Effective Date: December 9, 2022
Athletes’ Performance, Inc. and its affiliates (“Exos”, “us”, “we”, or “our”) is a human performance company helping individuals reach higher and achieve more. Our core objective is to help you achieve your personal, professional, fitness, and all-around performance goals.
We value protecting your privacy. To fulfill our commitment to providing the Exos Offerings (defined below), we may collect your Personal Information (defined below) along the way.
This Privacy Policy (“Policy”) provides you with details regarding our privacy practices in connection with the Personal Information we collect from our members of and/or participants in the Exos Offerings (“you,” “your,” or “Member”).
By accessing our website, apps, and/or using our services, including but not limited to the Exos Offerings, you acknowledge and agree that information you provide to us will be collected, used, shared, cared for, stored in a database over which Exos acts as controller or processor as specified below under the heading “Role of the Parties” (collectively, “Processed,” “Process,” or “Processing”) pursuant to the guidelines of this policy. The “Exos Offerings” include, but are not limited to:
The terms governing your use of the Exos Offerings are defined in our Terms of Service, of which this Policy forms a part.
“Personal Information” means information relating to an identified or identifiable natural person or household, as applicable. Exos will only Process your Personal Information for the purposes described within this Policy. You are not required by law to provide Exos with any Personal information. Providing Personal Information is subject to your free will and consent. However, you acknowledge that it is necessary that you share certain Personal Information with Exos for the proper operation of the Exos Offerings; without it the Exos Offerings may not function. Exos does not buy, sell, or trade Personal Information with third parties for any reason.
Under the EU General Data Protection Regulation (Regulation 2016/679) (“GDPR”), or any other local law or regulation regarding data protection (“Applicable Laws”), Exos acts as the Data Controller of our Website visitor data and of the Personal Data we collect from or about you as a user of the Exos Offerings.
In the event you are a Client (as defined above), Exos acts as a Data Processor on your behalf of that data which you send us directly in your capacity as our Client (generally limited to your list of employees eligible to use our Exos Digital Solutions). For such data, you as Client decide independently what data to provide and how Exos should process it.
The types of Personal Information we Process include the following and depend on the Exos Offering(s) you are utilizing. Exos Processes Personal Information in accordance with Applicable Law for the purpose of developing, fulfilling and improving the Exos Offerings. We obtain a legal basis for Processing your Personal Information (i) through your consent and registration, either directly or via your consent given to your employer, community center, an Exos branded or managed physical therapy clinic you attend or another authorized agent (“Agent”), to utilize or participate in our Exos Offerings and/or (ii) to meet contractual obligations that relate to, without limitation, supporting the Fitness Solutions offered to our Clients.
In many cases, we will collect the Personal Information described below directly from you. In some cases, however, we will collect the information from other sources, such as your Agent, our Clients, third party partners with whom we partner with to provide the Exos Offerings and other products, and services, and other sources including public databases, joint marketing partners, social media platforms, and vendors who provide services on our behalf. If Exos obtains your Personal Information from a third party such as your employer, that third party will be responsible for obtaining your consent for processing your Personal Information by other lawful basis in compliance with Applicable Laws and for transferring your Personal Information to Exos.
The table below describes the data we Process, how we Process it, and our lawful basis for doing so under the GDPR and Applicable Laws.
Type of Data |
Purpose of Processing |
Lawful Basis |
Processing Actions |
Identifiers, Account Information, & Demographics When you register to utilize an Exos Offering, for example, by creating an Exos Digital Solutions user account (“Account”), or by signing-up to receive notifications or updates, we may Process Personal Information about you such as your name (real name and alias/preferred name), email address, telephone number, postal address, gender, height, weight, age, date of birth, gender pronouns, marital and family status and size, medical/injury history, disability, military and veteran status, and login credentials (i.e., username and password).
|
We will process this information to: (i) provide Exos’ human performance capabilities and resources including under any agreement established with you or a Client; (ii) to facilitate transactions and payments; (iii) for authentication purposes to use the Exos Offerings; and (iv) for compliance purposes, including enforcing our Terms of Service and complying with our contractual obligations with third parties.
