Gym management software from Kilo

KILO® PRIVACY POLICY

Kilo, Inc. (“Kilo” “we” “our” or “us”) has adopted the following privacy practices to protect the information we collect from you. The practices are described in this privacy policy (the “Privacy Policy”). Our Privacy Policy is designed to provide transparency into our privacy practices and principles, in a format that our users can navigate, read and understand.

This Privacy Policy covers our online privacy practices with respect to use and disclosure of Personal Information that you may provide when you visit the Kilo website located at https://usekilo.com/ (the “Website”), or use any of our services including without limit, our website design services, our custom tailored standalone website packages, mobile app, marketing software and services, gym management software, our proprietary marketing automation platform (referred to as the “Gym Lead Machine”) or our gym management software (referred to as the “Kilo Gym Management Software”), (all collectively, the “Services”). Please review the following Privacy Policy and contact us at [email protected], if you have any questions or concerns.

ACCEPTANCE OF TERMS:

By accessing, downloading or using our Services, you agree to be bound by the terms and conditions of this Privacy Policy, our Terms of Use and any additional terms such as our Terms of Service (“Terms of Service”) that may be applicable to you. By accessing our Services you acknowledge that you fully understand our Privacy Policy and freely consent to the collection, use and disclosure of your Personal Information, as described in this Privacy Policy. If you do not consent to the collection, use and disclosure practices described below, you must immediately cease any access or use of our Services.

CONTACT US:

If you have any questions regarding our Privacy Policy or practices, you may contact us by any of the following ways:

Write to Us:
Owner and Data Controller
Kilo, Inc.
14255 U.S. Hwy 1, Suite 281
Juno Beach, FL 33408, United States

Email Us: [email protected]

Call Us: (317) 401-5337

PRIVACY POLICY SCOPE:

This Privacy Policy describes:

  1. Types of Information We Collect
  2. How We Collect Information (Sources of Information)
  3. How We Process and Use Your Information and our Lawful Basis and Purpose for Doing So
  4. How We Disclose Your Information
  5. Third Party Information Collection
  6. Automated Decision Making and Targeted Advertising
  7. How We Protect the Privacy of Children Online
  8. Sensitive Information
  9. Information Retention
  10. Security
  11. Third-Party Services
  12. Electronic Marketing and Communications
  13. CAN-SPAM ACT
  14. Your Access to and Control Over Your Personal Information
  15. Additional Considerations for Persons Covered by the GDPR and UK Data Privacy Law
  16. Additional State Specific Privacy Rights
  17. Data Controllers and Responsible Companies; Transferring Information
  18. Changes to Our Privacy Policy

 

This Privacy Policy applies to Information we collect through our Services and other electronic communications sent through or in connection with the Services. This Privacy Policy may change from time to time (see Changes to Our Privacy Policy section below). Your continued use of the Services after we revise our Privacy Policy means you accept and consent to those changes, so please check the Privacy Policy periodically for updates.

TYPES OF INFORMATION WE COLLECT:

We collect information in different ways, depending on your use of the Services and whether you are a client of Kilo (“Client”) or an authorized end user (“End User”) of a Client accessing the Services pursuant to separate Terms of Service. Clients, End Users and Website guests are collectively referred to herein as “Users.” We also collect certain Personal Information from our Client’s about their customers (“Gym Members”) in order to provide the Services requested by the Clients.

When you use the Services, certain types of data may be collected from you, including: (1) Personal Information; and (2) Non-Personal Information (collectively referred to as “Information”). For more detailed  information on the collection of Personal Information from children, please refer to the How We Protect the Privacy of Children Online section below.

You may be able to view, access, use or download the Services (or portions thereof) without disclosing any information that, either alone or in combination with other information, can be used to uniquely identify, contact or locate you, such as your name, email address, or telephone number (collectively, “Personal Information”). However, certain portions of the Services may only be accessible by disclosing certain Personal Information. We may collect or receive the categories of Personal Information listed below, which may depend on the Services you use, whether you are a Client, End User or Gym Member, and your device and account settings. Kilo does not request Personal Information about our Client’s Gym Members directly from Gym Members, or directly contact Gym Members. Client’s retain control over the processing of Gym Member’s Personal Information. Not all categories of Personal Information will be collected or received about every User or Gym Member.

  • Identifiers, including first and last name, email address, address, emergency contact information and photographs;
  • Personal Information described in subdivision (e) Section 1798.80 of the California Civil Code such as your telephone number and your emergency contact’s telephone number;
  • Commercial information, such as records of subscriptions or services purchased by Kilo Clients (note that we use third party payment processors to facilitate Client payments and do not have access to or store your payment information);
  • Characteristics of Protected Classifications, such as date of birth and gender;
  • Business profile information, if you are a Client or End User of a Client, we may collect additional information from you as part of your business account, such as your name, you employer, your job title or role and your contact information or as otherwise required to setup your account with Kilo or an account with our payment processor;
  • Device and Online Identifiers, such as IP address, and other identifiers associated with cookies;
  • Internet or other electronic network activity and web analytics, such as information about how you use, access, or interact with the Services;
  • Communications, such as communications with our chat box, and content of emails and text messages where Kilo is party to the exchange; and
  • Records of communications with our sales and customer support team for training and quality assurance purposes.
  • Inferences drawn from other Personal Information, such preferences for marketing and advertising.

