This privacy notice describes how we will collect, use, share and otherwise process your personal data in connection with your use of:
· our website (p3rform.co.uk) (Website);
· P3RFORM mobile application software (App); and
· the 1-1 coaching service that is accessible through the App by way of a monthly subscription in accordance with our App T&Cs (Service).
This privacy notice also applies if you enquire about our services, purchase the Service or otherwise interact with us.
Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
Game Changer Performance Centre Limited trading as P3RFORM (company number: 09709225) is a private limited company incorporated in England with its registered office address at 12 Mallard Way, Pride Park, Derby, DE24 8GX (referred to as P3FORM, we, us or our). We are the data controller and are responsible for overseeing questions in relation to this privacy notice.
If you have any questions about this privacy notice or would like to exercise your legal rights, please contact us at support@p3rform.co.uk
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues (ico.org.uk). In certain circumstances you might also have the right to bring a complaint to other regulators or in the Courts although we would hope that you give us the chance to deal with any concerns you might have first by contacting us.
If you are based in the EU, you have the right to make a complaint at any time to the national data protection authority of your country. You can find the details of the national data protection authority of your country here.
Changes to our privacy notice and the need for you to inform us of changes
We keep our privacy notice under regular review. This version was last updated on 10.03.2025. We may update this privacy notice at any time and, if we do, we will post an amended version to the Website and if you use the App, we will also notify you when you next start the App.
It is important that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your relationship with us. You can update your details in the App by editing your personal profile.
The Website, the App and the Service may include links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites, plug-ins and applications and are not responsible for their privacy policies. You should review their own privacy notices to understand how they use your personal data before you submit any personal data to these websites or use their services.
Personal data is any information about an individual from which that person can be identified. It does not include information derived from personal data where the identity has been removed, such that the person can no longer be directly or indirectly identified from the information (anonymous data).
We may collect, use, store and transfer different types of your personal data, which we have grouped together as set out below. Please note that, if you use the App and the Service as a parent for a user under the age of 16, the types of data set out below is processed in respect of you and your child.
· Identity Data, which includes your first name, last name and date of birth. It may also include the name of your business, employer or professional body and your job role if (a) you are enquiring about and/or paying for the Service to be provided to individuals in your business or professional body (as relevant) (in these circumstances, you are a Corporate Subscriber) or (b) if you are a user of the App and the Service where your membership has been bought for you by a business, your employer or a professional body (a Paid for Member).
· Contact Data, which includes your personal email address, and telephone number(s). We may collect your business email address, business contact address and/or telephone number(s) in addition to or instead of your personal Contact Data where you are a Corporate Subscriber or a Paid for Member.
· Profile Data, includes your username and password, your communication preferences and copies of the communications between us.
· Transaction Data, includes payment details (such certain digits from your card number and bank account details) and the history of your payments.
· Log Data, includes your IP address, your browser type and version, operating system, network information, your unique device identifier, time zone setting, your device settings and geo-location data.
· Usage Data. Where this relates to your use of the Website, this includes the pages you visit, the time you spend on each page and the date and time of your visit. Where this relates to your use of the App and the Service, this includes the dates and times on which you download, access and update the App and the Service, any error or debugging information and the resources you access.
· Content Data, includes the information that you store or generate in the App, being voice recordings, photos, videos and associated metadata and messages.
· Direct Marketing Data, includes your direct marketing preferences, consents for receiving direct marketing from us and the history of the direct marketing communications we have sent to you.
· Connected Data, includes information stored on your device that you permit the App to connect to, being login information, any connection to wearable devices or third party apps (such as Apple’s Health app that takes data from wearable devices and other third party fitness apps) that you may enable the App to access for the Service (for example, information regarding your step counts, distances walked / ran, heart rate related metrics, blood oxygen saturation levels and calories consumed / burned) and which may include Health Data (see below).
· Customer Service Data, which includes details of any enquiries you have made to us, services you have purchased from us and feedback from or survey responses you have provided to us.
We also collect Health Data, which includes information that you provide to us about your health as part of the Service. You may provide Health Data for the Service by way of Connected Data as set out above, when filling out questionnaires in the App (where such questions may ask you information on activity and fitness levels, nutritional habits, psychological behaviour, existing medical conditions and symptoms and other similar information) or when messaging coaches in the App. Health Data is known as “special category” personal data and attracts a higher level of protection. For further details on how we process special category data, please refer to the “Special category data” section below.
