Privacy Policy
Effective Date: August 17, 2025
Welcome to the ZONE EIGHT website. Your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your personal data in connection with the operation of our website and the provision of online HYROX training plans, primarily through the FITR platform.
1. Who We Are (Data Controller)
Vojtěch Nekoranec, ZONE EIGHT, marketing@zone8training.com
As the data controller, we are responsible for the lawful processing of your data in accordance with the General Data Protection Regulation (GDPR).
2. What Data We Collect and Why
We collect and process the following types of personal data for the purposes stated below and based on the indicated legal grounds:
a) Data Collected via the FITR Platform
We use the FITR platform (https://www.coachwithfitr.com/) to provide and manage your online HYROX training plans. In the context of delivering our service through FITR, FITR acts as a data processor for our purposes.
Types of Data: When you register for and use the service via FITR, the following data may be collected:
Identification Data: Name, surname, email address.
Payment Data: Information necessary for processing payments for training plans (e.g., credit card details), which are processed by secure payment gateways, and FITR may process these on our behalf or as their own controller.
Training and Performance Data: Data related to your training plans (e.g., exercise results, progress, records of completed workouts, set goals, weight, height, gender), which allows us to provide personalized training plans.
Communication: Messages and interactions within the FITR platform between you and us (the coach).
Technical Data about Platform Usage: IP address, device type, operating system, browser, and other technical information that helps ensure the functionality and security of the FITR service.
Purposes of Processing: Providing, managing, and personalizing online HYROX training plans, invoicing, communicating with users regarding training, and technical support.
Legal Basis: Processing is necessary for the performance of a contract for the provision of training services that you enter into with us via the FITR platform (Art. 6(1)(b) GDPR).
Further Information: Detailed information about the processing of personal data by the FITR platform, including their own commitments and practices, can be found directly in their Privacy Policy: https://www.coachwithfitr.com/legals/privacy-policy. We recommend you familiarize yourself with it.
b) Data Collected Directly by Our Website (Cookies and Analytics)
When you visit our website, we may collect certain technical information and data about your website usage through cookies and similar technologies.
Types of Data: IP address, browser type, operating system, referring URL, pages visited, time spent on the website, frequency of visits.
Purposes of Processing: Website traffic analysis, improving website functionality and user experience, technical support, and website security.
Legal Basis:
Necessary Cookies: Our legitimate interest in the proper functioning of the website (Art. 6(1)(f) GDPR).
Analytical and Marketing Cookies: Your consent, obtained through a cookie banner (Art. 6(1)(a) GDPR).
More Information: For more detailed information about the use of cookies and your options for managing them, please refer to our [Cookie Policy] (if you have a separate section).
3. How We Use the Data
We use the collected data for the following purposes:
Providing and managing your HYROX training plans.
Improving and optimizing our website's functionality and content.
Analyzing user trends and behavior for statistical and development purposes.
Ensuring the security and stability of our systems.
Communicating with you regarding technical matters, service updates, or important information related to your training plans.
4. Sharing Data with Third Parties
We share your personal data with third parties only in necessary cases and in compliance with legal regulations:
FITR Platform: As stated above, your data is processed by the FITR platform for the purpose of providing training services. FITR acts as our data processor and has its own data protection commitments.
Analytical Service Providers: We may use tools such as Google Analytics, which help us analyze website usage. These services may collect data that is generally pseudonymized (cannot directly identify a specific person).
Legal Obligations: We may share your data if required by law, court order, or other legal processes.
5. International Data Transfers
Given that the FITR platform or some of our service providers may have servers located outside the European Union or the European Economic Area (EU/EEA), your personal data may be transferred to these countries (e.g., the United States).
In such cases, we ensure that appropriate safeguards are in place to protect your data in accordance with GDPR requirements. These safeguards primarily include:
Standard Contractual Clauses approved by the European Commission.
Certification under approved data transfer frameworks (e.g., EU-US Data Privacy Framework, if relevant).
6. Data Retention Period
We retain personal data only for the period necessary to fulfill the purposes for which it was collected or for the period stipulated by applicable legal regulations. After this period, the data is securely deleted or anonymized. The specific retention period varies depending on the type of data and the purpose of its processing (e.g., for the duration of your account with FITR and for the period necessary to fulfill legal obligations).
7. Your Rights (Data Subject Rights)
Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:
Right of Access: You have the right to obtain confirmation as to whether or not your personal data is being processed, and, where that is the case, access to the personal data and information regarding its processing.
Right to Rectification: You have the right to have inaccurate personal data concerning you rectified without undue delay, and to have incomplete personal data completed.
Right to Erasure ("Right to be Forgotten"): You have the right to request the erasure of your personal data if one of the reasons stated in Art. 17 GDPR applies (e.g., the data is no longer necessary for the purposes for which it was collected).
Right to Restriction of Processing: You have the right to obtain from us restriction of processing of your personal data if one of the reasons stated in Art. 18 GDPR applies (e.g., you contest the accuracy of the data).
Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller, where the processing is based on consent or on a contract and is carried out by automated means.
Right to Object: You have the right to object, at any time, to processing of your personal data that is based on legitimate interest (Art. 6(1)(f) GDPR) or is carried out for direct marketing purposes.
Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes GDPR. In the Czech Republic, the supervisory authority is the Office for Personal Data Protection (ÚOOÚ), Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz.
To exercise any of the above rights, please contact us at the email address: marketing@zone8training.com.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, misuse, loss, destruction, or damage. This includes data encryption, secure servers, restricted data access, and regular security audits.
9. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or changes to the FITR platform. Any changes will be posted on this page, and the effective date will be updated. We encourage you to regularly review this page for the latest information on our privacy practices.
