Effective Date: December 6, 2020
Last Modified Date: November 15, 2020
Definition of Personal Information
“Personal Information” refers to information that allows you to be directly or indirectly identified as an individual person, including without limitation your name, last name, street address, city, state, zip code, phone number, and e-mail address.
Personal Information we collect
We collect Personal Information when you purchase our Services through the Website and during the provision of such Services by us. You, or a third party acting on your behalf, may give us your Personal Information by providing that information in connection with a request for Services or by corresponding with us by mail, phone, email or otherwise in connection to the Services, or by directly interacting with us. HHRT does not collect personal identifying information except with your personal consent, and this information is never shared with any other party except as disclosed in this policy or otherwise with your personal consent. Any personal information you provide such as run distances, race times, or training routines will be used only for the purpose for which you supply it, such as for athletic training. We do not sell or rent your e-mail address to third parties, except in connection with payment or coaching services.
Processing Personal Information
Personal Information Storage
HHRT may store your Personal Information in our database.
Personal Information Disclosure
Protection of Personal Information
HHRT implements physical, technical, and administrative measures to prevent unauthorized access to or disclosure of your Personal Information, to ensure the appropriate use of Personal Information, and otherwise safeguard your Personal Information. Our team will use its best efforts to review and improve our security practices to help ensure the integrity and safety of our database and systems where we store Personal Information. These practices may include granting the access to stored Personal information only to persons working at HHRT or HHRT partners who are expressly authorized by HHRT, and other security practices in accordance with appropriate industry standards. Although we make efforts to store Personal Information in a secure operating environment that is not available to the public. We cannot guarantee the absolute security of such Personal Information during its transmission or its storage on our database or systems. There may be factors beyond our control that may result in unauthorized access to or disclosure of Personal Information. HHRT will post a notice on our website at www.johnhenwood.com, or provide you with prompt notice in the event a material security breach may endanger your privacy or Personal Information.
European Global Data Protection Regulation
HHRT understands that registration information as well as any payment information made through our partners and vendors may be considered Personal Information subject to the European Union Global Data Protection Regulations (GDPR). HHRT endeavors to comply with GDPR, including but not limited to a) protecting your right to have your Personal Information collected only after you have speciﬁcally taken action to approve the collection of your Personal Data, b) the right to access a mechanism to withdrawal that approval and have your Personal Information promptly removed from our internal database, c) using industry standard best practices to maintain care, custody, and control over any personal data we collect, and d) reporting as prescribed by GDPR any breach of Personal Information within 72-hours of our discovery of such breach. HHRT believes the nature and scope of the personal data it collects does not require the designation of a GDPR Data Protection Officer.
And, we aim to store as little Personal Information as possible. We store your name and e-mail (and physical address, if necessary) and information provided to us in the questionnaire we provide clients in order to process orders, provide services, send invoices, and communicate with clients. We do not store your credit card information, which you provide directly to our payments provider.
We may share parts of your data with the third party vendors that we require to make your products and services work, including:
- Stripe: For processing payments. You provide your name, email and credit card information directly to Strip. We do not collect your credit card information and that information is never stored anywhere in our system or database.
- Final Surge: For training program. Final Surge has access to all information provided in connection with any training program but not information provided only in the intake questionnaire. Final Surge also has access to your running data collected from certain tracking platforms you may use, such as Strava, Garmin, Polar, and Under Armour.
- Yahoo Mail and other e-mail providers: For email communication with our customers.
Modifying or Deleting Your Data
If you wish to access, modify or delete your data please send and email to email@example.com with your request and we will make sure to process it as quickly as possible. If you have any questions or concerns please contact us using the same e-mail address.
HHRT is committed to protecting the privacy of children as well as adults. Our Services are not designed for, intended to attract, or directed toward children under the age of 18. A parent or guardian, however, may provide Personal Information related to, his or her child who is under the age of 18 in connection to the Services. The parent or guardian assumes full responsibility for ensuring that such Personal Information that he or she provides to us about his or her child is kept secure and that the information submitted is accurate. Except where otherwise expressly indicated we do not knowingly collect or store any Personal Information from children under the age of 13. If a parent or guardian becomes aware that his or her child who is under 18 has provided us with Personal Information without their consent, he or she should contact us immediately at firstname.lastname@example.org and we will delete such Personal Information within a reasonable time.
You are entitled to the following rights as to your Personal Information. Please note that any right described below applies only to information you provided us in connection to the Services.
- Right to deletion and restriction of processing: you may ask us to delete or remove your Personal Information from our systems that: (a) is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) was collected in relation to processing to which you previously consented, but later withdrew such consent; or (c) was collected in relation to processing activities to which You object, and there are no overriding legitimate grounds for our processing. You may also ask to restrict the processing of your Personal Information if one of the foregoing conditions applies. If your request is in compliance with one of the foregoing conditions for deletion or removal or restriction of processing set forth hereunder, we will comply with your request as soon as reasonably possible.
- Right to data portability: you have the right to receive Personal Information you requested access to hereunder in a structured, commonly used and machine-readable format.
- Right to transfer: you may request the transfer of your Personal Information to you or to a third party. We will provide to you, or a third party you have expressly indicated, your Personal Information in a structured, commonly used, machine-readable format.