The General Data Protection Law (LGPD) should be a topic that any establishment that deals with data on a daily basis is familiar with. In the case of gyms, they deal with requests for registration, services and with several customers, data subjects, within Brazil. The LGPD was created to protect rights and guarantee the privacy and security of individuals. Your business must comply with the law.
Every gym needs to be extremely careful, knowing that some information, when compared to other businesses, may be requested with the promise of “better service and monitoring”. Your gym must be transparent about the data collected, whether it is the most popular data collected or some sensitive data, such as health data, which is also requested.
What data are commonly collected by gyms?
Full name, date of birth, CPF, telephone number, email, are some examples. Most of which are requested in order to whatsapp data the registration. The purpose of the collection is to sign the contract, most of the time for specific data. In other words, only those who have created a relationship with the gym and closed their registration, having already made the payment, will be able to perform the exercises.
In addition, there is also the possibility of registering your fingerprint to enter the gym, the so-called biometrics, which is sensitive data and serves to control access by authorized people.
LGPD in gyms: what about medical data?
When entering a gym, it is not why web accessibility is important for some health-related information to be requested, even to track progress. In a situation like this, information such as weight and height are requested or measured on the spot, if the client does not already know this information.
The purpose of the data collection must be clear and transparent. In addition, the data subject must also be aware of how their information can be monitored, such as their weight. Furthermore, as soon as the student is no longer a member of the gym, this data must be deleted.
Ultra-sensitive data, which requires the permission of a guardian to process the information, should also be a concern. One example is data from minors , which requires parental authorization to be processed.
How can I have transparent communication?
To explain something like this, be b2b reviews to use simple languag. That is understandable to all students at the gym. It’s all about awareness and security! The data subject has the right to know that their data is safe. It is the company’s obligation to take care of it.
At this point, it is believed that the assistance of a professional is necessary. To establish and work on the best way to prepare a communication of the Terms of Service and Contracts. In addition to their disclosure and transparency process for all audiences.