We may also collect, use and share aggregated anonymous data such as statistical or demographic data for any purpose. For example, we may aggregate your Log Data or Usage Data to calculate the percentage of Website visitors accessing a specific feature. However, if we combine or connect aggregated anonymous data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you don’t provide us with that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with the Service) or you may not be able to enjoy the full benefit of the Service.
We use different methods to collect data from and about you, including through:
· Registration. We collect your Identity, Contact and Transaction Data when you register for an account with us to access the Service in the App.
· Communications. When you communicate with us by email, telephone or use the online form on the Website by using the “Enquire Now” feature, we collect your Identity and Contact Data. Where you contact your coach through the App using the messaging function as part of the Service, we also collect your Profile and Log to operate the messaging function and respond to your messages.
· Information you generate when using the App, Service and Website. Each time you access and use the App and Service we collect Content, Log, Profile and Usage Data. We collect Content Data where you upload it to the App or interact with the content available on the App. Each time you use the Website, we collect Log and Usage Data.
· Information we collect through monitoring the use of the App, Service and Website. Each time you access and use the App, Service and/or Website we collect information about that access and use, being Log, Content and Usage Data.
· Additional information we otherwise collect through the App, Service or Website where we have your consent to do so.
· Direct Marketing. We collect and record Direct Marketing Data when we add you to our marketing database, you request to change your direct marketing preferences or you interact with our direct marketing communications.
· Connected Data. We collect Connected Data when you choose to connect your connected device to your account in the App as part of the Service.
· Information we receive from third parties. We receive personal data about you from the third parties set out below.
o We receive Transaction Data from our third-party payment provider, Stripe.
o If your subscription to the App and the Service is managed by a Corporate Subscriber, we may receive Identity Data and Contact Data from them in order to send you a link by email so that you can register for an account for the App.
o Where you connect the App to wearable devices and/or third party apps, we receive Connected Data from the wearable device and/or third party apps.
We use cookies (small files placed on your device) on the Website and on the App to improve your experience and our development of the Website, the App and the Service. For detailed information on the cookies we use, the purpose for which we use them and how you can exercise your choices regarding our use of your cookies, see our Cookie Policy.
We collect and use your personal data for different purposes depending on how you interact with us. Data protection law requires us to have a legal basis to process your personal data for each particular purpose. We will only use your personal data when we have a legal basis for doing so. Most commonly, we will rely on one of the following legal bases:
· Where it is necessary to perform the contract we are about to enter into or have entered into with you (Performance of a contract with you).
· Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (Necessary for our legitimate interests).
· Where we need to comply with a legal obligation (Necessary to comply with a legal obligation).
· We may also rely on your consent as a legal basis for processing your personal data (Consent).
We have set out below, in a table format, a description of purposes for which we may use your personal data, which of the legal bases we rely on to do so, the types of personal data processed for each purpose and the third parties we might share your personal data with. We have also identified what our legitimate interests are, where appropriate.
In some cases, we may process your personal data for more than one legal basis depending on the specific purpose for which we are using your personal data. Please contact us if you would like more detailed information about how we process your personal data.
Purpose / activity Legal basis for processing (including details of legitimate interests) Type of personal data processed
To permit you to install the App and
register an account on the App. Legitimate interests (delivering the App to you). Identity, Contact and Log Data.
To allow us to send you a link to
create an account on the App and
for you to thereafter register an
account on the App. Performance of a contract. Legitimate interests (delivering the App to you). Identity, Contact, Transaction and Log Data.
Delivering the Service to you (or if
you are a Corporate Subscriber, to
allow us to deliver the Service to
Paid for Members). Performance of a contract. Identity, Contact, Transaction, Log, Usage, Profile and Content Data.
To provide you with the ability to connect devices to the App and as part of the Service. Consent. Connected Data.
To enforce our terms and conditions
governing the use of the Website,
use of the App and the Service
and/or the terms that set out your
payment obligations for the Service. Performance of a contract. Legitimate interests (to recover debts due to us). Identity, Contact, Profile, Content (if we need to enforce our terms and conditions regarding the content you upload in the App) and Transaction Data.
To manage our relationship with
you, which includes: (a) notifying
you about changes to this Privacy
Notice, any other terms and
conditions of P3RFORM applicable
to you, the Website, the App and/or
the Service and (b) dealing with your
requests, complaints and queries. Legitimate interests (to enable us to operate efficiently, which in turn ensures any issue you may have is dealt with effectively, efficiently and fully). Performance of a contract. Necessary to comply with legal obligations. Identity, Contact, Profile, Transaction and Customer Service Data.
