Website Privacy Policy | MD Fitness GYM

MD Fitness Website Privacy Policy

Last Modified: November 25, 2025

At MD Fitness, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://www.mdfitness.biz, book our services, or otherwise interact with us. We provide personalized fitness programs and we handle your data responsibly to support your fitness journey.

This policy applies to all visitors, users, and customers of MD Fitness. By using our website or services, you consent to the practices described herein. If you do not agree with this policy, please do not use our website or services.

We comply with applicable data protection laws, including the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) for California residents and the General Data Protection Regulation (GDPR) for individuals in the European Economic Area (EEA). This policy may be updated periodically; we will notify you of material changes via email or a notice on our website.

For questions about this policy, contact us at:

Email: personaltraineroakhurst@gmail.com

I. Information We Collect

II. How We Collect Your Information

III. How We Use Your Information

IV. How We Share Your Information

V. Cookies and Tracking Technologies

VI. Data Security VII. Data Retention

VIII. Children's Privacy

IX. Your Rights and Choices

X. International Data Transfers

XI. CCPA/CPRA Disclosures for California Residents

XII. GDPR Disclosures for EEA Residents

XIII. Changes to This Policy

XIV. Contact Us

I. Information We Collect

We collect personal information to provide and improve our services. The types of information we may collect include:

Category: Examples: Purpose

Personal Identifiers: Name, email address, phone number, postal address: To contact you, schedule appointments, and send updates

Commercial Information: Booking details, program preferences: To process and personalize your fitness program

Health and Fitness Data: Fitness goals, medical history (if voluntarily provided during consultation): To tailor safe, effective training plans

We do not collect sensitive information such as racial or ethnic origin, political opinions, or biometric data unless explicitly provided for health assessments.

II. How We Collect Your Information

We collect information through:

Directly from you: When you fill out booking forms ("BOOK NOW!" buttons), contact us via email/phone, or provide details during consultations.
Automatically: Via cookies, web beacons, and server logs when you visit our site.
From third parties: Such as analytics providers (e.g., Google Analytics) or booking platforms (e.g., if integrated with Calendly or similar).

III. How We Use Your Information

We use your information for legitimate business purposes, including:

Providing and managing fitness services, such as scheduling sessions and creating personalized programs.
Communicating with you about your bookings, program updates, promotions, or newsletters (with opt-out options).
Processing payments and preventing fraud.
Improving our website, services, and user experience through analytics.
Complying with legal obligations, such as tax reporting or health/safety regulations.
Sending targeted marketing, but only with your consent where required.

Under GDPR, our legal bases include consent, contract performance, legitimate interests (e.g., site security), and legal obligations.

IV. How We Share Your Information

We do not sell your personal information. We may share it with:

Service Providers: Trusted third parties like payment processors (e.g., Stripe), email services (e.g., Mailchimp), or analytics tools (e.g., Google) who assist us under strict confidentiality agreements.
Legal Authorities: If required by law, subpoena, or to protect our rights/safety.
Business Transfers: In the event of a merger, acquisition, or sale of assets.

We require all third parties to respect your privacy and comply with applicable laws. For CCPA, we do not "sell" or "share" personal information as defined therein.

V. Cookies and Tracking Technologies

Our website uses cookies—small text files stored on your device—to enhance functionality. Types include:

Essential Cookies: For site navigation and booking forms.
Analytics Cookies: To track usage (e.g., Google Analytics; you can opt out via Google's tool).
Marketing Cookies: For personalized ads (if applicable).

You can manage cookies via your browser settings. Disabling them may limit site features. For more, see our Cookie Policy (to be linked if separate).

VI. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your information, such as encryption, access controls, and secure servers. However, no system is completely secure, and we cannot guarantee absolute protection. Report any suspected breach to us immediately.

VII. Data Retention

We retain your information only as long as necessary for the purposes outlined, or as required by law:

Booking/contact data: Up to 2 years after last interaction.
Payment data: 7 years for tax compliance.
Analytics data: Anonymized after 26 months.

Data is securely deleted or anonymized when no longer needed.

VIII. Children's Privacy

Our services are not directed to children under 16 (or 13 under COPPA). We do not knowingly collect data from children. If we learn we have, we will delete it promptly. Parents/guardians: Contact us to review or remove a child's data.

IX. Your Rights and Choices

You have control over your data:

Access/Update/Delete: Request a copy, corrections, or deletion.
Opt-Out: Unsubscribe from emails or cookies.
Withdraw Consent: Where applicable, at any time without affecting prior processing.

To exercise rights, email info@mdfitness.biz with your name and request details. We respond within 30 days (45 for CCPA). Verification may be required.

X. International Data Transfers

MD Fitness is U.S.-based. If we transfer data internationally (e.g., to EEA providers), we use safeguards like Standard Contractual Clauses (SCCs) to ensure equivalent protection.

XI. CCPA/CPRA Disclosures for California Residents

If you are a California resident, in the past 12 months:

Categories Collected: Personal identifiers, commercial info, health data, internet activity, payment info, device info.
Sources: Directly from you, automatically, third parties.
Purposes: As described in Section III.
Shared With: Service providers (no sales/sharing).

Your CCPA Rights:

Right to Know/Access: Up to twice yearly, details on collected data.
Right to Delete: Subject to exceptions (e.g., transaction fulfillment).
Right to Correct: Inaccurate data.
Right to Opt-Out of Sale/Sharing: Not applicable, as we do not sell/share.
Right to Limit Sensitive Data Use: For health data, limited to service provision.
Non-Discrimination: Exercising rights won't affect service/price.

