Privacy Policy

Privacy Policy

This privacy policy sets out how Gym Plus uses and protects any information that you give Gym Plus when you use our website, social media sites and clubs.

Gym Plus Company Details

The Gym Plus brand consists of several different companies, with different trading identities. Your relationship (either as a member or prospect) is with the company trading as the club name you join or are thinking of joining. However, as your data can be shared across the group, any change you require to your preferences will be applied across all these companies and clubs:

  • Galova trading as Gym Plus Cork
  • Mandabe trading as Gym Plus Naas
  • Prime Fitness Ballsbridge trading as Gym Plus Ballsbridge
  • Prime Fitness trading as Gym Plus Ashbourne, Drogheda, Rathfarnham and Swords

Our privacy culture

Gym Plus will only collect, store and use the information you provide to us in a manner compatible with the EU’s General Data Protection Regulation (GDPR).

Gym Plus is committed to ensuring that your privacy is protected. This means we’ll only use the information you provide in an appropriate way and that we’ll do all we can to protect it. If we ever ask you to provide information by which you can be identified, then you can be sure that it will only be used in the way we say it will within this privacy statement.

Gym Plus may change this policy from time to time. If those changes alter the way we use information already supplied by you, we will ask you for permission before we use it in any new way.

What we collect

We may collect the following information:

  • Name
  • Contact information including email address and phone number
  • Demographic information such as Eirecode, preferences and interests
  • Other information relevant to customer surveys and/or offers
  • Information required for membership including billing information, photographs, login & password details, member ID, QR access code, attendance history and marketing preferences.
  • For children, in addition to basic identification and demographic data, data on health issues is retained on the swim sign up form and the swim lesson app, so the instructors are aware of health issues that might affect the delivery of the lesson or require special arrangements to be made for the child. This information is deleted 6 months after lessons cease, or sooner by request.

What we do with the information we gather

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

  • Internal record keeping
  • Improving our products and services
  • Periodic promotional emails or text messages about special offers or other information which we think you may find interesting using the email address or mobile phone number which you have provided.
  • From time to time, we may also use your information to contact you for market research purposes. We may contact you by email or phone.
  • We may use the information to customise the website according to your interests.
  • In the incidence where there’s a case of COVID-19 confirmed in the club, we will share your contact details with the HSE for track and trace.

How we look after your information

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Your rights relating to your personal information

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

a) Right to be informed – you have the right to know how your personal data is being used

b) Right of access – you have the right to request a copy of the information that we hold about you.

c) Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.

d) Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.

e) Right to restriction of processing – if you believe the basis for processing your data as described in section 3 of this notice no longer applies or if you contest the accuracy of the information we hold about you, you have a right to request restrictions to the processing of your data.

f) Right of portability – you have the right to have the data we hold about you transferred to another organisation.

g) Right to object – you have the right to object to certain types of processing such as direct marketing.

h) Right to object to automated processing, including profiling – you also have the right to not be subject to the legal effects of any automated processing or profiling.

i) Right to complain – if you believe that your data is being processed unfairly or you have any other concerns about the way that Gym Plus or it’s designated processor is handling your data, you have the right to complain to the Data Protection Commissioner

Note that if Gym Plus refuses a request from you under rights of access, we will provide you with a reason as to why. Gym Plus reserves the right to charge a fee in the event of complex, trivial and/or repetitive access requests. Finally, if a data breach occurs which compromises your personal data, you have a right to be informed within 72 hours of us first becoming aware of the breach.

Controlling your personal information

If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting your club manager or emailing us at

If you believe that any information we are holding on you is incorrect or incomplete, please contact your local club manager, write to or email us as soon as possible at the above address. We will promptly correct any information found to be incorrect.

How long we keep your information

Gym Plus will retain your data for as long as you are a member. On termination of your membership, Gym Plus will instruct its designated processor to store your personal data for a maximum period of 3 years for the purposes of responding to you in the event of any future indemnity claim that may arise. After this period, your personal data will be anonymised to prevent you from being identified from the information we hold. The anonymised data may be used for business analysis purposes after you are no longer a member.