HOW WE COLLECT INFORMATION (SOURCES OF INFORMATION):

Information Provided Directly by You.

Users actively provide Information to Kilo in various ways while using our online Services. For example, you may share Personal Information when you:

  • Sign up and agree to our Terms of Service;
  • Purchase a subscription to certain Services;
  • Upload a .csv containing Gym Member information or a User directs its Gym Members to provide such information through third-party provided intake forms during sign-up;
  • Provide information as part of the website design services;
  • Request information about our Services and you provide Personal Information;
  • Interact with our chat box and you provide Personal Information;
  • Submit a review about Kilo to us via direct message through our Website or a third-party social media platform;
  • Request customer service; or
  • Contact us through any of our Services.

 

By providing Personal Information, you acknowledge that you understand our collection, use and disclosure of it, as described in this Privacy Policy.

Information Provided During Client Intake.

To purchase a subscription to the Services, Users will be required to provide their first and last name, the company name/entity name of the Customer, and address. To access and use certain of the Services, including the Gym Lead Machine or Gym Management Software, Users will be required to upload or provide certain Personal Information related to their Gym Members, including their first and last name, phone number, email address, address, gender, data of birth (optional) and emergency contact information. Users also have the option of providing information related to workout sessions. This information is required in order for Kilo to provide the Services purchased by the Client to the Client.

Users may utilize certain third-party provided features and functionality, including intake forms, in order to upload the Personal Information about their Gym Members. While Kilo may store or access such Personal Information regarding Gym Members, for purposes of providing support, Kilo does not collect, manage, or retain such Gym Member Information beyond that which is necessary to provide Website functionality, support and maintenance. With respect to Gym Member Personal Information, the Users are considered the Data Controllers, and Kilo is the Data Processor. Gym Members should look to the Data Controller when exercising individual data subject rights that may be available to them.

Automatically Gathered Information.

Kilo and its service providers automatically track certain information about Users based upon their behavior while using the Services. This information is used to better understand and serve you by responding to your particular interests and needs.

Usage Details

When you access and use the Services, Kilo and its service providers, may automatically collect certain details of your access to and use of the Services, including traffic data, date and time you access the Services, your browsing activity on our Website and the number of links you click within the Services.

Device Information

When you access the Services, Kilo and its service providers may collect information about your device and internet connection, including the device’s unique device identifier, IP address, operating system, browser type, and network information.

Use of Cookies and Other Tracking Technologies. Our Website also use cookies to enhance the User experience, including third-party cookies. For more information about the use of cookies on our Website please read our cookie notice (“Cookie Notice”).

Information Provided by Our Service Providers.

We may use third party service providers to provide us with information about you, analytics on Website traffic and use of the Services.

When you submit a review about Kilo to Google, Facebook, or Gartner we receive that information, and any Personal Information you provide associated with that review. Kilo uses third-parties, such as Google Ads and Meta for advertising purposes (see the Advertising and Automated Decision Making, Targeted Advertising Sections below, for additional information). Kilo uses analytic tools to analyze the performance of our Services as well as how visitors use our Services, provided that requisite consent has been first been obtained when required, including but not limited to:

  • Google Analytics – For more information on Google Analytics cookies and privacy policies, visit www.google.com/policies. To opt-out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout. This will allow you to download and install a Google Analytics cookie-free web browser.

HOW WE PROCESS AND USE YOUR INFORMATION AND OUR LAWFUL BASIS AND PURPOSE FOR DOING SO:

Lawful Basis (applicable only to individuals based in the EEA or United Kingdom).

We utilize four lawful bases for which we rely upon for our business activities: Consent, Contractual, Legitimate Interests and Legal Obligation.

  • Contractual. In many circumstances, we rely on the lawful basis of “performance of a contract.” This enables us to respond to you when you express an interest in our products and services and to fulfill any requests.
  • Consent. In some circumstances, we rely on your specific consent, whereby you actively agree and “opt-in.” We will always make it clear how you can withdraw your consent at any time. Consent plays a pivotal role in our data processing activities. We ensure that the consent obtained is freely given, specific, informed, and unambiguous. We will not assume your consent from silence, pre-ticked boxes, or inactivity. We aim to facilitate a clear affirmative action by you to indicate your consent. You have the power to grant or withdraw your consent at any time. We will respect your choices and will cease processing your Personal Information if you withdraw your consent, unless another lawful basis applies.
  • Legal Obligations. There will be circumstances under which we are legally obligated to hold your Personal Information or required to disclose it to a third party by law.
  • Legitimate Interests. For some of our activities, we rely on our legitimate business interests to collect and use your Personal Information. In such cases, we have balanced our interests with yours and do not believe these activities will have a negative impact on your privacy rights and freedoms.

 

Generally.

We use your Personal Information for the following business purposes including:

  • Providing and supporting our Website and Services:
    • creating and maintaining Users accounts, dashboards and platforms;
    • providing you with the services subscribed to;
    • providing Users with a tailored experience when using our Website;
    • enhancing functionality of our Website;
    • providing analytic services.

