Privacy Policy

1. Introduction

XGYM Pty Ltd operates from Castle Hill, NSW, Australia. We are committed to protecting your personal information in accordance with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs). This Privacy Policy outlines how we collect, use, disclose, and manage your personal information.

2. Information We Collect

We collect personal information in the following categories:

• Contact Information: Name, email address, phone number, postal address
• Health Information: With your consent for testing services, we collect health metrics including DEXA scan results, body composition data, metabolic assessments, and other health-related information relevant to your training
• Payment Information: When you purchase memberships, programs, or services, we collect payment details which are processed securely by our payment processors. We do not directly store credit card information
• Usage Data: Information about how you interact with our website, including pages visited, time spent, device information, and IP address
• Training Data: For members, we collect training logs, progress tracking, and performance metrics to support your coaching and programming

3. How We Use Your Information

We use your personal information for the following purposes:

• Service Delivery: To deliver memberships, coaching, training programs, DEXA scans, and other services you’ve requested
• Communication: To send appointment reminders, program updates, newsletters, and promotional communications (which you can opt out of at any time)
• Improvement: To analyse usage patterns and feedback to improve our services, facilities, and member experience
• Legal Compliance: To comply with legal and regulatory obligations under Australian law
• Safety and Security: To protect the security of our facility and the safety of our members
• Research: With your consent, we may use anonymised data for research purposes to advance fitness and health science

4. Disclosure of Information

XGYM does not sell personal information. However, we may share your information in the following circumstances:

• Service Providers: We share information with payment processors, email providers, and other service providers who assist us in delivering services. These organisations are bound by confidentiality obligations
• Pathology Partners: If you complete DEXA scans or other health testing, we may share relevant health information with our pathology and testing partners solely for the purpose of conducting and reporting on those tests
• Legal Requirement: We may disclose information if required by law, court order, or government authority
• Member Consent: We only share information with third parties when you have provided explicit consent

5. Data Security

We take reasonable steps to protect your personal information from misuse, loss, unauthorised access, and disclosure. Our security measures include:

• Encrypted transmission of sensitive information over secure HTTPS connections
• Secure storage of data in password-protected systems
• Limited access to personal information—only staff members who need access for service delivery purposes can access your data
• Regular security updates and monitoring to protect against threats
• Confidentiality agreements with all staff members

While we implement comprehensive security measures, no system is entirely secure. Please notify us immediately if you believe your information has been compromised.

6. Your Rights

Under the Australian Privacy Act, you have the right to:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or outdated information
• Opt-Out: Opt out of marketing communications at any time by clicking “unsubscribe” in our emails or contacting us directly
• Complaint: Lodge a complaint if you believe we have mishandled your personal information

To exercise these rights, contact us at privacy@xgym.com.au or admin@xgym.com.au. We will respond to access and correction requests within 30 days.

7. Cookies and Tracking

Our website uses basic cookies for functionality purposes only—such as maintaining your session, remembering preferences, and tracking site analytics. These cookies help us understand how you use our site so we can improve it. We do not use cookies to track you across other websites. You can disable cookies in your browser settings if you prefer, though some site features may be limited.

8. Third-Party Links

Our website may contain links to external websites (such as booking platforms or social media). XGYM is not responsible for the privacy practices of these third-party sites. We encourage you to review their privacy policies before providing any personal information. Our Privacy Policy applies only to information collected through XGYM’s websites and services.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website with a new “Last Updated” date. Your continued use of XGYM’s services after any changes constitutes your acceptance of the updated Privacy Policy.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

• Email: admin@xgym.com.au or privacy@xgym.com.au
• Phone: 0424 023 601
• Address: Castle Hill, NSW, Australia

If you believe your privacy rights have been violated and are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.