Try for free

Privacy policy

Table of Contents

1. Introduction

This Privacy Policy describes how TomFit AG (“TomFit”, “we”, “us”, or “our”) processes personal data in accordance with the Swiss Data Protection Act (DSG) (and the EU General Data Protection Regulation (GDPR), if applicable in individual cases). It applies to all TomFit online and offline services, including our website, apps, social media channels, training equipment, locations, and other interactions.

2. Data Collected

We collect various categories of personal data, including:

  • Identification data: Name, address, telephone number, email address, date of birth
  • Usage data: Website and app usage, training history, user interactions
  • Payment information: Credit card details, Twint, etc. (if applicable)
  • Location data: If you activate location features in our app, TomConnect
  • Video surveillance data (image and sound): Recordings from locations for security purposes

3. Purpose of Data Processing

We process personal data in particular for the following purposes:

  • Fulfillment of contractual obligations
  • Customer support, answering inquiries, and customer service
  • Provision, analysis, and improvement of our services, website, app, and other platforms
  • Assessment of strength status (exclusive use by the member themselves)
  • Provision of personalized training and health offers
  • Processing payments and memberships
  • Development of new products
  • Video surveillance to maintain house rules and other measures for IT, building, and facility security and to protect our employees and other persons and assets belonging to or entrusted to us; Identification of fraudulent activities, protection of user accounts, and ensuring the security of the digital and physical infrastructure
  • Marketing and communication (only with consent)
  • Processing bonus and loyalty programs with Partner companies
  • Employee and applicant management
  • Processing of leads and prospective customer data for business development
  • Purchase and sale of business units, companies, or parts of companies, and other corporate transactions
  • Assertion, exercise, or defense of legal claims and compliance with legal obligations

If you have given us your consent to process your personal data for specific purposes (for example, when you register to receive newsletters), we will process your personal data within the scope of and based on this consent, unless we have another legal basis and we require one. Consent can be revoked at any time; however, this will not affect data processing that has already taken place.

4. Disclosure of data

Personal data will only be disclosed if this is necessary to fulfill the above-mentioned purposes, e.g. E.g.:

  • To service providers (e.g., payment providers, IT providers, TomFit providers)
  • To business partners
  • To group companies
  • In case of legal obligation or official order
  • In case of corporate changes (e.g., merger or sale)

Some of these recipients are located in Germany, but they may be located anywhere in the world. In particular, you must expect your data to be transferred to the following countries: Poland, Belgium.

5. Storage and Deletion

We process and store your personal data as long as it is necessary to fulfill our contractual and legal obligations or for the purposes pursued with the processing, i.e., for example, for the duration of the entire business relationship and beyond, in accordance with statutory retention and documentation obligations. Personal data may be retained for the period during which claims can be asserted against our company and to the extent we are otherwise legally obligated to do so or legitimate business interests require it (e.g., for evidentiary and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will generally be deleted or anonymized wherever possible.

If an application does not result in an employment contract, we will retain your submitted data only for as long as necessary and to protect our legitimate interests. For possible future job offers, we will retain your documents for a further 12 months from the date of rejection. We may also retain your contact details beyond this period, in particular for marketing purposes. You can object to this retention at any time.

6. Your Rights

You have the following rights under applicable data protection law:

  • To request information about the processing of your data
  • To request correction of inaccurate data
  • To request deletion of your data (if permitted by law)
  • To object to processing, in particular for direct marketing
  • To receive data in a portable format

Requests can be sent to us via the feedback form in the TomConnect app.

Please note, however, that we reserve the right to assert the legally stipulated restrictions, particularly with deletion requests, for example if we are obliged to retain or process certain data, have an overriding interest in doing so (to the extent we are entitled to do so), or need it to assert claims.

7. Data Security

TomFit uses technical and organizational measures to protect personal data from unauthorized access, loss, or misuse.

8. Cookies

We typically use “cookies” and similar technologies on our websites and apps that can be used to identify your browser or device. A cookie is a small file that is sent to your computer or automatically saved on your computer or mobile device by the web browser you use when you visit our website or install the app. When you visit this website again or use our app, we can recognize you, even if we don’t know who you are. In addition to cookies that are only used during a session and deleted after your website visit (“session cookies”), cookies can also be used to store user preferences and other information for a specific period of time (“permanent cookies”). However, you can set your browser to reject cookies, save them only for a session, or otherwise delete them prematurely.

We use permanent cookies to save user preferences (e.g., language, auto-login), so that we can better understand how you use our services and content, and so that we can show you tailored offers and advertising. If you block cookies, certain functionalities (such as language selection, shopping cart, ordering processes) may no longer work.

We sometimes, and where permitted, include visible and invisible image elements in our newsletters and other marketing emails. By retrieving these from our servers, we can determine whether and when you opened the email, so that we can also measure and better understand how you use our services and tailor them to you. You can block this in your email program; most are preset to do so.

You can adjust your cookie settings in your browser at any time.

9. Tracking Technologies

We sometimes use Google Analytics or similar services on our websites. This is a service provided by third parties that may be located in any country in the world (in the case of Google Analytics, this is Google Ireland (based in Ireland); Google Ireland relies on Google LLC (based in the USA) as a processor (both “Google”), www.google.com), with which we can measure and evaluate the use of the website (not personally identifiable). This also uses permanent cookies placed by the service provider. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google can use this data for its own purposes to draw conclusions about the identity of visitors, create personal profiles, and link this data to these people’s Google accounts. If you have registered with the service provider yourself, the service provider also knows you. The processing of your personal data by the service provider is then the responsibility of the service provider in accordance with its privacy policy.

We also use services from Google Firebase for technical failures of the TomFit app and for sending push notifications (https://firebase.google.com/), Twilio for sending SMS messages via the TomFit app (https://www.twilio.com/de-de), and SendGrid for sending emails (https://sendgrid.com/en-us).

10. Video Surveillance

Data is generally deleted after one month, taking into account sometimes longer periods of non-working time. A longer storage period may occur if necessary to enforce legal claims or prosecute criminal offenses in a specific case, or if operational procedures (especially company holidays) require it.

11. Contact

TomFit AG

Eichelackerweg 55

CH-8700 Küsnacht

12. Changes to the Privacy Policy

We reserve the right to amend this Privacy Policy at any time. The most current version is always available on our website. If the Privacy Policy is part of an agreement with you, we will notify you of the change by email or other appropriate means.

© TomFit

Privacy policy

Terms of service

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.