|
Performance of our contract with you. Processing of data concerning health and/or sex life is subject to your explicit consent. Note that you have the right to withdraw your consent at any time. After you terminate your engagement with us and cease using the Exos Offerings, we may keep a record of your purchases and activity with us, as part of our legitimate interests.
|
We will collect, store, analyze, share with sub-processors and use the information consistent with the applicable purpose of processing, including to allow you to use the Offerings, and to keep log data regarding your usage and use preferences, etc. |
Fitness & Health-Related Information In connection with your use of the Exos Offerings, we may Process information regarding your fitness, health, nutrition, activities, and biological characteristics. This information may include performance information, physical assessments (e.g., body composition, heart rate threshold, and VO2 score ratings), fitness goals, training history, nutritional data, injury history, sleep information, motivational well-being, and workout activity. |
We will process this information to: (i) provide, maintain, operate, improve, and develop new (collectively, “Provide”) Exos Offerings; and (ii) create and customize your user experience to your goals and interest, and help you track your fitness progress.
|
General fitness data is processed for fulfilling our contract with you. Processing of data concerning health is subject to your explicit consent. Note that you have the right to withdraw your consent at any time.
|
We will collect, store analyze, share with sub-processors and use the information consistent with the applicable purpose of processing, including to allow you to use the Offerings, keep log data regarding your usage and use preferences, etc. |
Preferences & Usage Information We may collect information about your use of the Exos Offerings and preferred content directly from you and through your use of the Exos Offerings. This information includes your fitness goals, Facility utilization, workout activity and associated metrics, interactions with EXOS Coaches, favorite content, location preferences (i.e., in-Facility or digitally), communications preferences, and purchases. |
We will process this information to: (i) Provide the Exos Offerings; (ii) help us understand how you use the Exos Offerings, and develop new Exos Offerings; (iii) track your use of the Exos Offerings utilization; (iv) create and customize your user experience to your goals and interest, and help you track your fitness progress; and (v) to develop, customize, enhance, or provide marketing and/or advertising for the Exos Offerings. |
Performance of our contract with you. |
We will collect, store, analyze, share with sub-processors and use the information consistent with the applicable purpose of processing, including to allow you to use the Offerings, keep log data regarding your usage and use preferences, etc. |
Fitness Monitor Data You may decide to utilize a wearable device, a data collection application, or other third-party tracking offering (collectively known as “Fitness Monitors”) in connection with the Exos Offerings and/or your Account. By utilizing such Fitness Monitor with the Exos Offerings, you understand that we may receive certain information, which may include calories burned, sleep patterns, heart rate, workout activity, and other data collected by the Fitness Monitor.
|
We will process this information to: (i) enable a seamless and integrated fitness experience across the Exos Offerings and your fitness activities; (ii) create and customize your user experience to your goals and interest, and help you track your fitness progress; and (iii) Provide the Exos Offerings.
|
Processing of data concerning health is subject to your explicit consent. Note that you have the right to withdraw your consent at any time.
|
We will collect, store, analyze, share with sub-processors and use the information consistent with the applicable purpose of processing, including to allow you to use the Offerings, keep log data regarding your usage and use preferences, etc. |
Communications-Related Information If you communicate with us directly, including Team Members, or with other Members via the Exos Offerings, we may log information about your communications (such as the length of any communications session and originating and terminating phone numbers or IP address) and may monitor or record the content of communications for security purposes to protect our Team Members and other individuals with whom you communicate, and to enforce our Terms of Service and applicable code of conduct. Additionally, when you provide feedback on the Exos Offerings or a Team Member, we will receive the contents of your message or attachments and other information you choose to provide. We may also collect information you provide through your participation in any surveys or studies and may track whether you open or interact with emails that we send you.
