F15 Logo

Legal

Privacy Policy

Last Updated: April 11, 2026

This Privacy Policy explains how VYC LTD trading as F15 Training Centr (“F15”, “we”, “us”, or “our”) collects, uses, stores, and protects your personal information when you use our website, booking systems, facilities, coaching services, memberships, or communicate with us.

We are committed to protecting your privacy and processing personal data in accordance with applicable laws, including the General Data Protection Regulation (GDPR) and Maltese law.

By using our services, website, or contacting us, you acknowledge the practices described in this Privacy Policy.

1. Who We Are

Business Name: VYC LTD trading as F15 Training Centr
Registered Address: 81 Triq Tal Qroqq, Msida, Malta
Email: contact@crossfitf15.com

For the purpose of data protection law, F15 Training Centr is the data controller of your personal data unless otherwise stated.

2. Definitions

Personal Data means information relating to an identified or identifiable person.

Processing means collecting, storing, using, sharing, deleting, or otherwise handling personal data.

Service Providers means trusted third parties who process data on our behalf (for example booking software, payment processors, analytics tools, or email platforms).

Website means our website and related online services.

You means any member, visitor, customer, website user, lead, or person communicating with us.

3. What Information We Collect

Depending on how you interact with us, we may collect the following information:

3.1 Information You Provide

  • Full name
  • Email address
  • Phone number
  • Postal address
  • Date of birth
  • Emergency contact details
  • Membership or booking information
  • Payment or billing details (processed securely via third-party providers)
  • Health declarations, injury history, or fitness readiness forms where relevant
  • Messages, emails, enquiries, or support requests

3.2 Information Collected Automatically

When using our website or digital services, we may collect:

  • IP address
  • Device type
  • Browser type
  • Operating system
  • Website pages visited
  • Date/time of visits
  • Session duration
  • Referral source
  • Cookie identifiers

3.3 In-Gym Data

We may also process:

  • Attendance records
  • Booking history
  • Waitlist activity
  • Check-in data
  • Coaching notes relevant to service delivery

4. How We Use Your Data

We use personal data for legitimate business purposes, including:

  • Creating and managing accounts or memberships
  • Processing bookings and payments
  • Delivering coaching, classes, and services
  • Responding to enquiries or support requests
  • Sending confirmations, reminders, updates, or service notices
  • Improving member experience and operations
  • Personalising coaching support
  • Marketing offers or promotions (where legally permitted)
  • Preventing fraud or misuse
  • Complying with legal obligations

5. Legal Bases for Processing

Under GDPR, we rely on one or more of the following legal bases:

  • Contractual necessity – to deliver memberships, bookings, coaching, or purchases
  • Legitimate interests – to operate and improve our business
  • Consent – for certain marketing communications or optional cookies
  • Legal obligation – where required by law
  • Vital interests – where necessary to protect health or safety

6. Marketing Communications

We may send emails, SMS, or other communications about services, promotions, or events where lawful to do so.

You may unsubscribe or opt out at any time by:

  • clicking unsubscribe links
  • replying STOP where available
  • contacting us directly

Service-related messages (bookings, billing, operational notices) may still be sent where necessary.

7. Cookies and Tracking Technologies

Our website may use cookies and similar technologies for:

  • site functionality
  • remembering preferences
  • analytics and performance
  • advertising or remarketing (where consent is required)

You can manage cookies through your browser settings or any cookie banner/preferences tool provided. Disabling cookies may affect some website functions.

8. Sharing Your Information

We do not sell your personal data.

We may share data where necessary with:

  • Booking and membership software providers
  • Payment processors
  • Email or SMS platforms
  • Website hosting providers
  • Analytics providers
  • Professional advisers (legal/accounting)
  • Government or regulatory bodies where legally required
  • Successors in a merger, acquisition, or business transfer

All third parties are expected to handle data lawfully and securely.

9. International Transfers

Some providers may store or process data outside Malta or the European Economic Area.

Where this happens, we take reasonable steps to ensure appropriate safeguards are in place, such as approved contractual protections or equivalent legal mechanisms.

10. Data Retention

We retain personal data only as long as reasonably necessary for the purposes described in this policy, including:

  • Active membership data: during the customer relationship
  • Financial records: as required by law
  • Support communications: as reasonably necessary
  • Marketing records: until you opt out or consent expires
  • Website analytics: limited retention periods depending on provider settings

We may retain data longer where necessary for legal claims, compliance, fraud prevention, or dispute resolution.

11. Security

We use reasonable technical and organisational measures to protect personal data.

However, no internet transmission or storage system can be guaranteed 100% secure.

You are responsible for keeping your own login credentials confidential where applicable.

12. Your Rights

Subject to applicable law, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Object to certain processing
  • Withdraw consent
  • Request data portability
  • Lodge a complaint with the relevant supervisory authority

To exercise your rights, contact us using the details below. We may request identity verification before fulfilling certain requests.

13. Children's Privacy

Our services are not intended for children under 16 without appropriate parental or guardian involvement where required.

If we learn that personal data has been collected unlawfully from a child, we will take reasonable steps to delete it.

14. Third-Party Links

Our website or communications may contain links to third-party websites or services.

We are not responsible for their content, privacy practices, or security. Please review their policies separately.

15. Photos and Media

Photos or videos may occasionally be taken in the gym for community or promotional purposes.

If you prefer not to appear, please notify management and we will make reasonable efforts to respect your request.

16. Changes to This Policy

We may update this Privacy Policy from time to time.

Any updates will be posted on our website or made available through our services. Continued use of our services after changes may indicate acceptance of the updated policy.

17. Contact Us

If you have any questions or requests regarding this Privacy Policy, contact:

F15 Training Centr
Email: contact@crossfitf15.com