 

Using your Personal Information in this way is necessary for us to perform our contractual obligations to you, to provide the Services that you have purchased, and also for our legitimate interest in improving our Website to better meet your needs as the customer.

  • Communicating with you about our Services:
    • providing Users with customer service and technical support;
    • responding to correspondence we receive from you directly, through our contact page.

 

Using your Personal Information in this way is based on your implied consent by contacting us first or our legitimate interest in diagnosing issues with our Services and improving our Services to better meet your needs as the customer.

  • Providing advertising and marketing services including:
    • sending email and SMS marketing communications with content we think will interest you;
    • placing ads on User’s sites as part of our advertising efforts and to understand ad performance;
    • showing personalized ads based on your interests and activity across other sites;
    • marketing and selling our Services.

 

Using your Personal Information in this way is based on your consent by signing up for our newsletter or text messaging services, and/or accepting cookies that permit such advertising, or our legitimate interest in providing direct marketing services (or based upon your consent where legally required).

  • Improve, monitor, personalize, and protect our Services including:
    • Understanding your needs and interests, and personalizing your experience with the Services and our communications;
    • Troubleshooting, testing, and research, and keeping the Services secure;
    • Investigating and protecting against fraudulent, harmful, unauthorized, or illegal activity;
    • Sharing reviews you have made about us on third-party platforms.

 

Using your Personal Information in this way is necessary for us to comply with our legal obligations in some instances and, and also for our legitimate interest in improving our Website and Services to better meet your needs as the customer, preventing fraud and ensuring the network and information security of our IT systems.

  • Research and development:
    • Debugging;
    • Undertaking internal research for technological development and demonstration;
    • Verifying or maintaining quality or safety or improving or upgrading our Services.

 

Using your Personal Information in this way is necessary to carry out our legitimate interest in improving our Website and Services to better meet your needs as the customer and ensuring the network and information security of our IT systems.

  • Compliance and protection:
    • We may use Personal Information to enforce and comply with our terms and policies, and to defend us against legal claims or disputes;
    • Protecting our, your or other third parties’ rights, privacy, safety, or property (including by making and defending legal claims);
    • Auditing our internal processes for compliance with legal and contractual requirements and internal policies;
    • Enforcing the terms and conditions that govern the Website and Services;
    • Preventing, identifying, investigating, and deterring fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft;
    • Some processing may also be necessary to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities, and other legal obligations such as to keep records of transactions.

 

Using your Personal Information in this way is necessary for us to comply with our legal obligations in some instances and, and also for our legitimate interest in improving our Website and Services to better meet your needs as the customer, preventing fraud and ensuring the network and information security of our IT systems.

Payment Information.

When Services are purchased through our Website we use third-party payment processors, to process your payments. These third parties will collect the information necessary to effectuate your transaction with us, such as credit/debit card number, security/CVV code, and expiration date. Our payment processors may handle your payment information in accordance with their own privacy policies. Kilo does not have access to your payment information. For Users that process billing of their Gym Members through our Services, such Users may need to provide certain business information to Kilo to assist in the setup of their account with our third-party payment processor, currently, Stripe. However, Kilo retains the right to change our payment processor at any time.

Marketing and Communications.

From time to time your Personal Information, may be used to contact you with promotional materials, newsletters, marketing or other information that may be of interest to you based on your preferences. For more information, see our Electronic Marketing and Communications section below. 

Advertising.

We use online advertising to keep you aware of what we are up to and to help you see our Services. You may see our banners and ads when you are on other websites and apps, such as social media. We manage this through a variety of digital marketing networks and ad exchanges, including Google Ads and Meta. We also use a range of advertising technologies. The banners and ads you see are based on information we hold about you, or your previous use of our Website (for example your browsing history on our Website) or on our banners and ads that you previously clicked on. We also utilize Meta’s lookalike audiences to reach new customers. For more information on our use of these advertising technologies and cookies see our Cookie Notice.

This Privacy Policy does not cover the use of information collected from you by third party ad servers. We do not control cookies in such third party ads, and you should check the privacy policies of those advertisers and/or ad services to learn about their use of cookies and other technology before linking to an ad. We will not share your Personal Information with these companies, but these companies may use information about your visits to this and other websites in order to provide advertisements on other websites about goods and services that may be of interest to you.

Google Calendar Data.

The Kilo mobile app will use Google calendar data when authorized by the User to synchronize the User’s Kilo events to the User’s Google calendar. The User’s Google calendar can also be used by Kilo to identify scheduling conflicts. The Kilo mobile app will use the User’s google calendar to enhance functionality, by allowing the User to keep their master calendar at Google, and synchronize their calendar with Kilo events. The Kilo backend server will access the User’s Google calendar to determine if conflicts exist and to push Kilo events to the User’s Google calendar. Data from the Google calendar remains on Google and is only accessed for this purpose. Google calendar data will not be stored on Kilo systems.