|
We will process this information to: (i) Provide the Exos Offerings; (ii) communicate with you to respond to your questions, comments, and other requests; (iii) to conduct surveys and otherwise provide customer support; and (iv) subject to your consent, provide you with updates and other materials about offers and new Exos Offerings that may be of interest to you and measure the effectiveness of our advertising and marketing campaigns. Exos may provide these materials by phone, postal mail, text, or email, as permitted by applicable law. You may contact Exos at any time to opt-out of the use of your Personal Information for marketing purposes as described herein |
In case you are approaching us as an actual customer for support purposes we will process your data for the performance of the contract with us. Where we retain your data just as part of our records, the lawful basis for processing your data will be our legitimate interest. Any marketing materials will be sent subject to your consent. Note that you have the right to withdraw your consent at any time. |
We will collect, store analyze, share with sub-processors and use the information consistent with the applicable purpose of processing, including transmitting it to our system and storing it in it (including third party systems, e.g., our email, CRM), and using it to respond to you by email or any other means of contact you provide us. We also keep record of all our correspondence with you. |
Payment Information When you make a purchase related to and/or through the Exos Offerings, we will utilize a third-party service in compliance with payment card industry security standards to securely receive, process, and store your credit card or other payment information virtually. The use of your payment information by third-party processors will be subject to such party’s terms and conditions, and privacy policies. We do not store full credit card information on our servers.
|
We will process this information to: (i) facilitate transactions and payments; and (ii) to detect and prevent fraud and respond to security and safety issues that may arise. |
Performance of our contract with you.
|
We will collect, store, analyze, share with sub-processors and use the information consistent with the applicable purpose of processing, including storing your information in our systems and using it for billing you. |
Device Information We use technologies to collect information from your devices (computers, mobile phones, tablets, etc.) when you access the Exos Digital Solutions. This information could include your IP address, device advertising ID, information about your phone’s/browser’s operating system, how you use the app or device, and your physical location. Please also refer to our Cookie and Pixel Tracking Policy.
|
We will process this information to: (i) analyze and improve Exos, the Exos Offerings, and our third party partners’ services, and to develop new EXOS Offerings and (ii) to facilitate the connection between your use of the Exos Offerings and third-party services or applications. |
Such processing is part of our legitimate interests as a commercial business. |
We will collect, store, analyze, share with sub-processors and use the information consistent with the applicable purpose of processing, including collection of data, aggregation and statistical analysis, report generation, record keeping and storage. |
Employment Opportunities Additionally, if you apply for a job with us, you may submit your contact information and your resume online. If you choose to submit your name, contact information, resume and/or other personal information to us, you are authorizing us to use the information for all lawful and legitimate hiring and employment purposes. |
We will process this information to: (i) consider your candidacy for present and future open opportunities; and (ii) improve our hiring and opportunity targeting processes, including using research tools to combine the Personal Information you choose to provide with your application and on your resume with information from other sources.
|
Your consent. Note that you have the right to withdraw your consent. |
We will collect, store, analyze, share with sub-processors and use the information consistent with the applicable purpose of processing, including storage of your information in our systems and using it for contacting you. We will keep record of your recruitment data as part of our business records. |
Depending on your interaction with our Offerings, we may collect aggregated or otherwise non-personal information (“Non-Personal Information”), meaning, information which does not identify a specific natural person and cannot reasonably be used for such identification. We collect Non-Personal Information regarding use of the Offerings, such as the time and date you have accessed specific portions of the Offerings, interactions with content and materials displayed through our Offerings, language preference, and other technical information regarding the device used to access the Offerings, for example type of device, type of browser, operating system, etc. We may collect, in addition, statistical information; fitness outcome data; Client/Member survey scores and website usage data. This data is considered as Non-Personal Information when collected on an aggregate basis, or when otherwise not combined with personal identifiers.
We may also process and anonymize or aggregate Personal Information and identifiable information in a manner that shall create a new set of data that will be Non-Personal Information.
We may use and share Non-Personal Information without limitation and for any purpose, including for commercial, research, or statistical purposes, without further notice to you.