Submit verifiable requests via email or phone above. We verify via matching info (e.g., email/phone). Agents need authorization. No fee unless excessive. Last updated: November 25, 2025.

XII. GDPR Disclosures for EEA Residents

MD Fitness acts as the data controller. Processing is based on consent, contract, or legitimate interests (detailed in Section III). Transfers use SCCs.

Your GDPR Rights:

Access, rectification, erasure ("right to be forgotten"), restriction, portability, objection.
Withdraw consent anytime.
Lodge complaints with your supervisory authority (e.g., via EDPB).

We respond within one month. No automated decision-making with significant effects.

XIII. Changes to This Policy

We may update this policy to reflect changes in practices or laws. Posted updates take effect immediately; we'll notify via site notice or email for material changes. Review periodically.

XIV. Contact Us

Reach us anytime:

Owner: Coach Michael
Email: personaltraineroakhurst@gmail.com

For CCPA: Designated agent for service of process is the above address.

Thank you for trusting MD Fitness with your fitness and privacy. We're here to help you thrive!

MD Fitness Website Privacy Policy

Last Modified: November 25, 2025

This policy applies to all visitors, users, and customers of MD Fitness. By using our website or services, you consent to the practices described herein. If you do not agree with this policy, please do not use our website or services.

For questions about this policy, contact us at:

Email: personaltraineroakhurst@gmail.com

Table of Contents

​

I. Information We Collect

II. How We Collect Your Information

III. How We Use Your Information

IV. How We Share Your Information

V. Cookies and Tracking Technologies

VI. Data Security VII. Data Retention

VIII. Children's Privacy

IX. Your Rights and Choices

X. International Data Transfers

XI. CCPA/CPRA Disclosures for California Residents

XII. GDPR Disclosures for EEA Residents

XIII. Changes to This Policy

XIV. Contact Us

I. Information We Collect

We collect personal information to provide and improve our services. The types of information we may collect include:

​Category: Examples: Purpose

Personal Identifiers: Name, email address, phone number, postal address: To contact you, schedule appointments, and send updates

Commercial Information: Booking details, program preferences: To process and personalize your fitness program

Health and Fitness Data: Fitness goals, medical history (if voluntarily provided during consultation): To tailor safe, effective training plans

​

We do not collect sensitive information such as racial or ethnic origin, political opinions, or biometric data unless explicitly provided for health assessments.

II. How We Collect Your Information

We collect information through:

Directly from you: When you fill out booking forms ("BOOK NOW!" buttons), contact us via email/phone, or provide details during consultations.

Automatically: Via cookies, web beacons, and server logs when you visit our site.

From third parties: Such as analytics providers (e.g., Google Analytics) or booking platforms (e.g., if integrated with Calendly or similar).

III. How We Use Your Information

We use your information for legitimate business purposes, including:

Providing and managing fitness services, such as scheduling sessions and creating personalized programs.

Communicating with you about your bookings, program updates, promotions, or newsletters (with opt-out options).

Processing payments and preventing fraud.

Improving our website, services, and user experience through analytics.

Complying with legal obligations, such as tax reporting or health/safety regulations.

Sending targeted marketing, but only with your consent where required.

Under GDPR, our legal bases include consent, contract performance, legitimate interests (e.g., site security), and legal obligations.

IV. How We Share Your Information

​

We do not sell your personal information. We may share it with:

Service Providers: Trusted third parties like payment processors (e.g., Stripe), email services (e.g., Mailchimp), or analytics tools (e.g., Google) who assist us under strict confidentiality agreements.

Legal Authorities: If required by law, subpoena, or to protect our rights/safety.

Business Transfers: In the event of a merger, acquisition, or sale of assets.

We require all third parties to respect your privacy and comply with applicable laws. For CCPA, we do not "sell" or "share" personal information as defined therein.

V. Cookies and Tracking Technologies

Our website uses cookies—small text files stored on your device—to enhance functionality. Types include:

Essential Cookies: For site navigation and booking forms.

Analytics Cookies: To track usage (e.g., Google Analytics; you can opt out via Google's tool).

Marketing Cookies: For personalized ads (if applicable).

You can manage cookies via your browser settings. Disabling them may limit site features. For more, see our Cookie Policy (to be linked if separate).

VI. Data Security

​

We implement reasonable administrative, technical, and physical safeguards to protect your information, such as encryption, access controls, and secure servers. However, no system is completely secure, and we cannot guarantee absolute protection. Report any suspected breach to us immediately.

VII. Data Retention

​

We retain your information only as long as necessary for the purposes outlined, or as required by law:

Booking/contact data: Up to 2 years after last interaction.

Payment data: 7 years for tax compliance.

Analytics data: Anonymized after 26 months.

Data is securely deleted or anonymized when no longer needed.

VIII. Children's Privacy

​

Our services are not directed to children under 16 (or 13 under COPPA). We do not knowingly collect data from children. If we learn we have, we will delete it promptly. Parents/guardians: Contact us to review or remove a child's data.

IX. Your Rights and Choices

​

You have control over your data:

Access/Update/Delete: Request a copy, corrections, or deletion.

Opt-Out: Unsubscribe from emails or cookies.

Withdraw Consent: Where applicable, at any time without affecting prior processing.

​

To exercise rights, email info@mdfitness.biz with your name and request details. We respond within 30 days (45 for CCPA). Verification may be required.

X. International Data Transfers

​

MD Fitness is U.S.-based. If we transfer data internationally (e.g., to EEA providers), we use safeguards like Standard Contractual Clauses (SCCs) to ensure equivalent protection.

​

Category: Examples: Purpose