HOW WE DISCLOSE YOUR INFORMATION:

We share your data with third-party companies, vendors and contractors that perform services on our behalf or to assist us with the provision of services to you (“Service Providers”) and in furtherance of Kilo’s legitimate interests in its business purposes. We may disclose aggregated information, and information that does not identify any individual, without restriction. We may disclose Personal Information that we collect or you provide as described in this privacy policy:

  • To Service Providers, and other third parties we use to support our business and provide the Services, who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them. We share Information about you with Service Providers who need the information to provide their services to us, or to provide their services to you or our Website. We may share your Personal Information with Service Providers that perform certain functions or services on our behalf (such as to host the Services, manage data, provide services, perform analyses, process payments, provide customer service, or send communications for us).
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Kilo’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by Kilo is among the assets transferred.
  • To fulfill the purpose for which you provide it. For example, if you purchase a subscription to Gym Lead Machine, we will share certain Personal Information with our Service Provider that provides Client with email marketing services to its Gym Members, or if you submit a review on our Facebook Fan Review Application, we will share your name and email with the third-party for whom you submitted the review.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.
  • To enforce or apply our Terms of Use, Terms of Service or other agreements, including for billing and collection purposes.

 

IMPORTANT: Except as expressly stated herein as necessary to carry out our business purposes and to provide the Services, and provide personalized targeted advertising as described herein, we do not sell or otherwise share your Personal Information to any third parties.  All third parties with whom we share Information with for our business purposes are required to maintain their own privacy and security measures. Your Information will be treated in accordance with such third-party’s privacy policies.

Legal Requirements.

As we may determine in our sole discretion, we may disclose Personal Information if required to do so by applicable law, including, without limitation, responding to a subpoena or request from law enforcement, court, or government agency, or in the good faith belief that such action is necessary to: (i) comply with a legal obligation; (ii) protect or defend our rights, interests or property or that of third parties; (iii) prevent, investigate, or identify possible wrongdoing in connection with the Services; (iv) act in urgent circumstances to protect the personal safety of customers, guests, or the public; or (v) protect against legal liability.

THIRD PARTY INFORMATION COLLECTION:

When you use our Website, Services and third party sites linked from our Website, third parties may use automatic information collection technologies to collect information, including cookies, web beacons, and other storage technologies and location information about you or your device. These third parties may include: social media companies, analytics, ad networks, and ad servers, your mobile device manufacturer, your mobile service provider, or other service providers.

The information they collect may be associated with your Personal Information and location or they may collect information, about your online activities over time and across different websites, apps, and other online services. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions you should contact the responsible provider directly. Depending on your location and applicable laws, you may have the right to opt-out.

Please see our Cookie Notice for more information regarding our use of first-party cookies and the use of third-part cookies, and your right to opt-out.

AUTOMATED DECISION-MAKING AND TARGETED ADVERTISING:

Automated decision-making takes place when an electronic system uses Personal Information to make a decision about that person without any human intervention which produces legal effects concerning them or similarly significantly affects them. Aside from our use of such technologies in relation to our advertising practices (discussed below) we do not currently use this type of automated decision making in our business in relation to you. You will not be subject to decisions that will have a significant impact on you based solely on automated decision making unless we have a lawful basis for doing so and we have notified you.

We do however use automated processing so that we can show you personalized advertisements. When we required by applicable law, we will request your express consent before using your personal information in this manner. Any advertisements you see on third-party websites may relate to your browsing activity on our Website from your computer or other devices. These advertisements are provided by us via various third party providers using techniques such as pixels, ad tags, mobile identifiers and ‘cookies’ placed on your computer or other devices (which may be subject to your prior consent where required by law). For further information on the use of cookies, or for details of how you can remove or disable cookies at any time, see our Cookie Notice.

We may analyze your browsing and purchasing activity online and your responses to marketing communications.  The results of this analysis, together with other demographic data, allow us to decide what advertisements are suitable for you and to ensure that we draw to your attention products, services, events and offers that are tailored and relevant to you.  To do so, we use software and other technology for automated processing to serve personalized targeted advertising. This allows us to provide a more personalized service and experience. We also utilize Meta’s lookalike audiences to reach new customers.

We may review personal information held about you by external social media platform providers, such as the personal information available on social media platforms such as Facebook. We use this information in order to offer products and services which we believe are of interest and relevance to you as an individual.  To help us do this, we process personal information by profiling and segmenting, identifying what our customers like and ensuring advertisements we show you are more relevant based on demographics, interests, purchase behavior, online web browsing activity and engagement with previous communications.

HOW WE PROTECT THE PRIVACY OF CHILDREN ONLINE:

Our Services may not be used by anyone under the age of sixteen (16). Our Services are not intended for or directed to minors or children under 16 years of age and no part of our Services are designed or intended to attract anyone under the age of 16. We will never ask for or knowingly collect information from children. If you are under the age of 16, you are not permitted to use the Services and should immediately exit our Services. Consistent with the Children’s Online Privacy Protection Act, we will not knowingly collect any information from individuals under the age of 16. If you think that we have collected Personal Information from a child under the age of 16 through the Services, please contact us at [email protected] and we will dispose of the information.

SENSITIVE INFORMATION:

We do not collect any sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, or information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offenses.

INFORMATION RETENTION:

We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was collected. The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and/or provide Services to you (for example, for as long as you have an account with us or keep using our Services) and the length of time thereafter during which we may have a legitimate need to reference your Personal Information to address issues that may arise;
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
  • Whether retention is allowed by applicable law (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

 

When you delete your account and we no longer need to process your Personal Information for the purposes set out in this Privacy Policy, we will delete your Personal Information from our systems.

