PRIVACY POLICY

HUPEX Privacy Policy

Effective Date: July 16, 2025

At HUPEX, we care about your privacy. This Privacy Policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and Cyprus data protection laws.

What Personal Data We Collect

We collect personal data when you register, book a class, use our website, or contact us. This may include:

Your full name, email address, and phone number
Payment details (handled securely by third-party providers)
Health declarations or signed waivers (for safety and liability purposes)
Communication preferences
Website usage data (e.g., pages visited, error logs, device/browser type)

We do not collect sensitive data unless necessary and with your explicit consent (e.g., medical information related to class participation).

How We Use Your Data

We process your personal data to:

Manage your account, class bookings, and membership
Communicate with you about your schedule, account, or updates
Ensure health, safety, and legal compliance within our facility
Improve our website, services, and customer experience
Send marketing communications (only with your consent)

Legal Basis for Processing

We process your data lawfully based on the following GDPR legal grounds:

Consent – for marketing or optional services
Contractual necessity – to provide the services you requested (e.g., bookings)
Legal obligations – such as health and safety regulations
Legitimate interests – to operate, analyze, and improve our services

Your Rights Under GDPR

You have the right to:

Access your personal data
Correct inaccurate or incomplete data
Delete your data (“right to be forgotten”)
Withdraw consent at any time (e.g., unsubscribe from emails)
Restrict or object to data processing in some cases
Data portability – request a copy of your data in a machine-readable format

To exercise your rights, contact us at 99 919 512 We will respond within 30 working days.

Sharing of Personal Data

We do not sell your personal data. We may share your data with trusted third parties only when necessary:

Payment providers for secure transactions
Booking or scheduling platforms
Legal or regulatory authorities, if required by law

All third-party processors are GDPR-compliant and bound by data protection agreements.

International Data Transfers

If your data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, such as:

Standard Contractual Clauses approved by the European Commission
Transfers to countries with adequate data protection standards

Data Security

We use technical and organizational measures to protect your data, including:

Encrypted storage and secure servers
Access control (staff access is restricted and monitored)
Regular audits and system updates

Data Retention

We retain your personal data only as long as necessary for the purposes stated in this policy
or to meet legal obligations.

Membership and contact data: retained for the duration of your relationship with us
Waivers and safety-related documents: retained for a longer period to comply with legal liability requirements
Website analytics: anonymized and retained for system improvement

Cookies and Website Tracking

Our website may use cookies to enhance your user experience, understand site performance,
and support essential features.

Children’s Privacy

Our services are intended for individuals aged 18 and older. If you are under 18, you must have a parent or guardian' s consent before using our services or providing personal data.

Policy Updates

We may update this Privacy Policy from time to time. Significant changes will be communicated via email or posted clearly on our website. Please check back periodically to stay informed.

Contact Us

If you have any questions, concerns, or requests about your data, contact us at:

info@hupex.fitness
(+357) 99 919 512