SweatWorks Oy (Fit⁺), Business ID 3544330-3, Hyytänpiha 1, 20400 Turku, Finland ("Fit⁺", "we", "us") respects your privacy. This Privacy Policy explains how we process personal data of clients, partners, and visitors who use our services or interact with us.
Our services are intended for users in the EU/EEA. We comply with the EU General Data Protection Regulation (GDPR) and the Finnish Data Protection Act. Fit⁺ is the data controller for the personal data described in this policy.
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date.
1. Data Controller and Processors
Data controller means the party with overall responsibility for data processing. Data processor means a party that processes Personal Data on behalf of and under the instructions of a data controller, subject to a data processing agreement.
For Personal Data processed in connection with the Services, the data controller is:
SweatWorks Oy (Fit⁺)
Business ID: 3544330-3
Hyytänpiha 1, 20400 Turku, Finland
Email: aya@fitplus.co
Fit⁺ uses the following types of processors to provide the Services, subject to separate agreements:
Customer relationship and communication tools, currently a CRM and marketing automation provider (for example HubSpot)
Website and application hosting providers, currently located within the EU or EEA
Analytics providers that help us understand how the Services are used
Professional advisers, such as lawyers and accountants, when necessary
Personal data is not transferred, or processed by Fit+ or its sub-processors outside the EU/EEA. Fit⁺ does not sell Personal Data to third parties.
2. Personal Data and Legal Basis for Processing
Personal Data is processed in connection with the Services in compliance with the GDPR and relevant national privacy legislation. Personal Data is processed only for purposes made known to you and on a lawful basis as set out in Article 6 of the GDPR.
2.1 Categories of Personal Data
We only collect the Personal Data that is necessary to provide our Services and manage our relationship with you. In particular, we process the following categories of Personal Data:
Contact and account information
Name, email address, company name, phone number (if provided) and other details you provide during registration or when you contact us. This is used to create and manage your account, provide support and manage our relationship with you.Partner information and photographs
Images, venue or company details and other information provided by partners during registration or onboarding. This is used to identify partners, verify their details and deliver the Services.Usage and technical information
Log in data, device information, IP address, page views and similar information collected when you use our Services. This is collected for example via cookies or similar technologies in order to operate and secure the Services and to understand how they are used.Marketing preferences
Information about whether you have opted in to receive marketing communications from us.Inquiries and contact forms
When you submit a query via our website, such as by filling in a contact form or signing up for a newsletter, we collect your name, email address, company name (if provided) and the content of your message. We use this information to respond to your inquiry and, if you choose to opt in, to send marketing communications. We only collect fields necessary for these purposes and do not use your message content for unrelated marketing.
We do not intentionally collect special categories of Personal Data, such as health data, unless you provide such data explicitly and with your consent.
We use cookies and similar technologies as part of collecting usage and technical data. Non essential cookies that are used for analytics or marketing are placed only where consent has been freely given. We do not use pre ticked boxes or cookie walls.
Whenever you submit data directly on our website, we provide a short summary of this Privacy Policy and a link to the full policy at the point of collection.
2.2 Legal Basis and Retention
The section below explains the main categories of personal data we process in connection with our services, the legal basis for each purpose, and why we collect this information. Data is stored only for as long as necessary to fulfil these purposes or to meet legal requirements.
Purpose: Account creation and service provision
Data category: Contact information, partner details
Legal basis: Contract
Explanation: We need this data to create your account, provide our services, and fulfil our contractual obligations.
Purpose: Partnership management
Data category: Photos and partner details
Legal basis: Legitimate interests
Explanation: We have a legitimate interest in verifying partner identities and ensuring smooth cooperation. We balance this interest against your rights.
Purpose: Marketing communications
Data category: Contact information, marketing preferences
Legal basis: Consent
Explanation: We send marketing messages only if you have given explicit consent. You may withdraw consent at any time.
Purpose: Compliance with legal obligations
Data category: Contact information
Legal basis: Legal obligation
Explanation: We may need to retain some data to comply with accounting or other legal requirements.
Purpose: Analytics and website operation
Data category: Usage information
Legal basis: Legitimate interests
Explanation: We use analytics to improve our website and services and pseudonymise data where possible.
We do not use your Personal Data for automated decision making that produces legal effects concerning you or similarly significantly affects you.
3. Security
Your Personal Data will be protected by reasonable security safeguards against accidental loss, unauthorised processing, destruction, use, modification or disclosure.
Fit⁺ employs appropriate technical and organisational security measures in order to protect your Personal Data. These include for example:
Limiting access to Personal Data to authorised personnel and service providers who need access for their tasks
Encryption of data in transit and, where possible, at rest
Use of secure networks, firewalls and monitoring tools
Regular reviews and updates of security practices
Contractual and confidentiality obligations for personnel and processors
The safeguards we employ are proportionate to the likelihood and severity of potential risks, the sensitivity of the Personal Data and the context in which it is processed.
4. Your Rights as Data Subject
Under the GDPR, you as a data subject have the following rights with regard to your Personal Data, as specified in Articles 15 to 21 of the GDPR:
Access – obtain confirmation of whether we process your data and request a copy of your data.
Rectification – ask us to correct inaccurate or incomplete personal data.
Erasure (right to be forgotten) – request deletion of your personal data when it is no longer needed or you withdraw consent.
Restriction – request that we restrict the processing of your personal data under certain circumstances.
Portability – receive your data in a structured, commonly used format and request that we transmit it to another controller.
Objection – object to processing based on legitimate interests or for direct marketing purposes.
Withdraw consent – withdraw any consent you have provided at any time. Withdrawing consent will not affect the lawfulness of processing before the withdrawal.
Please let us know if you are unhappy with how we have used your personal information. We would always appreciate the opportunity to resolve your complaint for you in the first instance.
You can contact us by emailing aya@fitplus.co. You also have the right to complain to the regulator and to lodge an appeal if you are not happy with the outcome of a complaint. In Finland, this is the Tietosuoja, who can be contacted here: https://tietosuoja.fi/en/private-persons
5. Contact Information Regarding Data Privacy Matters
Fit⁺ is committed to ensuring that the Personal Data it processes is accurate, complete and kept up to date to the extent necessary for the purposes for which it is processed.
If you wish to exercise any of your rights as a data subject, rectify inaccuracies or request deletion of Personal Data relating to you, or if you have any questions, comments or concerns about this Privacy Policy or our processing of Personal Data, you can contact:
SweatWorks Oy (Fit⁺)
Business ID: 3544330-3
Hyytänpiha 1, 20400 Turku, Finland
Email: aya@fitplus.co
You also have the right to contact or lodge a complaint with the relevant data protection authority. In Finland, the relevant authority is the Data Protection Ombudsman, whose website is available at: https://tietosuoja.fi/en/private-persons
For privacy protection purposes, you may be asked to provide proof of identification and other relevant details when exercising your rights.
6. Changes to the Privacy Policy
This Privacy Policy may change from time to time. An updated version will be posted on Fit⁺'s website, thereby superseding earlier versions.
If there are changes that materially alter our privacy practices, Fit⁺ may also notify you by other means, such as by email, by notice within the Services or on Fit⁺'s social media pages within a reasonable time before the changes take effect.