SECURITY:

Kilo uses technical, administrative, and physical measures to protect your Personal Information against accidental or intentional destruction, loss, alteration, unauthorized disclosure, or access and against other unlawful forms of collecting and processing. Kilo follows industry standards and practices to help protect the confidentiality and integrity of your Personal Information that is collected and processed. Our Website uses SSL/TLS encryption to secure data transmission. We store certain Personal Information in a hosted system hosted by third-party Service Providers that utilize firewalls, automated backups and malware protection.

THIRD-PARTY SERVICES:

Third-Party Services and Their Privacy Policies.

In general, the third-party providers used by us, will only collect, use and disclose your Personal Information to the extent necessary to allow them to perform the Services they provide to us. However, certain third-party service providers, including but not limited to, payment processors, website hosts, and digital marketing platforms have their own privacy policies in respect to the information we are required to provide to them for your subscription purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your information will be handled by these providers.

Our Services may contain links to other websites, applications, and services maintained by third parties in which case the privacy policy of such third party applies and this Privacy Policy does not apply. The information practices of such other services are governed by the third-party privacy policies, which we encourage you to review to better understand those third parties’ privacy practices. In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. Therefore, if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

Google APIs.

Kilo’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

ELECTRONIC MARKETING AND COMMUNICATIONS:

From time to time your Personal Information, such as your name, phone number, email address or mailing address, may be used to contact you with promotional offers, newsletters, marketing or other information that may be of interest to you. You may be contacted by the phone number or e-mail address you provide to us. We may contact you in this way based on our legitimate interest in undertaking marketing activities to provide you with the most up-to-date information on our Services and other products and services you may be interested in based on your preferences. By providing your contact information and opting-in when required, you are consenting to receive direct marketing and commercial information by means of electronic communication (SMS and e-mail). The frequency of the messaging may vary based on your preferences. Message and data rates may apply.

CAN-SPAM ACT:

We are committed to being compliant with the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (“CAN-SPAM Act”). All e-mails you receive from Kilo or through the Services are intended to fully comply with the CAN-SPAM Act.  If at any time you would like to unsubscribe from receiving future e-mails, you can e-mail us at [email protected] and we will promptly remove you from all correspondence for the Services. You understand and agree that being removed from all correspondence for the Services may mean some features of our Services may not function properly or may not be available to you, and you may not be able to use all of the Services.

YOUR ACCESS TO AND CONTROL OVER YOUR PERSONAL INFORMATION:

You have options about the various ways we collect, use and store your Personal Information.

Log-in/Contact Us.

If you have created an account through the use of our Services, you may log in to your account to enter and update your own contact information. You can also contact us through one of the options provided in the Contact Us section at the bottom of this Privacy Policy.

Consent.

When you provide us with Personal Information through our Services, through the mail, over the phone, or by using our mobile application we imply that you consent to our collecting it and using it to carry out our legitimate business purposes as described herein. Depending on your location and applicable law, in some instances we are required to obtain your explicit consent. We do so through use of our cookie banner. For more information related to our use of cookies and your right to control and update your cookie preferences, please see our Cookie Notice. To disable selected cookies from collecting information relating to analytics data and other tracking see our Cookies Policy.

Choices Related to Contact Method.

  • Email: By using our Services, you agree that we may contact you by email as set forth herein. If you do not want to receive marketing and promotional emails from us, you may click on the “unsubscribe” link in the email to unsubscribe and opt-out of marketing email communications or contact us using the information contained in the Contact Us section.
  • Text Messages: By using our Services, and expressly opting-in to receive SMS messages, you agree to be reached by text message or SMS message. If you no longer want to receive text messages from us, reply STOP (or as otherwise instructed) in the text message, or contact us using the information contained in the Contact Us section.

 

Opt-out. Consistent with applicable law, you may have the right to opt-out of having your Personal Information shared for purposes of targeted advertising. If you would like to exercise your right to opt-out please contact us using the information contained in the Contact Us section.

ADDITIONAL CONSIDERATIONS FOR PERSONS COVERED BY THE GDPR AND UK DATA PRIVACY LAW:

You may have certain additional rights relating to your Personal Information, subject to local data protection laws. If you are located in the European Economic Area (EEA) or U.K, the following rights under the General Data Protection Regulation (GDPR) are available to you. Certain of the information required to be provided under the GDPR is addressed in the main body of the Privacy Policy and these additional rights should be read in conjunction with the main body of the Privacy Policy. Such rights include:

Right to Access.

You can request details of the Personal Information we hold about you. We will confirm whether we are processing your Personal Information and provide additional details including what kind of information we have about you, where we collected it, how we use it (including the legal basis for our processing), how long we expect to keep it, the categories of third parties with whom we share your information, details of any automated decision making or profiling and the safeguards regarding data transfers, subject to the limitations set out in applicable laws and regulations. If you ask us, we will provide you with a copy of your Personal Information free of charge. We may charge you a fee to cover our administrative costs if you request multiple copies of the same information or if the requests are manifestly unfounded or excessive.

