ARTICLE 1 – Definitions
- Platform means the infrastructures developed by FizzUp, which include various types of data, including texts, audio, still or animated images, videos and databases to be accessed and used on the web, smartphone, television and smartwatch platforms connected to FizzUp.
- “Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
- “Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
- “Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
- “Data subject” means any natural person whose data are being
- “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
ARTICLE 2 – Scope of application
ARTICLE 3 – Identity of the controller
ARTICLE 4 – Collection and processing of personal data
FizzUp may collect and process personal information about you, as part of its platform operations. These data are collected and processed in compliance with the purposes for which the data are collected, being:
- the registering of an account on one of its platforms.
- user registration via Facebook, Google or Apple.
- the proper operation of the platforms with regard to their functionalities.
- operations relating to customer management, customer development, to the sale, rental or exchange of the existing and potential client database and drawing up statistics relating to customer visits.
- the referral program for which FizzUp will send a message to the person referred and will store the data of the person referred in order to send him or her other messages, only if FizzUp has obtained the express consent of the person referred.
- The find friends feature uses email addresses stored in your contacts to propose friends who also use FizzUp. This information is only used for this purpose. FizzUp will never contact these users directly for any other purpose than to send the invitation requested by the user.
- if you are a user, you can request to be removed from the list of email addresses used for customer development by email at any time by sending a message, which will be followed by an acknowledgment of receipt, to the following address: email@example.com.
- the carrying out of the contract to which the user is, where applicable, a part.
Should the data be used for any other purposes, FizzUp undertakes to both specify these purposes and obtain the prior consent of the data subjects before the data are processed.
The form through which data are collected will indicate with an asterisk which of those data are optional and which are mandatory. Data subjects will be informed of the possible consequences of any failure to give the information requested.
FizzUp shall, in any event, undertake to process the collected data in compliance with the French law no. 78–17 of 6 January 1978, amended 6 August 2004 and GDPR.
ARTICLE 5 – Collection, processing and use of data on FizzUp’s platforms
FizzUp is required to collect, process and use data transmitted to third-party services, as part of the proper operation of the FizzUp platforms, which are listed below:
- Newsletters: In order for us to send you our newsletters by email, you must provide us with a valid email address. You can unsubscribe via the unsubscribe link at the bottom of each email, in the legal notice or under your account settings.
- Apple HealthKit: Used in order to share with the Apple HealthKit Framework the number of workouts, the cumulative workout duration and the number of calories burned during workouts saved on the iPhone and Apple Watch platforms, only after having obtained your express consent. HealthKit data are not used for personalization or commercial purposes, and we do not share this data with third parties. For more information on HealthKit, please go to https://developer.apple.com/documentation/healthkit.
- Google Fit: Used in order to share with Google Fit from Google the number of workouts, the cumulative workout duration and the number of calories burned during workouts saved on Android platforms, only after having obtained your express consent. Google Fit data are not used for personalization or commercial purposes, and we do not share this data with third parties. For more information on Google Fit, please go to https://www.google.com/fit/.
- Facebook: In order to target online ads and analyze their effectiveness, Facebook collects events on the use of platforms (such as user registration, workout saved and purchase) and on the purchase amount. We inform you that Facebook stores this data and has the possibility of linking this information to your Facebook account and using it for its own promotional purposes, in accordance with Facebook’s Data Policy. You are entitled to object your data to be collected by Facebook Pixel and to object your data to be processed for publications or advertisements purposes by Facebook. Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection law.
ARTICLE 6 – Rights of data subjects
Data subjects have the right to data portability and the right to access, rectify, oppose, erase and restrict their personal data, except when such processing is a legal requirement. Data subjects can request to access and recover all of their data. These rights can be exercised, in compliance with GDPR by sending an email to the following address: firstname.lastname@example.org.
ARTICLE 7 – Anonymization
All collected data are stored in a format allowing for the identification of the data subjects for a period commensurate with fulfilling the purposes for which the data are collected and processed. FizzUp will anonymize the data as soon as processing has been completed or the user’s account has been closed unless otherwise stipulated by the law or existing regulations. In this case, the data are kept in compliance with the current limitation periods.
Data subjects also have the right to the erasure of personal data, the right to restrict processing and the right to data portability. Users have the right to withdraw their consent at any time, without jeopardizing the lawfulness of the processing based on the consent made before the withdrawal thereof and the right to lodge a complaint with the French National Commission on Informatics and Liberty (CNIL).
ARTICLE 8 – Transfer of personal data
Personal data collected through the platforms are reserved exclusively for FizzUp who may communicate the personal data of the data subjects in order to provide support, perform satisfaction surveys and carry out statistical studies. Any communication of personal data is performed in compliance with the rules of anonymization set out in Article 6 “Anonymization.” The recipients of your data are within the limits of their respective area of responsibility:
- the authorized staff of the marketing department, sales department, customer relations and customer development departments, administrative departments, logistics and IT departments and their line managers
- the authorized staff of the services in charge of inspections (auditors, services responsible for internal inspection procedures, etc.)
- the authorized staff of the FizzUp service providers involved in the processing of your personal data, once the contract signed between them and FizzUp mentions the obligations incumbent on the processors regarding the protection of data security and confidentiality (Article 28 of the GDPR) and specifies in particular the security objectives to be achieved
Those who may also be data recipients:
- partners, outside companies or subsidiaries of the same group of companies, subject to prior consent, in compliance with Article 4.11 of the GDPR
- organizations, officers of the court and judicial officers in the scope of their role to recover payments
FizzUp also reserves the right to transmit personal data of the data subjects in order to meet legal requirements, especially when required to do so by a judicial authority.
FizzUp hereby informs you that your data may be transferred outside the European Union. Should this be the case, FizzUp undertakes not to transfer such data out of the European Union without the prior written consent of the customer and on condition that the Recipient country offers appropriate guarantees and provided that the persons have enforceable rights and effective legal remedies in compliance with Article 46 of the GDPR.
ARTICLE 9 – Security
In compliance with Articles 34 and 35 of French law no.78–17 of 6 January 1978 amended 6 August 2004 and to Article 32 of the GDPR, FizzUp takes all the necessary technical and organizational steps required to ensure the security and confidentiality of all personal data collected and processed and to prevent the said data being distorted, damaged or communicated to unauthorized third parties, by maintaining a level of security commensurate with the risks relating to the processing and type of data requiring protection, in line with the technological level and the cost of implementation.
ARTICLE 10 – Applicable law and settlement of disputes
J'obtiens mon plan d'entrainement