LockaRoom Limited (“LockaRoom”, “we”, “us” or “our”) respects the privacy of the individuals whose personal information we process. This Privacy Policy describes how we collect, use, disclose, store and otherwise process personal information in connection with our websites, applications and related services (collectively, the “LockaRoom Services” or “Services”).

By using the LockaRoom Services, you acknowledge that you have read and understood this Privacy Policy.

1. Role of LockaRoom

LockaRoom provides software services to gyms, fitness studios and similar businesses (“Businesses”). In most cases, these Businesses determine what personal information is collected about their members and how it is used. In such circumstances, LockaRoom acts as a service provider or data processor on behalf of the relevant Business, and in accordance with its instructions.

Where we process personal information for our own operational purposes (such as account administration, security, or compliance), we act as a data controller.

If you are a member of a Business that uses the LockaRoom Services and have questions about how your personal information is handled, you should contact that Business directly in the first instance.

2. What is Personal Information?

Personal Information means any information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified individual or an individual who is reasonably identifiable. In general terms, this includes information or an opinion that personally identifies you either directly (e.g., your name) or indirectly.

3. Why do we collect it?

We collect your Personal Information for the primary purpose of providing the LockaRoom Services, facilitating the administration of memberships and bookings, supporting payment processing, communicating with users, and complying with our legal and contractual obligations.

We may also use your Personal Information for related secondary purposes that you would reasonably expect, including service improvement, analytics and limited marketing communications, where permitted by law.

Where required under applicable law, we process Personal Information on one or more of the following legal bases:

• performance of a contract;

• compliance with a legal obligation;

• legitimate interests; or

• consent, where required.

You may unsubscribe from marketing communications at any time by contacting us in writing.

Sensitive Information

Sensitive information includes information or opinions about matters such as racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.

We ask that you do not provide Sensitive Information through the LockaRoom Services unless specifically requested and necessary for the provision of the Services.

Where Sensitive Information is requested, this will be used by us only:

• for the primary purpose for which it was obtained;

• for a directly related secondary purpose;

• with your consent; or

• where required or authorised by law.

Third Parties

We may collect Personal Information directly from you, indirectly through the Businesses that use our Services, or from other third-party sources. Where we receive Personal Information from a third-party, we take reasonable steps to ensure that the information has been collected in accordance with applicable law.

Disclosure of Personal Information

Your Personal Information may be disclosed in a number of circumstances including:

• to Businesses that use the LockaRoom Services;

• to service providers and contractors who assist us in operating the Services (including hosting, infrastructure, payment processing, and support services);

• where you have consented to the use or disclosure; and

• where required or authorised by law.

4. What Personal Information do we collect?

The Personal Information we collect depends on the nature of your dealings with us and the Services.

The Personal Information we collect may include:

• contact details (e.g., name, address, email address, telephone number, emergency contact information);

• personal details (e.g., date of birth, nationality);

• financial and transaction data (e.g., payment history, billing information, subscription details);

• LockaRoom Services-related data (e.g., booking history, customer support requests, usage data);

• online identifiers (e.g., IP address, device identifiers); and

• cookie-related data.

You are not required to provide Personal Information. However, if you do not provide certain information, we may be unable to provide the Services to you.

5. How do we collect information?

We collect information about you when you interact or use the LockaRoom Services, including when you create an account, make a booking, process a payment, or communicate with us.

We may also receive Personal Information from Businesses that use our Services, including during onboarding or migration processes, and from third-party service providers where necessary to operate the Services.

6. Security of Personal Information

We implement reasonable technical, administrative and organisational measures designed to protect Personal Information from misuse, interference, loss, unauthorised access, modification or disclosure.

While we take reasonable steps to protect Personal Information, no data transmission or storage system can be guaranteed to be completely secure.

7. Data Retention

We retain your Personal Information for as long as necessary to fulfil the purpose(s) for which it was collected, and in accordance with applicable law. The criteria used to determine our retention periods include:

• the duration of our relationship with the relevant Business or user;

• legal and regulatory obligations including financial record-keeping requirements; and

• our legitimate business interests including dispute resolution and enforcement of agreements.

When your Personal Information is no longer required, we take reasonable steps to delete, destroy or de-identify Personal Information, subject to applicable legal retention requirements.

8. Access to your Personal Information

You may request access to the Personal Information we hold about you, and to update and/or correct it, subject to applicable legal exceptions.

If you wish to access your Personal Information, please contact us in writing. We may require identification from you before releasing the requested information.

LockaRoom will not charge any fee for making a request, but may charge a reasonable administrative fee for providing copies where permitted by law.

9. Maintaining the Quality of your Personal Information

It is important that Personal Information we hold is accurate and up to date. We take reasonable steps to ensure that the information we process is accurate, complete and up to date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records.

10. Cookies

LockaRoom Services may use cookies and similar technologies to recognise your device, maintain user sessions, improve functionality, and analyse the usage of the Services.

You may adjust your browser settings to refuse cookies. However, doing so may affect the functionality of certain parts of the Services.

11. International Data Transfers

Personal Information may be transferred to, stored in, and processed in jurisdictions outside your country of residence, including jurisdictions where we or our service providers operate. Where this occurs, we take reasonable steps to ensure that appropriate safeguards are in place in accordance with applicable data protection laws.

12. Links To Other Organisations

This Privacy Policy does not address, and we are not responsible for, the privacy practices of any third parties, including any third party websites, products or services used in connection with the LockaRoom Services. The inclusion of a link does not imply endorsement of the linked site or service by us or by our affiliates.

Please note that we are not responsible for the collection, usage and disclosure policies and practices (including the data security practices) of other organisations or Businesses, including any Personal Information you disclose to other organisations or Businesses through or in connection with LockaRoom.

Organisations or Businesses that use LockaRoom Services may have their own privacy policies and practices. When you interact with or provide Personal Information to these entities, their privacy practices will govern how your data is used, stored, and shared. We are not responsible for the privacy practices of these entities, and we recommend that you review their privacy policies to understand how your information is handled.

13. Policy Updates

We may update this Privacy Policy from time to time. Any material changes will be published on our website or within the LockaRoom Services. By continuing to use the LockaRoom Services after updates are posted, you accept the updated Privacy Policy.

If you do not agree with the updates, you must stop using the Services. It is your responsibility to review the Privacy Policy regularly to ensure you understand and agree to the latest version. The “Last updated” date at the top of this policy shows when it was last revised.

14. Contact Us

If you have any queries or complaints about our Privacy Policy, please contact us at support@uselockaroom.com.