Right to Rectification/Correction.

If you find that your Personal Information is out of date and needs to be edited or updated, you can ask us to update it by contacting us at [email protected]. Please make sure to provide us with all the information we need to be able to address your request, including both the old and new information.

Right to Erasure.

At your request, we will delete or rectify your Personal Information if: (i) it is no longer necessary to retain your personal information; (ii) You withdraw the consent which formed the basis of your Personal Information processing; (iii) You have successfully objected to the processing of your Personal Information (see below); (iv) Your Personal Information was processed unlawfully;  (v) We are required to delete your Personal Information to comply with any of our legal obligations; or (vi) the information is inaccurate and needs to be corrected. We will review requests on a case-by-case basis and we might not be able to comply with your request if we need to process your Personal Information: (i) for exercising the right of freedom of expression and information; (ii) to comply with our legal obligations; (iii) to establish, exercise or defend a legal claim; or (iv) to perform a task in the public interest. If we are unable to comply with your request for any of the forgoing reasons, we will notify you of the reasons why your request was rejected. Choosing to delete your Personal Information may impact your ability to use our Website and Services.

Right to Restrict Processing.

You have the right to request us to limit the processing of your Personal Information if: (i) You dispute the accuracy of your Personal Information; (ii) Your Personal Information was processed unlawfully and you request a limitation on processing, rather than a deletion of your Personal Information; (iii) We no longer need to process your Personal Information, but you need your Personal Information in connection with a legal claim; or (iv) You object to the processing of your Personal Information based on our legitimate interests pending verification as to whether we have an overriding legitimate ground for such processing. To the extent needed, we may still keep some of your data to ensure we comply with your request to limit processing, or for other legal purposes.

Right to Object to Processing.

Where we process your Personal Information based upon our legitimate interests, you have the right to object to this processing on grounds relating to your particular situation if you feel it impacts your fundamental rights and freedoms. Where we process your Personal Information based upon our legitimate interests and where decisions are made by automated processing which has a legal or other significant effect on you, you may also object to such automated decision making.

Right to Data Portability.

You can request us to send you your Personal Information in a structured, commonly used, machine-readable format so that it can easily be transferred and used by a third party.

Right to Withdraw Consent.

We primarily rely on legitimate business interests to process your data, but to the extent we use consent to process your data, you have the right to withdraw any consent you may have given us at any time. We will comply with your request promptly. If you withdraw your consent, we might not be able to provide some of our services to you. At any point, you have the right to object to processing of your personal information for direct marketing purposes and we will promptly comply with your request.

If you wish to exercise any of these rights, please email [email protected]. We will respond to your request within thirty (30) days of accepting it. Before accepting your request, we may need to ask for some identifying documentation from you, to make sure we don’t inadvertently provide your Personal Information to someone else. If you are not in the EEA, U.K., or other jurisdiction that provides these rights as a matter of law, you can still apply for any of these rights, and we may choose to comply where the request is reasonable in our discretion.

Filing a Complaint with a Data Protection Authority.

We hope you don’t have any reason to complain, and we will always try to resolve any issues you have. If you are based in the EEA or U.K. you are always able to contact your local data protection authority for assistance or to make a complaint.

GDPR Representative.

If you are in the European Union you can contact our EU GDPR Representative (Art. 27 GDPR) on all issues related to processing: Thomas Rickert | rickert.law[email protected]

ADDITIONAL STATE SPECIFIC PRIVACY RIGHTS:

Your Rights Regarding Your Personal Information.

You may be able to exercise certain privacy rights depending on the state in which you reside. The rights available to you depend on our reason for processing your Personal Information and the requirements of applicable law. Your rights will vary depending on what state you reside in, and whether or not the applicable state laws apply to us. Specifically, you may have the following rights: 

Right to Access and Right to Know.

You may have the right to request access to a copy of the Personal Information that we have about you, including a list of categories of your Personal Information that we have collected and used over the past 12 months. We will provide to you the following information (to the extent required by law):

  • The categories of Personal Information we have collected about you.
  • The categories of sources from which we collect your Personal Information.
  • The business or commercial purpose for collecting or selling your Personal Information.
  • The categories of third parties with whom we share your Personal Information.
  • The specific pieces of Personal Information we have collected about you.
  • The categories of Personal Information that we have disclosed for a business purpose, along with the category of any other company we shared it with.
  • The categories of Personal Information that we have sold, along with the category of any company we sold it to. If we have not sold your Personal Information, we will say so.

 

Right to Correct Incomplete, Inaccurate, or Out-of-date Personal Information.

You may have the right to request that we correct any Personal Information about you that is inaccurate, by submitting a verifiable consumer request. Depending on the purpose of the processing, you also have the right to request that we complete the Personal Information we hold about you where you believe it is incomplete, including by means of providing a supplementary statement.

Right to Personal Information Portability.

Consistent with applicable law and subject to certain exceptions, you may have the right to request that we transfer the Personal Information we have collected about you to another organization, or directly to you, in a structured, commonly used, and machine-readable format, under certain conditions.

Right to Request Anonymization, Blocking, or Deletion of Personal Information.

