitoring compliance with health and safety rules
CCTV footage is retained for no more than 30 days unless required for investigation or legal proceedings.
We use CCTV in all Apex Gym premises for:
Preventing and detecting crime
Ensuring the safety of members and staff
Monitoring compliance with health and safety rules
CCTV footage is retained for no more than 30 days unless required for investigation or legal proceedings.
5. Sharing Your Information
We may share your data with:
Payment providers (i.e., Stripe)
CRM and booking systems (i.e., GoKenko)
Marketing platforms (i.e., GoKenko)
IT service providers (hosting, maintenance)
Insurers or legal advisors (as required)
Government authorities or law enforcement (if legally required)
We ensure all vendors comply with data protection standards through contracts and due diligence.
We may share your data with:
Payment providers (i.e., Stripe)
CRM and booking systems (i.e., GoKenko)
Marketing platforms (i.e., GoKenko)
IT service providers (hosting, maintenance)
Insurers or legal advisors (as required)
Government authorities or law enforcement (if legally required)
We ensure all vendors comply with data protection standards through contracts and due diligence.
6. International Data Transfers
Some service providers may store data outside the UK. In such cases, we ensure:
Adequate safeguards (e.g., UK IDTA, SCCs)
Data minimisation and encryption
Vendor compliance with UK GDPR standards
Some service providers may store data outside the UK. In such cases, we ensure:
Adequate safeguards (e.g., UK IDTA, SCCs)
Data minimisation and encryption
Vendor compliance with UK GDPR standards
7. How Long We Keep Your Data
Data Type
Membership data
Financial records
Health declarations
CCTV footage
Marketing preferences
Data Type
Membership data
Financial records
Health declarations
CCTV footage
Marketing preferences
Retention Period
6 years after account closure
6 years (HMRC requirement)
Until membership ends
30 days (unless required longer)
Until consent is withdrawn
Legal Basis
6 years after account closure
6 years (HMRC requirement)
Until membership ends
30 days (unless required longer)
Until consent is withdrawn
Legal Basis
6 years after account closure
6 years (HMRC requirement)
Until membership ends
30 days (unless required longer)
Until consent is withdrawn
8. Your Data Protection Rights
You have the following rights under the UK GDPR:
Right of access – to request a copy of your data
Right to rectification – to correct inaccurate information
Right to erasure – to request deletion of data
Right to restrict processing – under certain conditions
Right to data portability – in certain scenarios
Right to object – to processing based on legitimate interest or direct marketing
Right to withdraw consent – at any time
You can exercise your rights by emailing privacy@apexgyms.co.uk.
You have the following rights under the UK GDPR:
Right of access – to request a copy of your data
Right to rectification – to correct inaccurate information
Right to erasure – to request deletion of data
Right to restrict processing – under certain conditions
Right to data portability – in certain scenarios
Right to object – to processing based on legitimate interest or direct marketing
Right to withdraw consent – at any time
You can exercise your rights by emailing privacy@apexgyms.co.uk.
9. Cookies & Website Tracking
We use cookies for:
Functionality (e.g., keeping you logged in)
Performance analytics (e.g., Google Analytics)
Marketing (e.g., Meta Pixel, Google Ads)
You can manage cookies via your browser preferences.
We use cookies for:
Functionality (e.g., keeping you logged in)
Performance analytics (e.g., Google Analytics)
Marketing (e.g., Meta Pixel, Google Ads)
You can manage cookies via your browser preferences.
10. Data Security
We protect your data through:
Secure HTTPS encryption
Access control and authentication
Data minimisation and anonymisation
Regular staff training and audits
Secure off-site backups
We protect your data through:
Secure HTTPS encryption
Access control and authentication
Data minimisation and anonymisation
Regular staff training and audits
Secure off-site backups
11. Children’s Data
Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children without parental consent.
Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children without parental consent.
12. Complaints
If you are not satisfied with how we handle your data, please contact our Data Protection Lead at privacy@apexgyms.co.uk.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): https://www.ico.org.uk
If you are not satisfied with how we handle your data, please contact our Data Protection Lead at privacy@apexgyms.co.uk.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): https://www.ico.org.uk
13. Changes to This Policy
We may update this policy from time to time. The latest version will always be posted at www.apexgyms.co.uk/privacy-policy with a revised “Effective Date”.
We may update this policy from time to time. The latest version will always be posted at www.apexgyms.co.uk/privacy-policy with a revised “Effective Date”.