To administer, monitor and improve
the Website, the App and/or the
Service, including troubleshooting,
data analysis, system testing and
applying security measures. Legitimate interests (for running our business, provision of administration and IT services, network security, maintaining the security of the Website, App and the Service, providing a secure service to users and preventing fraudulent and other misuse of the Website and the App). Necessary to comply with legal obligations. Identity, Contact, Profile, Log, Usage, Content and Connected Data.
To administer and conduct our
company affairs, including comply
with mandatory reporting
obligations and any legal
obligations, govern authorities’
requests and data protection laws. Legitimate interests (for running our business). Necessary to comply with legal obligations. All personal data covered under this privacy notice as necessary for the purpose.
To send you direct marketing
communications via email and/or
through push notifications where
you use the App, make
personalisations and suggestions
that may interest you based on your
Profile and Usage Data. Consent. Identity, Contact, Profile, Log, Usage and Direct Marketing Data
Special category data
As set out above, we process Health Data as part of the Service provided in the App as the Health Data allows our coaches to provide you with a tailored Service and ensure that you can get the
most of what we have to offer. We collect Health Data when you provide us with Health Data as part of the messaging service in the App, when you complete our questionnaire in the App and we may also receive Health Data when you connect a device or a third party app through your Connected Data. We rely on your explicit consent to process Health Data.
We do not intentionally collect any other types of special category personal data about you (which includes your race and ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, genetic and biometric and criminal offence data). If we have to process this type of special category data because it is necessary for performing or exercising obligations or rights in connection with your relationship with us, we will process it in compliance with applicable data protection laws, including obtaining your consent where this is required.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is lawful and compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we intend to use your personal data for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so. Please note that, in limited circumstances, we may process your personal data without your knowledge or consent where this is required or permitted by law.
Disclosures of your personal data to third parties
We may share your personal data with the following third parties:
· Your Corporate Subscriber, if you are a Paid for Member. We may also share anonymous data with your Corporate Subscriber in the form of statistics regarding their Paid for Members use of the App and health, fitness and activity levels.
· Your App Store provider and mobile network operator to allow you to install the App.
· If we decide to collaborate or expand the App in the future, we may collaborate with other businesses or third party app providers to offer you an enhanced range of Services. We would only share any personal data with these other business or app providers where we have your consent.
· Any third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
· HM Revenue and Customs, regulators, law enforcement, public authorities or other third parties where necessary to exercise our rights or comply with a legal obligation.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
International data transfers
We store and process your personal data in the UK. Some of our third parties may be based outside the UK so their processing of your personal data will involve a transfer of the data outside the UK, or if you are based in the EU, will involve a transfer outside the EU.
The locations of the third parties outside the UK or the EU (as applicable) may not have adequate data protection laws equivalent to those in place within the UK or the EU (as applicable). For
transfers of your personal data to third parties outside the UK or the EU (as applicable) that have not been deemed to provide an adequate level of protection for personal data by the UK / the EU, we take additional steps where required in line with data protection laws, which may be to:
· use approved standard contractual clauses which give personal data the same protection it has in the UK or the EU (as applicable); or
· transferring when one or more of the conditions set out in Article 49 GDPR are met.
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. These include limiting access to your personal data to our employees, contractors, agents and other third parties who have a business need to access it. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Where you have chosen a password that enables you to access the Service, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
How long we keep your personal data for
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for. These purposes may include satisfying legal, regulatory, tax, accounting or reporting requirements. We may also retain your personal data if we reasonably believe it may be needed in relation to a complaint or in order for us to exercise or defend a legal claim.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, as well as any other relevant legal, regulatory, tax, accounting or other requirements.
If you want to know more about how long we keep your data please contact us. In some circumstances you can ask us to delete your data – see the “Your legal rights” section below for more details.
Your legal rights
Under certain circumstances, you have rights under data protection law in relation to your personal data. You have the right to:
· Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
· Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
· Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
· Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
· Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
o if you want us to establish the data’s accuracy;
o where our use of the data is unlawful but you do not want us to erase it;
o where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims;
o where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
o you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
· Request the transfer of your personal data to you or, where technically feasible, another data controller where you have provided it in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
· Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain parts of the Service to you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of the rights set out above, please contact us.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data or to exercise any of your other rights. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. It could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
What we ask of you
· Keep your information accurate and up to date. Please inform us if there is a change in your contact details or any other information that you have provided to us so that we can ensure our records are kept accurate and up to date.
· Third party personal data. If you provide us with personal data about another person please make sure that you have informed them of our identity, the purposes for which their personal data will be processed and obtained their permission and/or complied with any other data protection requirements. If you are unsure whether their personal data can be shared with us, please contact us before providing us the data.