You may have the right to request the deletion of your Personal Information we have collected from you, subject to certain conditions and limitations under the law. Once we receive a request, we will delete (to the extent required by law) the Personal Information we retain about you and direct any service providers to do the same. If we determine that an exception applies, we will inform you of the reason for denying the deletion request. In some cases, deletion may be accomplished through de-identification.

Please understand that if you request us to delete your Personal Information, our subsequent removal of such Personal Information may impact your ability to use our Services, and may limit your use of or participation in our Services that require your Personal Information.

Right to Revoke Consent.

Where we rely on your consent to process your Personal Information, you may have the right to withdraw that consent at any time with future effect. Depending on where you are located, you may also have the right to request deletion of Personal Information that was processed based on your consent, or the right to know the consequences of revoking your consent. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal.

Right to Object to Automated Decision-Making/Profiling.

You may have the right to object to our processing of your Personal Information, under certain conditions, and we can be required to no longer process your Personal Information.  Such right to object may apply if we collect and process your Personal Information through automated decision making, such as profiling, to better understand your interests in our products and services or for direct marketing.  If you have a right to object and you exercise this right, your Personal Information will no longer be processed by us for such purposes.  Such a right to object may, in particular, not exist if the processing of your Personal Information is necessary to take steps prior to entering into a contract or to perform a contract already concluded.

Right to Opt-out of the Sale of Personal Information.

We do not sell your Personal Information in exchange for monetary consideration. If this changes, we will notify you, and you may have the right to restrict such sales.

Right to Opt-out of Sharing of Personal Information for Certain Processing (Profiling/Targeted Advertising/Personalized Advertising).

Consistent with applicable law, you may have the right to opt-out of having your Personal Information shared for purposes of targeted or personalized advertising. You may also have the right to request further information about the disclosure of your Personal Information for those third parties’ marketing purposes, such as the contact information of those parties, once per calendar year.

Right to Limit the Use and Disclosure of Sensitive Personal Information.

We will only use sensitive or special Personal Information as needed for the purposes for which it was collected or with your consent. However, we do not currently collect or process sensitive Personal Information for purposes that may be limited under applicable law. If this changes, we will notify you, and you may have the right to opt-in to the processing of such sensitive Personal Information.

Right to Non-discrimination for Exercising a Privacy Right.

We will not discriminate against you for exercising any rights. This generally means we will not deny you goods or services, charge different prices or rates, provide a different level of service or quality of goods, or suggest that you might receive a different price or level of quality of goods.

Right to Disclosure of Direct Marketers.

You may have a right to the categories and names/addresses of third parties that have received Personal Information for their direct marketing purposes upon simple request, and free of charge, if any.

Exercising your Rights; Verification of Requests.

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child. Certain states require that we verify the identity of each person who makes a request to know what Personal Information we have about you or to delete the Personal Information we have about you.

In some regions you may request this information no more than two times in a rolling twelve-month period. When you make this request, the information provided may be limited to Personal Information we collected about you in the previous 12 months.

All requests must provide sufficient information to allow us to reasonably verify you are the person whom we collected Personal Information about or an authorized representative of such person. We will respond to your verifiable request within the prescribed timelines. We will only use the information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. Please describe your request with sufficient detail to allow us to properly respond to it. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

Appeals.

If we deny your verifiable request to exercise your applicable privacy rights on your behalf, in some locations you may have the right to appeal our decision. To initiate an appeal, please submit a written request to us within thirty (30) days of receiving our denial notice. We will review your appeal and respond within thirty (30) days of receipt of your appeal. If your appeal is denied, we will provide an explanation for the denial and inform you of any further rights you may have.

De-Identification.

Consistent with applicable law, we commit to maintain and use anonymized information in de-identified form and not to attempt to re-identify the information, except that we may attempt to re-identify the information solely for the purpose of determining whether its de-identification processes satisfy the requirements of the California Privacy Rights Act, or other applicable state laws.

Global Privacy Control.

Global Privacy Control is a browser setting that allows you to notify websites you visit about your privacy preferences. We honor website visitors’ Global Privacy Control signals.

California Privacy Rights – Additional Disclosures.

Your Rights Under the CCPA

The California Consumer Privacy Act or “CCPA” (California Civil Code Section 1798.100 et seq.), as amended, provides certain additional rights to California residents. If you are a California resident, please note that this is the Notice At Collection we are required to provide to you under California law.

Subject to certain exceptions, the CCPA grants to California residents the rights to (i) be notified about the collection, use, disclosure, sale or sharing of their Personal Information; (ii) request access to, deletion of, or correction of their Personal Information; (iii) request to opt out of the “sale” or “sharing” of Personal Information (where such information is sold or shared); (iv) limit the use or disclosure of Sensitive Personal Information (as defined under CCPA); (v) not be discriminated against for exercising such rights; (vi) and the right to disclosure of direct marketers. All of these rights are described in more detail above.

You can exercise these rights related to your Personal Information by contacting us via any of the options available in the Contact Us section.  If you request a deletion of your Personal Information, Kilo may still need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by CCPA.  Kilo does not currently collect any Sensitive Personal Information (as defined by the CCPA).

You may make an authenticated consumer request exercising your Right to Know and Access Specific Information including Right to Know what Personal Information is being Sold or Shared or under the CCPA twice within a twelve (12) month period.