By taking out a membership, filling in a contact form on our website or using a mobile app we provide to you, you agree and accept that we may gather, process, store and/or use the personal data submitted in the way we outline in this policy. If you are under the age of 16, Gym Plus will not collect or process your details unless we have also received the consent of an adult who has parental responsibility for you. You have the right to withdraw your consent at any time, unless by doing so you prevent us from delivering the service set out in your membership agreement. To withdraw consent for the storage and processing of your data, please write to

What “delivering the service set out in your membership agreement” means

When you join as a member, we collect your personal information to provide you with the services defined in your membership agreement. By joining, you agree and accept that we may use your personal data to:

    • Contact you in respect of your membership
    • Manage your club access
    • Facilitate member rewards
    • Resolve any problems you may have and improve our service to you
    • Comply with our legal and regulatory obligations

We use the personal data submitted to us only in accordance with the applicable data protection legislation. Our employees and third-party providers are under an obligation to respect your data privacy.

Who helps us process our data and how you can reach them

Personal data collected by us and stored via our website or mobile app is processed on our behalf by ClubWise Software Ltd, 6 Tower Court, Horns Lane, Princes Risborough, Bucks, HP27 0AJ Company Reg: 3843268 and in the case of our swimming lessons by CAP2, a trading name of Fitronics Limited, a registered company in England and Wales with company registration number 04530620 and VAT registration number GB691316824 with a registered office at 18 Monmouth Place, Bath, BA1 2AY.

Who else uses your data and how

Your information may be passed to and used by all Gym Plus companies. We will only pass your personal data on to third-party service providers contracted to Gym Plus for the purpose of providing our service to you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide to you on our behalf. When they no longer need your data to fulfil this service, they will dispose of your details in line with Gym Plus procedures. We will never pass your personal information to anyone else, except where we are required to do so by law. We may also use and disclose information in aggregate (so that no individual customers are identified) for marketing and strategic development purposes.

Your information and our mobile app

Certain features of our mobile app may offer you the chance to connect to your social networking sites to enable you to follow or be followed by other members of Gym Plus. As a result, Gym Plus may process information from your social networking profile, but only if you consent to allow your social networking site to make information available to the app. You understand that, by creating an account for the mobile app, Gym Plus will be able to identify you by your profile.


Guest Pass, Lead Generation and Enquiry Forms 

This Site does not automatically gather any personal information from you unless you provide it to Gym Plus voluntarily through contacting us via the guest pass or enquiry form. Personal information (such as name, phone number and email address) obtained from the user of this Site is collected, managed, used and disclosed by Gym Plus.

You will be given an option to opt-in to e-mail and SMS communications at this point of form submission. 

If you should choose to provide us with personal information – as in an e-mail or by filling out a website form or Facebook lead generation advertisement form and submitting it to us through the Site – we will use that information to respond to your messages and to help us get the information you have requested. 



CCTV is used in our clubs to provide security for our members, their property and the that of the club. All visitors to the club should be aware that CCTV is in use, as per the signs displayed in the clubs.


A cookie is a small amount of data, which often includes a unique identifier that is sent to your computer browser from our website and is stored on your device’s hard drive in the form of a text file.

Cookies are used to control an online session and provide security such as a time-out function. Gym Plus uses Google Analytics cookies to improve how our website works for users like yourself. For a detailed explanation of how Google Analytics cookies work please visit:

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Advertising and Analytics

1. Facebook Conversion Tracking Pixel

With your permission, our website utilises the Conversion Tracking Pixel service of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (“Facebook”). This tool allows us to know the actions of users after they are redirected to a provider’s website by clicking on a Facebook advertisement. We are thus able to record the efficacy of Facebook advertisements for statistical and market research purposes. The collected data remain anonymous. This means that we cannot see the personal data of any individual user. However, the collected data are saved and processed by Facebook. We are informing you on this matter according to our information at this time. Facebook is able to connect the data with your Facebook account and use the data for their own advertising purposes, in accordance with Facebook’s Data Use policy found under: Facebook Conversion Tracking also allows Facebook and its partners to show your advertisements on and outside Facebook. In addition, a cookie will be saved onto your computer for these purposes.

Only users over 13 years of age may give their permission. If you are younger than this age, please consult your legal guardians.

Please click here if you want to revoke your permission:


2. Facebook Custom Audience Pixel

We use Facebook Custom Audiences to deliver advertisements to Website Visitors on Facebook based on email addresses, page fan data and website visitor information that we have collected. We may use the information we have collected from you to enable us to display advertisements from our Customers to their target audience of users.