As users of the Exos Digital Solutions, Members can import their fitness activity data from third party applications such as Google Fit and Apple Health into the Exos Digital Solutions. If you opt into this feature, you are granting Exos the right to receive limited information about your fitness activity to populate your Account and to share certain fitness activity information with your chosen third party application. Exos will only collect the specific types of fitness activity data you specify in the third party application, for example heart rate, activity, and calories burned. Exos Coaches may use your fitness activity data to provide a more personalized coaching that takes into consideration such aspects of your fitness activities outside of the Exos Digital Solutions. You may disable this feature at any time within the Exos Digital Solutions, and this may result in your fitness plans being less personalized.
Please note that the collection of your data from these third party applications is also governed by their specific privacy policies, and you may wish to review these privacy policies to better understand the privacy practices of Google Fit and Apple Health.
Unless you instruct us otherwise and subject to applicable laws, we retain the information we collect for as long as needed to provide our Offerings, to comply with our legal obligations, to resolve disputes and to enforce our agreements if applicable. This means at minimum that we will retain your data for as long as you have an Account in our systems and continue to use our Offerings, and for a reasonable period after you cease using our Offerings if you have not requested that we delete your Account, in order to provide you with continuity of service if you return to using our Offerings after a period of absence.
We may retain your Personal Information for the above purposes for as long as you continue to access the Exos Offerings, and for a designated period after your last use of the Exos Offerings so that if you resume using the Exos Offerings you will have access to historical data.
Please note that to the extent we act as a Data Processor on behalf of a Client, we retain Personal Information as directed by the Client.
Except as set forth in this Policy or as specifically agreed to by you, we will not disclose any of your Personal Information other than for the following reasons (to the extent permitted by applicable law):
In particular, when you use the Exos Digital Solutions, we will share your Personal Information with the third parties designated as “subprocessors” listed here. Exos has entered into appropriate data protection agreements with its subprocessors, which comply with Applicable Law and which are consistent with this Privacy Policy.
We take great care in implementing physical, technical, and administrative security measures that we believe comply with Applicable Laws and industry standards for securing your personal data. However the transmission of information online can never be 100% secure. As such, we do not guarantee the security of data transmitted via the Exos Offerings and you use them at your own risk.
We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what Personal Information we collect, so that you can make meaningful choices about how it is used. We provide you with the ability to exercise certain choices, rights and controls in connection with your information. Depending on your jurisdiction, data protection and privacy laws may provide you with rights regarding your Personal Information, including the right to: access your Personal Information that we process; ensure your Personal Information is accurate, complete and up to date; have your Personal Information amended (by correcting, deleting or adding information); object to the processing of your Personal Information, to the extent applicable; send or “port” your Personal Information; file a complaint with a supervisory authority in your jurisdiction; withdraw consent, subject to legal or contractual restrictions and reasonable notice; and to not be discriminated against for exercising your rights.
For portability requests, we will provide the data in a reasonable format. If you choose to erase your information, you may be unable to use some, or all, of the Exos Offerings.
If you wish to exercise any of your rights, please contact us as described in this Policy. If we are not able to fulfill your request, we will endeavor to explain the reasoning for this and inform you of your rights. We reserve the right to ask for reasonable evidence to verify your identity before we fulfill certain types of requests in accordance with applicable law.
In addition to your rights detailed below, you may opt-out of data collection and sharing enabled through cookies. Most browsers will allow you to erase cookies from your computer's hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. For more information about cookies and your controls in this regard, please review your browser settings as well as our Cookie Policy.
When we process information you provide to us based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. To withdraw your consent, please contact us as described in this Policy.
You have the right to lodge a complaint at any time with the relevant supervisory authority for data protection issues. However, we will appreciate the chance to address your concerns before you approach the authorities, so please feel free to contact us at any time.
We are committed to protecting the privacy of all Members of the Exos Offerings and will use commercially reasonable efforts to honor requests made by any individual and Member about whom we have collected Personal Information. Depending on your state of residence, you may have specific legal rights related to such requests.
You can unsubscribe from our email communications via the “unsubscribe” link provided in the emails and revoke your consent to receive marketing text messages by replying to any of our marketing text messages with “STOP”. Even if you opt out of receiving promotional messages from us, you may continue to receive administrative or transactional messages from us.
