1. Scope
This Privacy Policy explains how C. ELEFTHERIOU LIFESTYLE FITNESS CLUB LIMITED, trading as Eleftheriou Lifestyle Club ("Eleftheriou Lifestyle Club," "we," "us," or "our"), collects, uses, stores, and shares personal data when you use our mobile application, website where applicable, and related services.
These services may include, as applicable:
account registration and account management; membership and package display; QR-code access and related account display features; class browsing; class bookings, cancellations, and waitlists; service notifications; and customer support and administrative functions.
This Privacy Policy applies to personal data processed by or on behalf of Eleftheriou Lifestyle Club in connection with those services. It does not apply to third-party websites, app stores, payment providers, or other third-party services that have their own terms or privacy notices.
2. Controller and Contact Details
For the purposes of applicable data protection law, the data controller is:
Eleftheriou Lifestyle Club Legal entity: C. ELEFTHERIOU LIFESTYLE FITNESS CLUB LIMITED Registered / business address: Andrea Livardou Street 4, Katholiki, 3020, Limassol, Cyprus Email: info@eleftherioufitness.com
Telephone: +357 25 715800
Privacy contact: Administration / Privacy Team Privacy email: info@eleftherioufitness.com
The mobile application may be developed, hosted, maintained, or technically supported by third-party service providers acting on our behalf, including G. M. POWERSOFT COMPUTER SOLUTIONS LIMITED or other technical providers. Such providers act as processors or service providers unless otherwise stated.
3. Categories of Personal Data
Depending on how you use the services, we may process the following categories of personal data.
3.1 Account and Profile Data
full name; email address; telephone number, where provided; username or account identifier; password or authentication-related data, stored securely or via an authentication provider, as applicable; customer profile image or customer photo, where used; account status and related account information; membership renewal date and expiry date, where applicable; and staff account, staff role, permissions, and user-role data, where applicable.
3.2 Membership and Access Data
membership or package type; membership status; membership expiry date; remaining days until membership expiry; access-related status information; and QR-code related account display and verification data.
3.3 Class and Booking Data
classes viewed; classes booked; class type, level, duration, and location; instructor details displayed in connection with classes; booking status; cancellation status; waitlist status; and automatic waitlist promotion records.
3.4 Notification and Communication Data
records required to send service notifications relating to: membership expiry; booking confirmations; booking reminders; booking cancellations; waitlist updates and promotions; and important service or account notices; device push-notification token or similar notification identifier, where push notifications are enabled; and records of communications you send to us for support or service requests.
3.5 Technical, Device, and Usage Data
Where necessary to operate, secure, and troubleshoot the app and related services, we may process:
device type; operating system and app version; general technical logs; login and session records; error, crash, and diagnostic records; IP address or network-related technical data, where logged by our systems or service providers; and service usage records reasonably necessary for security, troubleshooting, fraud prevention, and service administration.
3.6 Administrative and Operational Data
records needed to manage users, staff accounts, permissions, and internal roles; service administration records; audit and security records; support case records; and internal records reasonably required to operate, secure, troubleshoot, and administer the services.
3.7 Data We Do Not Intend to Collect Through the App
Unless specifically stated otherwise in a service-specific notice, Eleftheriou Lifestyle Club does not intend through the mobile application to collect:
precise geolocation data; microphone or audio recordings; contact-list data; advertising identifiers for third-party advertising; payment card details directly within the app; or special-category health data through the app interface.
If any of the above changes, we will update this Privacy Policy and any relevant app-store privacy disclosures as required.
3.8 Sources of Personal Data
We generally collect personal data:
directly from you when you register, sign in, update your account, book classes, join waitlists, upload a profile image, contact us, or otherwise use the services; from authorized staff, administrators, instructors, or reception personnel where reasonably necessary to create or manage your account, membership, bookings, or support requests; and from technical service providers acting on our behalf where reasonably necessary for hosting, authentication, support, diagnostics, and service maintenance.
4. How We Use Personal Data
We may use personal data to:
create, maintain, and administer customer, staff, and administrator accounts; verify membership status and display account-related information; display class information, including instructor, level, duration, and location; enable class bookings, cancellations, waitlists, and automatic waitlist promotion; display membership and account details within QR-code features of the mobile application; manage customer profile images and related account displays; send service notifications and essential operational messages; provide customer support and respond to inquiries or requests; administer user roles, staff permissions, and operational access; operate, maintain, secure, troubleshoot, support, and improve the services; detect, prevent, and investigate misuse, unauthorized access, fraud, or technical incidents; maintain internal records and audit trails; and comply with applicable law, legal process, regulatory requirements, and record-keeping obligations.
5. Legal Bases for Processing
Where applicable law requires a legal basis for processing, we rely on one or more of the following:
Performance of a contract or steps taken at your request before entering into a contract, including providing your account, class booking functions, membership-related services, QR-code features, and related support. Legitimate interests, including operating the business, managing memberships and classes, maintaining service security, preventing misuse, supporting customers, managing staff permissions, and sending essential service communications. Consent, where consent is required under applicable law for a specific processing activity. Compliance with legal obligations, where processing is required by applicable law, regulation, court order, lawful request, tax requirement, or record-keeping obligation.
Where we rely on legitimate interests, we do so only where those interests are not overridden by your rights and freedoms under applicable law.
5.1 When Personal Data Is Required
Some personal data is required for us to provide the services. For example, we may need certain account, membership, booking, and technical operational data in order to:
create and maintain your account; verify your membership status; process bookings and waitlists; display relevant account or QR-code features; send essential service notifications; and provide customer support.
