Privacy Policy

Last updated: 15 January 2026

UrbanSolarium B.V. ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you use our services, visit our facilities, or interact with our website.

Data Controller Information

UrbanSolarium B.V. is the data controller responsible for your personal data. We are registered in the Netherlands with registration number NL91827364 and VAT number NL006372819B01. Our registered address is Marktplein 38, 1091 VJ Amsterdam, North Holland, Netherlands.

Data We Collect

We collect and process various types of personal data to provide our fitness services and improve your experience:

• Personal Information: Name, email address, phone number, postal address, date of birth, and emergency contact details
• Membership Data: Membership type, payment information, facility access records, and service usage history
• Health Information: Fitness assessments, health questionnaires, medical conditions relevant to exercise, and training goals (with your explicit consent)
• Website Data: IP address, browser type, pages visited, time spent on site, and device information
• Communication Records: Records of correspondence, feedback, and customer service interactions

How We Use Your Information

We process your personal data for the following purposes under various legal bases:

• Service Delivery: To provide gym access, personal training, group classes, and other fitness services (Contract performance)
• Account Management: To manage your membership, process payments, and maintain your account (Contract performance)
• Health and Safety: To ensure safe use of facilities and equipment, and to respond to medical emergencies (Legitimate interests and vital interests)
• Communication: To respond to enquiries, provide customer support, and send service-related notifications (Contract performance and legitimate interests)
• Marketing: To send promotional materials and information about new services (with your consent or legitimate interests where permitted)
• Legal Compliance: To comply with legal obligations, including tax and regulatory requirements (Legal obligation)
• Business Operations: To improve our services, conduct analysis, and manage our business operations (Legitimate interests)

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please see our Cookie Policy.

Data Sharing and Disclosure

We may share your personal data with:

• Service Providers: Third-party companies that help us operate our business, such as payment processors, IT support, and cleaning services
• Professional Advisors: Lawyers, accountants, and other professional advisors when necessary for business operations
• Emergency Services: Medical professionals or emergency services if required for health and safety reasons
• Legal Authorities: Government agencies or law enforcement when required by law or to protect our rights
• Business Transfers: In the event of a merger, acquisition, or sale of our business assets

We do not sell your personal data to third parties for marketing purposes.

International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other approved mechanisms under GDPR.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and resolve disputes. Membership data is typically retained for the duration of your membership plus seven years for accounting and legal purposes. Health information is retained for the period required by applicable healthcare regulations. Marketing consent records are kept until you withdraw consent or we determine the data is no longer needed.

Your Rights

Under GDPR and applicable data protection laws, you have the following rights:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of processing in certain situations
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis

To exercise these rights, please contact us using the information provided below. We will respond to your request within one month, though this may be extended in complex cases.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection principles.

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16 without appropriate parental consent. If you believe we have collected information from a child under 16, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website and, where appropriate, by other communication methods. The "Last updated" date at the top of this policy indicates when it was last revised.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us about data protection matters, please reach out to us:

Supervisory Authority

You have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data in accordance with applicable data protection laws. You can contact them at autoriteitpersoonsgegevens.nl or by phone at +31 70 888 8500.