A custom audience pixel is a tiny piece of Java script code that we have incorporated into each of our web pages. This piece of code previous a series of functions for transmitting application-specific events and user-defined data to Facebook. We use custom audience pixels to record information about the way visitors use our website. For this reason, each of our web pages contains a custom audience pixel. This pixel records information about the user’s browser session, which it sends to Facebook, along with a hashed version of the Facebook ID and the URL viewed. Every Facebook user has a unique, device-independent Facebook ID that allows us to address and recognise users across a range of devices using the Facebook social network, so that we can address our visitors for commercial purposes using Facebook ads. This user information will be deleted after 180 days, until the user visits our website again. “Custom Audience” respects your privacy. Thus, no personal information about the individual visitors to the website will be disclosed to GYM PLUS and GYM PLUS can only advertise to website customers target groups in a targeted way once the customer target group has reached a critical mass. This makes it impossible for GYM PLUS to discover the identity of individual visitors.

You may learn more about Facebook Custom Audiences by visiting:

3. Google Remarketing

Gym Plus also uses Google Ads tracking cookie as part of remarketing campaigns. This means we will continue to show ads to you across the internet, specifically on the Google Content Network (GCN). As always we respect your privacy and are not collecting any identifiable information through the use of Google’s remarketing system. Google will place cookies on web browsers in order to serve ads based on a user’s prior visits to your website. This allows us to make special offers and continue to market our services to those who have shown interest in our service.

4.  Google Analytics

Our website uses Google Analytics, a web analysis service of Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, (“Google Analytics” or “Google”). Google Analytics employs cookies that are stored to your computer in order to facilitate an analysis of your use of the site. The information generated by these cookies, such as time, place and frequency of your visits to our site, including your IP address, is transmitted to Google’s location in the US and stored there.

In using Google Analytics our website employs the extension “anonymizeIp”. In doing so, Google abbreviates and thereby anonymizes your IP address before transferring it from EU/EEA member states. Google uses this information to analyze your use of our site, to compile reports for us on internet activity and to provide other services relating to our website.

Google may also transfer this information to third parties where required to do so by law or where such third parties process this data on Google’s behalf. Google states that it will in never associate your IP address with other data held by Google. You can prevent cookies from being installed by adjusting the settings on your browser software accordingly as noted elsewhere in this Privacy Policy. You should be aware, however, that by doing so you may not be able to make full use of all the functions of our website.

Google Analytics also offers a deactivation add-on for most current browsers that provides you with more control over what data Google can collect on websites you access. The add-on tells the JavaScript (ga.js) used by Google Analytics not to transmit any information about website visits to Google Analytics. However, the browser deactivation add-on offered by Google Analytics does not prevent information from being transmitted to us or to other web analysis services we may engage.

Google Analytics also uses electronic images known as web beacons (sometimes called single pixel gifs) and are used along with cookies to compile aggregated statistics to analyze how our site is used.

You can find additional information on how to install the browser add-on referenced above at the following link:

For the cases in which personal data is transferred to the US, Google has self-certified pursuant to the EU-US Privacy Shield.

5.  Google Tag Manager (GTM)

Google Tag Manager (GTM”) is a tag management system to manage JavaScript and HTML tags used for tracking and analytics on websites. Tags are small code elements that, among other things, are used to measure traffic and visitor behaviour: to understand the effect of online advertising and social channels; to set up remarketing and orientation towards target groups; and to test and optimize websites. GTM makes it easier for us to integrate and manage our tags.

6.  Third party analytics

We use third party analytics including Google, Hootsuite, Adobe and others to collect information about your use of the Service and enable us to improve how the Services work. The information allows us to see the overall patterns of usage on the Services, helps us record any difficulties you have with the Service, shows us whether our advertising is effective or not and allows us to use responses to advertisements to optimise ad performance.


Live Chat

We use a live chat service on our website provided by a third party called Chat Heroes.

Their privacy policy is available here:

When you use our live chat service, we automatically collect the following information: IP address, browser type and operating system. We will also collect your name, phone number, email address and any other information which you provide to us in order to follow up on an enquiry. If your enquiry is dependant on location, we may also need to confirm a postcode.

Transfer and storage of your information

The information collected by our live chat service is processed by Chat Heroes and their third-party chat service provider, SnapEngage, the privacy policy of which is available here:

SnapEngage stores your information for 60 days. A transcript of your live chat is forwarded to us by SnapEngage via email and stored on our email provider’s (Google) servers. Our Google email provider is Gym Plus.

Live Chat Cookies

Our live chat service uses functional cookies to allow it to function properly. For further information on our cookie policy, please see the section above.

Both SnapEngage and Google (1) transfer(s) and stores(s) your information outside of the European Economic Area.

Legal basis for processing: our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation).