You can prevent your device from sharing precise location information at any time through your device’s operating system or browser’s settings. We may, however, continue to collect information about the location of any Facility where you check in if such Facility is linked to your Account.
Please see our Cookie and Pixel Tracking Policy to learn more about the analytics services that we utilize. You may visit the websites of such third party analytics service providers to learn how to opt out of such services.
Some browsers include the ability to transmit “Do Not Track” signals. We do not Process or respond to “Do Not Track” signals. Instead, we adhere to the standards described in this Policy and our Cookie and Pixel Tracking Policy below.
We recognize the importance of protecting the privacy and safety of children. To provide the Exos Offerings, we may need to collect Personal Information about children as defined under Applicable Law (e.g., under 13 years old for US individuals, under 16 years old for European Economic Area individuals, under 18 years old regarding Israeli individuals, and under 12 year old for Brazilian individuals). However, Exos Offerings are not child directed and do not knowingly collect, maintain, or use Personal Information about children without verifiable parental consent. If you learn that a child has provided us with Personal Information in violation of this Policy, then you may alert us at support@teamexos.com.
We may store or process your Personal Information in a variety of countries, including the United States.
We will transfer any data that originates in the European Union (“EU”), the United Kingdom or Switzerland to a country outside that area in compliance with the provisions of Chapter 5 of the GDPR and other Applicable Laws, e.g.:
If you are a resident of a jurisdiction from which transferring your Personal Information requires your consent, then your consent to this Privacy Policy includes your express consent for such transfer of your data.
Also, we may transfer your data from the United States to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Exos Offerings. By providing any information, including Personal Information, on or to the Exos Offerings, you consent to such transfer, storage, and processing.
We will post any changes to the Policy on this page, and the revised version will be effective when it is posted. We will notify you by updating the “Last Updated” date at the top of this Policy, or through other communication. We encourage you to review this Policy whenever you use or access the Exos Offerings or otherwise interact with us to stay informed about our information practices and the ways you can help protect your privacy.
This Privacy Notice for California Residents supplements the information contained in Exos’ Privacy Policy and applies solely to persons who reside in the State of California (“you” or “Consumer”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this Notice.
We have collected the following categories of Personal Information from our Consumers within the last twelve (12) months:
We use your information in accordance with the Section “How We Use Your Personal Information ” in our Privacy Policy.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except pursuant to the contract. Please see above for the disclosures we have made in the preceding 12 months for a business purpose.
In the preceding 12 months, we have not sold personal information.
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
You have the right to request any or all of the following relating to your personal information we have collected in the last 12 months, upon verification of your identity:
You have the right to request the deletion of Personal Information we have collected from you, subject to certain exceptions.
The Right to Opt Out of Personal Information Sales
You have the right to request that we do not sell the Personal Information we have collected about you to third parties now or in the future.
The Right to Non-Discrimination
You have the right not to receive discriminatory treatment for exercising these rights. However, please note that if the exercise of these rights limits our ability to process Personal Information, we may no longer be able to provide you our products and services or engage with you in the same manner.
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to support@teamexos.com.
We are committed to responding to all inquiries and resolving any complaints about your privacy and our collection or use of your Personal Information. For assistance, contact our Privacy Officer.
Exos Data Protection Officer:
Email: support@teamexos.com
U.S. Toll-Free Number: +1 (877) 660-4171
U.S. Domestic Number (reachable globally): +1 623-201-1433
Mailing Address:
Athletes' Performance, Inc. (Exos)
Attn: Exos Privacy Officer
2629 E. Rose Garden Lane, Phoenix, AZ 85050, USA
In-Person:
You can contact the manager staff at the Facility of which you are a Member. They will contact the Exos Privacy Officer on your behalf.
Authorized Agent Requests
If you utilize an Agent or a representative on your behalf to submit an opt-out request, we must obtain verifiable proof that such Agent represents you. The Agent can submit the opt-out request as described in the Data Request Guidance section above.
We recommend only using an authorized Agent only as necessary as this may require additional steps to verify your representative.
You have just read the historical version of this document superseded by our Current Privacy Policy