Privacy Policy

Last updated: 15th January 2026

Introduction

ApexDrift B.V. ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website, use our services, or interact with our fitness centre located at Beukenlaan 276, 4831 NH Breda, Netherlands.

This policy applies to all personal data we collect and process in relation to our fitness centre services, website usage, and customer relationships.

Data Controller Information

ApexDrift B.V. is the data controller responsible for your personal data. Our details are:

  • Company Name: ApexDrift B.V.
  • Registration Number: NL65382741
  • VAT Number: NL006538274B01
  • Address: Beukenlaan 276, 4831 NH Breda, Netherlands
  • Email: privacy@apexdrift.top
  • Phone: +31 763558437

Data We Collect

We collect and process various types of personal data depending on how you interact with our services. The data we collect includes:

Personal Information

  • Name, address, email address, and phone number
  • Date of birth and emergency contact information
  • Health and fitness information relevant to your training
  • Payment and billing information
  • Membership details and preferences

Technical Information

  • IP address, browser type, and operating system
  • Website usage data and navigation patterns
  • Device information and unique identifiers
  • Cookies and similar tracking technologies

Communication Data

  • Records of correspondence and communications with us
  • Feedback, reviews, and survey responses
  • Marketing preferences and communication history

How We Use Your Information

We use your personal data for various purposes based on legitimate business interests, contractual obligations, and your consent. How we use your information includes:

Service Provision

  • Providing fitness centre access and services
  • Managing your membership and account
  • Delivering personal training and fitness programmes
  • Processing payments and managing billing
  • Ensuring health and safety requirements are met

Communication and Support

  • Responding to enquiries and providing customer support
  • Sending service updates and important notifications
  • Providing information about new services and programmes
  • Conducting customer satisfaction surveys

Business Operations

  • Improving our services and facilities
  • Analysing website usage and performance
  • Complying with legal and regulatory requirements
  • Protecting against fraud and ensuring security

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Contract: To provide fitness services and fulfil our membership agreements
  • Legitimate Interest: For business operations, security, and service improvement
  • Consent: For marketing communications and certain cookies
  • Legal Obligation: To comply with health and safety regulations and tax requirements
  • Vital Interest: To protect health and safety in emergency situations

Data Sharing and Third Parties

We may share your personal data with trusted third parties in the following circumstances:

  • Payment processors for membership and service payments
  • IT service providers for website hosting and technical support
  • Professional advisers including lawyers and accountants
  • Emergency services in case of medical emergencies
  • Regulatory authorities when required by law

We ensure that all third parties maintain appropriate data protection standards and only process your data as instructed by us.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy or as required by law. Our data retention periods include:

  • Membership data: For the duration of your membership plus 7 years for financial records
  • Health and safety records: As required by applicable regulations (typically 3-7 years)
  • Marketing data: Until you withdraw consent or we no longer have a legitimate interest
  • Website analytics: Typically 26 months for Google Analytics data
  • Communication records: 3 years from last contact

When data is no longer needed, we securely delete or anonymise it in accordance with our data disposal procedures.

Your Rights

Under GDPR and applicable data protection laws, you have several rights regarding your personal data:

  • Right of Access: Request copies of your personal data
  • Right of Rectification: Correct inaccurate or incomplete data
  • Right of Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for consent-based processing

To exercise any of these rights, please contact us using the contact information provided below. We will respond to your request within one month.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and staff training
  • Secure disposal of physical and electronic records
  • Incident response procedures

While we strive to protect your personal data, no method of transmission over the internet is completely secure. We cannot guarantee absolute security but will notify you and relevant authorities of any data breaches as required by law.

International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). If we need to transfer your data outside the EEA, we will ensure appropriate safeguards are in place, such as:

  • European Commission adequacy decisions
  • Standard Contractual Clauses
  • Binding Corporate Rules
  • Your explicit consent for specific transfers

Children's Privacy

Our services are not directed at children under 16 years of age. We do not knowingly collect personal data from children under 16 without parental consent. If you believe we have collected information from a child under 16, please contact us immediately so we can delete such information.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us:

Privacy Officer

ApexDrift B.V.

Beukenlaan 276, 4831 NH Breda, Netherlands

Email: privacy@apexdrift.top

Phone: +31 763558437

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data in accordance with applicable law.