If you do not provide required personal data, we may be unable to create or maintain your account, provide the relevant service feature, process a booking, or respond effectively to your request.
Where data is optional, we will indicate this where reasonably practicable.
5.2 Automated Processing and Waitlist Management
We may use rules-based automation to administer operational service features, such as automatic waitlist promotion when a class space becomes available.
We do not carry out solely automated decision-making or profiling through these services that produces legal effects or similarly significant effects on you. If that changes, we will update this Privacy Policy and provide any additional information required by law.
6. Recipients and Sharing
We may share personal data with the following categories of recipients, only where reasonably necessary:
authorized Eleftheriou Lifestyle Club personnel, including staff and administrators; instructors and operational personnel, where needed for class delivery and booking management; platform providers and technical service providers that support the mobile application, website, hosting, authentication, communications, diagnostics, maintenance, and security; professional advisers, auditors, insurers, accountants, or legal representatives, where needed for legitimate business or legal purposes; and courts, regulators, law enforcement, supervisory authorities, or other authorities, where required by law or lawful process.
Within the services, some data may be intentionally displayed as part of the service design. For example:
instructor information may be displayed on class cards and class details; and customer-facing QR-code screens may display the customer's name, membership or package type, membership expiry information, remaining days, and customer photo where those features are enabled.
We do not sell personal data and do not disclose personal data to third-party advertising networks for their own marketing purposes through this app.
7. International Transfers
We may use service providers or technical infrastructure that store or access personal data in countries other than the country in which the data was originally collected, including countries outside the European Economic Area.
Where personal data is transferred outside the European Economic Area, we will take steps intended to ensure that an appropriate level of protection applies under applicable law. Depending on the circumstances, this may include:
an adequacy decision; standard contractual clauses; or another lawful transfer mechanism recognized under applicable law.
You may contact us using the details in this Privacy Policy to request further information about applicable transfer safeguards, where required by law.
8. Retention
We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the services, manage memberships and bookings, maintain staff access, resolve disputes, enforce applicable terms, protect security, and comply with legal obligations.
In general:
account and membership data are retained while the account or membership remains active and for a reasonable period afterward; booking, cancellation, and waitlist records are retained for as long as needed to administer classes, resolve service issues, and maintain operational records; customer images are retained until removed, replaced, or no longer needed for the relevant account feature; technical, security, and diagnostic records are retained for as long as reasonably necessary for security, troubleshooting, fraud prevention, and system administration; staff account and role-management records are retained while the relevant role remains active and for a reasonable administrative period afterward; and records required for legal, regulatory, tax, accounting, security, or audit purposes may be retained longer where required or permitted by law.
9. Your Rights
Subject to applicable law, you may have the right to:
request access to your personal data; request correction of inaccurate or incomplete personal data; request deletion of your personal data; request restriction of processing; object to certain processing; request portability of personal data you provided, where applicable; withdraw consent where processing is based on consent; and lodge a complaint with a competent supervisory authority.
We may need to verify your identity before responding to a rights request. Some rights are subject to legal exceptions and limitations.
If you are in Cyprus, you may also have the right to lodge a complaint with the Office of the Commissioner for Personal Data Protection or another competent supervisory authority.
10. Account Deletion and Data Deletion Requests
You may request deletion of your account or personal data using the methods made available by Eleftheriou Lifestyle Club.
Deletion routes:
In-app deletion: available through the app account settings, where enabled; Email request: info@eleftherioufitness.com
Please note:
booking cancellation is separate from account deletion and does not by itself delete your account or personal data; we may need to verify your identity before processing a deletion request; and we may retain certain information after deletion where necessary to comply with legal obligations, maintain security or fraud-prevention records, resolve disputes, enforce terms, or preserve records necessary for legitimate business administration.
If the app supports account creation, Eleftheriou Lifestyle Club should ensure that account deletion is made available in a manner consistent with applicable app-store requirements.
11. Children's Privacy
Our services are not intended to collect personal data from children without appropriate authorization where required by law. If a child uses the services, we expect that use to occur in accordance with applicable membership rules and any required parent or guardian involvement.
If you believe personal data relating to a child has been provided without appropriate authorization, please contact us so the matter can be reviewed.
12. Security
We use reasonable technical and organizational measures intended to protect personal data against unauthorized access, disclosure, alteration, loss, and destruction. These measures may include:
access controls; authentication controls; role-based permissions; administrative safeguards; secure hosting and backup practices; and security monitoring and incident handling processes, where appropriate.
No method of transmission over the internet or method of electronic storage is completely secure. We therefore cannot guarantee absolute security.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes to the services, operations, legal requirements, or data-processing practices.
The updated version will be posted on the relevant legal or privacy page and will take effect from the stated "Last updated" date unless otherwise specified.
Where required by applicable law, we will provide additional notice of material changes.
14. Contact
For privacy questions, requests, or complaints, please contact:
Eleftheriou Lifestyle Club
Legal entity: C. ELEFTHERIOU LIFESTYLE FITNESS CLUB LIMITED
Address: Andrea Livardou Street 4, Katholiki, 3020, Limassol, Cyprus
Email: info@eleftherioufitness.com
Telephone: +357 25 715800
Privacy contact: Administration / Privacy Team
For technical mobile-app support, app-store listings or support pages may also identify the relevant app developer or technical support channel, where applicable.