Effective Date: Jan 2026

This Privacy Policy explains how Fitter Body Merchandising trading as The Strikebox collects, uses, and protects your personal data when you visit www.thestrikebox.com.

We are committed to protecting your privacy and handling your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Fitter Body Merchandising T/A The Strikebox

United Kingdom

Email: [email protected]

We are the data controller responsible for your personal data.

2. What Personal Data We Collect

We may collect and process the following information:

A. Contact Information

Name

Email address

Phone number

Location

B. Health Information (Special Category Data)

Medical conditions

Injuries

Fitness-related health information

Other health details voluntarily submitted

This is considered sensitive personal data under UK GDPR.

C. Franchise Enquiry Information

Business background

Financial information (where voluntarily submitted)

Location preferences

D. Technical Data

IP address

Browser type

Device information

Website usage data

3. How We Use Your Data

We use your data to:

Respond to membership enquiries

Assess suitability for fitness programmes

Respond to franchise enquiries

Provide franchise information

Send marketing communications (if consented)

Improve our website and services

Comply with legal obligations

4. Lawful Basis for Processing

Under UK GDPR, we rely on:

Consent – when you submit forms or opt in to marketing

Contractual necessity – where we prepare to provide services

Legitimate interests – to operate and improve our business

Explicit consent – for processing health-related data

You may withdraw consent at any time.

5. Marketing Communications

If you submit an enquiry, we may contact you by:

Email

Phone

SMS

You can unsubscribe at any time by:

Clicking the unsubscribe link

Replying STOP to SMS

Contacting us directly

6. How We Store & Protect Your Data

We implement appropriate technical and organisational measures to protect your data from:

Unauthorised access

Loss

Misuse

Disclosure

We only retain personal data for as long as necessary for business or legal purposes.

7. Sharing Your Data

We may share your data with:

CRM providers

Email marketing platforms

Marketing agencies

IT service providers

Professional advisers

We require all third parties to respect the security of your data.

We do not sell your personal data.

8. Your Rights Under UK GDPR

You have the right to:

Access your personal data

Correct inaccurate data

Request deletion

Restrict processing

Object to processing

Withdraw consent

Lodge a complaint with the ICO

ICO website: https://ico.org.uk

To exercise your rights, contact: [email protected]

9. Data Retention

We retain enquiry data for as long as necessary to:

Follow up on your enquiry

Provide services

Comply with legal requirements

Health-related data is retained only as long as necessary for fitness assessment purposes.

10. Changes to This Policy

We may update this Privacy Policy periodically. Updates will be posted on this page with a revised effective date.