Privacy Policy

Introduction

gardenmkpg B.V. ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our weight loss and body transformation services, visit our facility, or interact with our website.

As a Data Controller under the General Data Protection Regulation (GDPR), gardenmkpg takes data protection seriously and operates in full compliance with applicable privacy laws in the Netherlands and the European Union.

Data Controller Information

gardenmkpg B.V.
Registration Number: B632025754
VAT Number: NL620156347B02
Address: Kerkstraat 99, 9720 DQ Groningen, Netherlands
Email: privacy@gardenmkpg.top
Phone: +31 101838202

Data Collection

The data we collect includes personal information that you provide to us when using our services, visiting our facility, or contacting us. This includes but is not limited to:

• Personal identification information (name, email address, phone number, date of birth)
• Health and fitness information (medical history, fitness goals, dietary requirements, body measurements)
• Contact and communication data (enquiries, feedback, support requests)
• Payment and billing information (payment method, billing address, transaction history)
• Website usage data (IP address, browser type, pages visited, time spent on site)
• Progress tracking data (workout logs, body composition changes, photos with consent)

How We Use Your Information

We explain how we use your information for the following purposes, based on legitimate interests and your consent where required:

• Providing personalised weight loss and body transformation services
• Creating customised workout and nutrition plans
• Monitoring your progress and adjusting programmes accordingly
• Communicating about appointments, schedule changes, and programme updates
• Processing payments and managing your account
• Ensuring health and safety requirements are met
• Improving our services and developing new programmes
• Complying with legal and regulatory requirements

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract Performance: To provide our fitness and nutrition services
• Legitimate Interests: To improve our services and communicate with you about relevant offerings
• Consent: For marketing communications and special category data (health information)
• Legal Obligation: To comply with health and safety regulations and tax requirements

Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share your information with:

• Qualified fitness and nutrition professionals within gardenmkpg
• Payment processors for secure transaction handling
• Healthcare providers when referrals are necessary (with your consent)
• Legal authorities when required by law or to protect safety
• Service providers who assist with our operations (under strict confidentiality agreements)

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy:

• Active client data: For the duration of your membership plus 3 years for health and safety records
• Financial records: 7 years as required by Dutch tax law
• Health information: 5 years after last service provision
• Marketing consent: Until withdrawn or 3 years of inactivity
• Website analytics: 26 months maximum

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data under certain circumstances
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for specific processing activities

To exercise these rights, please contact us at privacy@gardenmkpg.top or call +31 101838202.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encrypted data transmission and storage
• Regular security assessments and updates
• Restricted access to personal data on a need-to-know basis
• Staff training on data protection principles
• Secure disposal of data when no longer needed

Cookies and Website Analytics

Our website uses cookies and similar technologies to enhance your browsing experience and analyse site usage. For detailed information about our cookie practices, please see our Cookie Policy.

International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Children's Privacy

Our services are designed for adults aged 18 and over. We do not knowingly collect personal data from children under 16 without parental consent. For clients aged 16-18, we require parental or guardian consent before providing services.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by email or through our website. The "Last updated" date at the top of this policy indicates when the most recent changes were made.

Contact Us

If you have questions about this Privacy Policy or how we handle your personal data, please contact us:

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data appropriately.