Privacy Policy
Privacy (transparency) notice pursuant to General Data Protection Regulation Arts 13 and 14.
Critical Fit is a platform developed by Critical Software (“we”, “our”) which aims to raise money for charitable institutions by pledging a donation when our athletes achieve a monthly workout time-based goal.
This notice is intended for subscribers to the Critical Fit platform (referred to as “Critical Fit”). We define subscribers (“data subjects”) as members of the Critical Software community who have been given access to Critical Fit through subscribing to it.
The data subject’s (“you”, “your”) data, such as their name, photo and gender, that we hereby process is made publicly available by the individual through Strava, including social network, www.strava.com, by means of an API transaction and only after you:
-
Opt in to become a part of the Critical Fit.
-
Consent to sharing your publicly available Strava account information with us.
As an individual, by proceeding as described above, you authorise and consent to the registration, organisation, conservation, consultation, use and communication of your personal data under the terms and for the purposes here described.
We process your data so that your Strava workout hours may contribute towards the monthly goal and that you may appear as one of the athletes on Critical Fit.
We have a legitimate interest to do this as you will have indicated that they wish for us to do so or it is reasonable for us to assume that.
If we were to use data to send marketing material to you about our services, we will only do so with your consent. That consent can be withdrawn by you at any time by clicking the “unsubscribe” link on all our communications.
In most circumstances, data subjects’ data will only be processed within the UK or EEA. If for any reason we need to process data elsewhere we will inform you of that, any privacy risks involved and what we have done to minimise those risks. In some circumstances, we would also seek your consent for that.
Some of our data is stored, or otherwise processed for us, outside the UK/EU. In those circumstances we ensure that our contracts with those processors and their processing comply with UK/EU data privacy standards and rules.
You can at any time enquire about any personal data of yours that we hold.
You also have the right to ask us to rectify data if it is inaccurate, erase it or restrict the processing of it. In some circumstances, you can ask us to provide it in a format which would allow you to transfer it digitally to another.
Where we have requested and you have given us consent to process data, you may withdraw that consent at any time. Consent is managed through Strava’s own website and can be revoked at any time through Strava’s privacy settings.
Were our business to be sold all, all data would be transferred to the purchaser so that they could use it in the same way as we do now.
Some of our data, which could include personal data, is stored off-site by third parties. Some is stored by our UK subsidiary, Critical Software Technologies. Except for our marketing database, none of our personal data are stored outside the EEA or UK.
Data will be retained for up to ten years after our last interaction with you unless we are asked to delete it earlier and it is possible for us to do that. Should data subjects choose to withdraw their consent, their profile data will be permanently deleted, and their activities anonymised, meaning they will no longer be connected to the data subject’s profile.
Most data held by us will have be sourced via your Strava, inc. social network account.
Other disclosures
In addition to the disclosures reasonably necessary for the purposes identified elsewhere in this privacy policy, we may disclose information about you:
-
To the extent that we are required to do so by law
-
In connection with any legal proceedings or prospective legal proceedings
-
To establish, exercise or defend our legal rights
-
To the purchaser (or prospective purchaser) of any business or asset which we are (or are considering) selling
-
Except as provided in our privacy policy, we will NEVER provide your information to third parties.
Security of your personal data
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
Data transmission over the internet is inherently insecure and we cannot guarantee the security of data sent over the internet.
Policy amendments
We may update this privacy policy from time-to-time by posting a new version on our website.
Third-party websites
The website contains links to other websites. We are not responsible for the privacy policies or practices of third-party websites.
Updating information
Please let us know if the personal information we hold about you needs to be corrected or updated.
Other info and contact information
If you need more information about Critical Fit and the way that it uses your data, please consult our FAQ section at https://www.criticalfit.eu/about.
If you are concerned about our processing of your data or If you have any questions about this privacy policy or our treatment of your personal data, you can contact us by:
-
Emailing privacy@criticalsoftware.com
-
Writing to us at Critical Software SA, Parque Industrial de Taveiro, Lote 48, 3045-504 Coimbra, Portugal.
-
Lodging a complaint with a supervisory authority.