Effective Date: August 17, 2025
Welcome to the ZONE EIGHT website. Your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your personal data in connection with the operation of our website and the provision of online HYROX training plans, primarily through the FITR platform.
1. Who We Are (Data Controller)
Vojtěch Nekoranec, ZONE EIGHT, marketing@zone8training.com
As the data controller, we are responsible for the lawful processing of your data in accordance with the General Data Protection Regulation (GDPR).
2. What Data We Collect and Why
We collect and process the following types of personal data for the purposes stated below and based on the indicated legal grounds:
a) Data Collected via the FITR Platform
We use the FITR platform (https://www.coachwithfitr.com/) to provide and manage your online HYROX training plans. In the context of delivering our service through FITR, FITR acts as a data processor for our purposes.
Types of Data: When you register for and use the service via FITR, the following data may be collected:
Identification Data: Name, surname, email address.
Payment Data: Information necessary for processing payments for training plans (e.g., credit card details), which are processed by secure payment gateways, and FITR may process these on our behalf or as their own controller.
Training and Performance Data: Data related to your training plans (e.g., exercise results, progress, records of completed workouts, set goals, weight, height, gender), which allows us to provide personalized training plans.
Communication: Messages and interactions within the FITR platform between you and us (the coach).
Technical Data about Platform Usage: IP address, device type, operating system, browser, and other technical information that helps ensure the functionality and security of the FITR service.
Purposes of Processing: Providing, managing, and personalizing online HYROX training plans, invoicing, communicating with users regarding training, and technical support.
Legal Basis: Processing is necessary for the performance of a contract for the provision of training services that you enter into with us via the FITR platform (Art. 6(1)(b) GDPR).
Further Information: Detailed information about the processing of personal data by the FITR platform, including their own commitments and practices, can be found directly in their Privacy Policy: https://www.coachwithfitr.com/legals/privacy-policy. We recommend you familiarize yourself with it.
b) Data Collected Directly by Our Website (Cookies and Analytics)
When you visit our website, we may collect certain technical information and data about your website usage through cookies and similar technologies.
Types of Data: IP address, browser type, operating system, referring URL, pages visited, time spent on the website, frequency of visits.
Purposes of Processing: Website traffic analysis, improving website functionality and user experience, technical support, and website security.
Legal Basis:
Necessary Cookies: Our legitimate interest in the proper functioning of the website (Art. 6(1)(f) GDPR).
Analytical and Marketing Cookies: Your consent, obtained through a cookie banner (Art. 6(1)(a) GDPR).
More Information: For more detailed information about the use of cookies and your options for managing them, please refer to our [Cookie Policy] (if you have a separate section).
3. How We Use the Data
We use the collected data for the following purposes:
Providing and managing your HYROX training plans.
Improving and optimizing our website's functionality and content.
Analyzing user trends and behavior for statistical and development purposes.
Ensuring the security and stability of our systems.
Communicating with you regarding technical matters, service updates, or important information related to your training plans.
4. Sharing Data with Third Parties
We share your personal data with third parties only in necessary cases and in compliance with legal regulations:
FITR Platform: As stated above, your data is processed by the FITR platform for the purpose of providing training services. FITR acts as our data processor and has its own data protection commitments.
Analytical Service Providers: We may use tools such as Google Analytics, which help us analyze website usage. These services may collect data that is generally pseudonymized (cannot directly identify a specific person).
Legal Obligations: We may share your data if required by law, court order, or other legal processes.
5. International Data Transfers
Given that the FITR platform or some of our service providers may have servers located outside the European Union or the European Economic Area (EU/EEA), your personal data may be transferred to these countries (e.g., the United States).
In such cases, we ensure that appropriate safeguards are in place to protect your data in accordance with GDPR requirements. These safeguards primarily include:
Standard Contractual Clauses approved by the European Commission.
Certification under approved data transfer frameworks (e.g., EU-US Data Privacy Framework, if relevant).
6. Data Retention Period
We retain personal data only for the period necessary to fulfill the purposes for which it was collected or for the period stipulated by applicable legal regulations. After this period, the data is securely deleted or anonymized. The specific retention period varies depending on the type of data and the purpose of its processing (e.g., for the duration of your account with FITR and for the period necessary to fulfill legal obligations).
7. Your Rights (Data Subject Rights)
Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:
Right of Access: You have the right to obtain confirmation as to whether or not your personal data is being processed, and, where that is the case, access to the personal data and information regarding its processing.
Right to Rectification: You have the right to have inaccurate personal data concerning you rectified without undue delay, and to have incomplete personal data completed.
Right to Erasure ("Right to be Forgotten"): You have the right to request the erasure of your personal data if one of the reasons stated in Art. 17 GDPR applies (e.g., the data is no longer necessary for the purposes for which it was collected).
Right to Restriction of Processing: You have the right to obtain from us restriction of processing of your personal data if one of the reasons stated in Art. 18 GDPR applies (e.g., you contest the accuracy of the data).
Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller, where the processing is based on consent or on a contract and is carried out by automated means.
Right to Object: You have the right to object, at any time, to processing of your personal data that is based on legitimate interest (Art. 6(1)(f) GDPR) or is carried out for direct marketing purposes.
Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes GDPR. In the Czech Republic, the supervisory authority is the Office for Personal Data Protection (ÚOOÚ), Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz.
To exercise any of the above rights, please contact us at the email address: marketing@zone8training.com.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, misuse, loss, destruction, or damage. This includes data encryption, secure servers, restricted data access, and regular security audits.
9. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or changes to the FITR platform. Any changes will be posted on this page, and the effective date will be updated. We encourage you to regularly review this page for the latest information on our privacy practices.