Legitimate interests: we have a legitimate interest in collecting your IP address, browser information and device to better understand our customers as they access our website and live chat service. We have a legitimate interest in collecting your name, email address, phone number and any additional information you provide in order to be able to respond to your enquiry and messages you submit via our live chat service. We ask for your phone number and email address in case we are unable to reach you on one of those means and to ensure that we are able to respond to your enquiry as quickly and effectively as possible. We ask for your name so that we know who we will be contacting, to allow us to ensure we are contacting the correct person and for legal and evidential purposes so that we can identify what we have said to whom and when.

Legal basis for processing : necessary to perform a contract or to take steps at your request to enter into a contract with you (Article 6(1)(b) of the General Data Protection Regulation).

Reason why necessary to perform a contract : where your message or enquiry relates to our goods and services, we will collect your information in order to enter into a contract with you or take steps to enter into a contract with you. This includes the collection of your name, email address and phone number so we know who we are contracting with and so that we can provide you with the information you need in order to be able to enter into a contract with you.

How Long We Retain Your information Live chat transcripts : we store the information from our live chat service for a maximum period of seven (7) years in order to defend against legal claims. This period is the maximum period in which a claim form can be issued and served in respect of contract and tort claims under the Limitation Act 1980 under English law.

Transfers of your information outside the European Economic Area

Live chat Information you submit to us by email is transferred outside the EEA and stored on SnapEngage’s servers in the United States of America.

Country of storage: United States of America. This country is not subject to an adequacy decision by the European Commission.

Safeguard(s) used: our SnapEngage has self-certified its compliance with the EU-U.S. Privacy Shield which is available The EU-U.S. Privacy Shield is an approved certification mechanism under Article 42 of the General Data Protection Regulation, which is permitted under Article 46(2)(f) of the General Data Protection Regulation. You can access the European Commission decision on the adequacy of theEU-U.S. Privacy Shield

The Gym Plus CCTV Policy (Smile!)

We use CCTV to look out for our members, our staff and our stuff. Here are details of how it will be used, what for and how footage will be treated and looked after.

  1. GDPR: CCTV images obtained in the club which include recognisable individuals are personal data and are covered by the applicable Data Protection legislation. This Policy should therefore be read in conjunction with the Gym Plus Data Protection Policy available at, via the Serious Stuff notice board or at reception.
  2. Who: Gym Plus is the Data Controller for the Personal Data captured by our CCTV systems. Some shared sites may require that we use both, our systems in local areas and landlord’s systems in extended areas. The CCTV systems which are under Gym Plus’s control are managed by the Operations Director and Club Manager and operated by Club Staff.
  3. Where: CCTV systems can operate throughout Gym Plus clubs, monitoring dedicated areas defined by a club specific CCTV layout proposal.
  4. Why: Use of a surveillance camera system must always be for a specified purpose which is in pursuit of a legitimate aim and necessary to meet an identified pressing need.
    This includes giving confidence to staff and visitors that they are in a safe and secure environment, protecting the integrity of the site by deterring criminals and to provide evidence to assist with the detection and prosecution of criminal offences.
  5. How: The Operations Director will produce and communicate clear rules and procedures with regards to operating, processing and releasing CCTV images. The procedures are detailed in the Staff Handbook.
  6. Privacy: When deciding to use CCTV in a certain area Gym Plus must take into account its effect on individuals and their privacy and perform regular reviews to ensure its use remains justified.
  7. Transparency: Gym Plus will be transparent in the use of a surveillance camera system, provide a CCTV notice, which could be an image, and publicise a contact point on the website for access to information and complaints in line with our Data Protection Policy.
  8. Confidentiality: The recordings are confidential and available only to those directly connected with operating the system. Copies of recorded information are strictly controlled and only made in relation to incidents under specific restrictions and require the approval described in point 10.
  9. Storage: No more images and information should be stored than that which is strictly required for the stated purpose of a surveillance camera system, and such images and information should be deleted once their purposes have been discharged, after a maximum of 28 days.
  10. Sharing: Access to retained images and information should be referred to the Club Manager and there must be clearly defined rules on who can gain access and for what purpose such access is granted; the disclosure of images and information should only take place when it is necessary for such a purpose or for law enforcement purposes. And always require previous written approval of the Operations Director.
  11. Safeguarding: Surveillance camera system images and information should be subject to appropriate security measures to safeguard against unauthorised access and use.
  12. Compliance: There should be effective and periodic review mechanisms to ensure legal requirements, policies and standards are complied with in practice and to ensure that the system is working properly and produces the required images.
  13. We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device’s IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link.You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.

This CCTV Policy is valid immediately from 2nd July 2018, amended 23rd May 2019.