Authorized Agent

You may use an authorized agent to submit verifiable consumer requests on your behalf provided that the authorized agent is a natural person or a business entity that you have authorized to act on your behalf. If you use an authorized agent, we will require: (1) proof of written permission for the authorized agent to make requests on your behalf, and identity verification from you; or (2) proof of power of attorney pursuant to California Probate Code sections 4000 to 4665. We may deny a request from an authorized agent that does not submit proper verification proof.

The categories of Personal Information collected, disclosed, and shared or sold from California residents over the preceding 12 months include:

Table
Category of Personal Information Categories of Recipients Business Purpose Collected Disclosed Shared/Sold
Payment Information Payment Processors Processing subscription payments; assisting Clients in setting up billing for their Gym Members.

Kilo uses a third-party payment processor. Users are directed to provide their payment details and Personal Information directly to the third-party payment processor. Kilo is not involved in the collection and processing of such information. 		No No No
Identifiers (name, address, email address, emergency contact information) Service Providers; Website hosts; Advertising Partners To provide the services purchased or requested by the Client, business operations, customer service, and communication. To provide marketing and advertising. Yes Yes Yes
Personal information defined in Civil Code Section 1798.80(e) (phone number, emergency contact information) Service Providers; Website hosts To provide the services purchased or requested by the Client, business operations, customer service, and communication. To provide marketing and advertising. Yes Yes No
Characteristics of Protected Classifications (gender and date of birth) Service Providers; Website hosts To provide the services purchased or requested by the Client, business operations, customer service, and communication. Yes Yes No
Commercial information (services purchased) Service Providers; Website hosts To provide the services purchased or requested by the Client, business operations, customer service, and communication. Yes No No
Biometric information N/A No No No
Internet or other similar network activity (browsing history, information regarding consumers interaction with a website) Service Providers; Analytics; Advertising Partners To carry-out our business operations, make improvements, advertising and marketing and for analytic purposes. Yes Yes Yes
Geolocation data N/A No No No
Audio, electronic, visual, thermal, or olfactory information N/A No No No
Professional or employment-related information N/A No No No
Education information N/A No No No
Inferences (such as analytics and preferences) Service Providers; Analytics; Advertising Partners To carry-out our business operations, advertising and marketing and for analytic purposes. Yes Yes Yes
Sensitive Personal Information N/A No No No

Kilo does not sell your Personal Information. Kilo does share limited Personal Information about Users for personalized advertising, cross-contextual targeted advertising and other marketing purposes.

You can find more information about what we collect and sources of that Information in the How We Collect Information section. We retain this information for the length of time described in our Information Retention section.

Do-Not-Track Disclosures; Third-Party Tracking.

Certain mechanisms may allow you to send web browser signals, known as “Do Not Track” (“DNT”) signals, indicating your choice to disable tracking on websites. We do not respond to browsers do not track signals currently. We may not be aware of or able to honor and respond to every such mechanism. More information about “do not track” is available at www.allaboutdnt.org concerning such information.

Third parties, other than our service providers and vendors, do not have authorization from us to track which websites, or other online services you visit prior to and after visiting our websites. Please note, however, that we cannot control third-party tracking and there may be some third-party tracking that occurs without our consent or knowledge.

Shine the Light Request.

California Civil Code § 1798.83 permits residents of California to request from Kilo a notice disclosing: (1) the categories of Personal Information we have shared with third parties, if any, for the third parties’ direct marketing purposes, during the preceding calendar year, and (2) the names and addresses of those third parties. To submit a shine the light request, please contact us by using the contact details in the Contact Us section.

DATA CONTROLLERS, DATA PROCESSORS; TRANSFERRING INFORMATION:

Data Processors; Data Controllers.

Kilo’s Services are offered in multiple countries across the globe. Depending on the Services you purchased Kilo may at times be considered the Controller of Personal Information, meaning Kilo is the company responsible for processing the Personal Information. In other instances, Kilo serves as the Data Processor, meaning Kilo processes the Personal Information at the direction of the Data Controller.

Transferring Information.

Because Kilo’s Services are offered worldwide, the information about you that we process when you use the Services in the EEA or U.K. may be used, stored, and/or accessed by individuals operating outside the EEA or U.K. who work for us, or third-party data processors. This is required for the purposes listed in the How We Process and Use Your Information and How We Disclose Your Information sections.

When we provide information about you to entities outside the EEA or U.K., we will take appropriate measures to ensure that the recipient protects your Personal Information adequately in accordance with this Privacy Policy and as required by applicable law. These measures may include entering into European Commission approved standard contractual arrangements with entities based in countries outside the EEA or U.K.

CHANGES TO OUR PRIVACY POLICY:

We reserve the right to change the terms of this Privacy Policy at any time by posting those changes to this Privacy Policy, so that you are always aware of our processes related to collection, use and disclosure of your Personal Information. For significant changes, we will notify you by posting a prominent notice on our Website indicating when the Privacy Policy was most recently updated.  Please consult this portion of the Website regularly for important changes to the Privacy Policy as they occur.

LAST UPDATED: March 25, 2025.

Run a successful gym with Kilo

Book a Call