Privacy Policy

Effective 31 December 2018

Your privacy is very important to Myzone. Please read our Privacy Policy carefully and contact us if you have any questions.

By accessing this website (“Site”) or using our mobile application (“App”) or other Myzone product or service on any computer, mobile phone, tablet, console or other device (each a “Device”) you consent to our Privacy Policy and to the collection, use and disclosure of your personal data in accordance with this Privacy Policy. In this Policy "we", "us" and "our" mean Myzone (defined below) and "you" means the individual who is accessing or using the Site, App or who has registered as the user of a Myzone product.
Myzone Ltd has its registered office and business address at Falcon House, Ridgeway Street, Douglas, Isle of Man IM1 1EL, British Isles.
Questions or comments about this Privacy Policy may be submitted by mail to the address above, via, or by telephone at +44 (0)115 7788 311. Our Data Protection Officer is Phil Whittam.
We collect information from you when you register your Myzone belt on this Site or via the App. We also collect information from Myzone facilities (health clubs, community hubs, social hubs, schools or employers etc.).

When registering your Myzone belt on this Site or via the App, you will be asked to enter information including your name, email address, date of birth, gender, height, weight, phone number and member/employee number (if applicable). In addition, you may provide (either through manually inputting data or through the use of compatible devices) biometric data such as blood pressure, bone mass, fat mass, basal metabolic rate, waist circumference, fat free mass, total body water, visceral fat, metabolic age and your location details.

When you employ features that leverage technologies that integrate with our Site or App, such as other mobile applications, wearables, other fitness technologies, biometric and body composition analysers, and services capturing location data, we may collect data that is shared with our Site or App. The collection of such data may occur even when our Site or App are not actively open and running. We will not collect location data unless you have allowed this in your “permissions”.

If you have installed the App on a Device and are aged 18 or over you may also capture images.

You can add details to your exercise activity and personalize your profile with photos. You can add social connections and send and receive messages with them. You can search for other Myzone users and they can search for your profile and your connections to add you and your connections as a connection (with your permission). You can elect to “like” exercise activity of Myzone users you are connected with.

We also collect information passively from the Myzone belt, including heart rate data.

Myzone facilities will be asked to provide their contact details, including their telephone number, email address(es) and Twitter account.
We will collect the following information about you:

1. Your name

2. Postal address

3. Email address

4. Telephone number (including mobile number)

We may also collect information about whether or not you completed a purchase, your purchase details (including details of aborted purchases), returns and other details such as the product purchased and the amount paid.

In the course of your use of the Site or App, we may also automatically collect technical data, including internet protocol (IP) address, your login data, browser type and version, time zone setting and location (please refer to your preference controls regarding location data), browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Site or App.

In order to complete your transaction, we may refer you to a third party’s website, or a third party’s payment portal, for example CyberSource or SimplePay, that will collect information about your payment card. The information that you submit to them is not transmitted to us, and you should review any privacy statements issued by the third-party provider before submitting your information.

In addition, our Site or App may also contain links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. It is important to note that we do not control these third-party websites and are not responsible for their privacy statements. When you leave our Site or App, we encourage you to read the privacy notice of every website and application you visit or use.

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
The primary reason for requesting information is to personalise your experience and to allow you to enjoy the full benefits of being able to monitor your physical activity through measuring, recording and displaying your heart rate while using the Myzone belt. The information we collect from you may also be used in the following ways:

  • To improve our Site or App (we continually strive to improve our Site and App based on the information and feedback we receive from you)
  • To improve customer service (your information helps us to respond more effectively to your customer service requests and support needs)
  • To administer a contest, promotion, survey or similar function. (Note: you can unsubscribe from receiving marketing communications at any time by contacting us in writing.)
  • To send periodic emails. The email address you provide will only be used to send you information and updates pertaining to your Myzone belt or matters which we believe may be of interest.
  • We request information from Myzone facilities so that they can register as a Myzone site owner, access the names of users who have registered belts at their facility so they can communicate with them, and to enhance belt users’ experience of the Myzone system.
  • To assist Myzone facilities in the service that they provide to you.

When you employ features that leverage technologies that integrate with our Site or App, data that is collected and shared with our Site or App is used to improve customer service and experience.
The primary reason for requesting information is to fulfil your order, collect payment from you, or make payment to you.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established privacy options where you can view and make certain decisions about your personal data. Depending on the preferences that you express, we may use your personal data in order to determine which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us or made a purchase from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing.

We will get your express opt-in consent before we share your personal data with any company outside the Myzone group of companies for marketing purposes.

You can ask us or third parties to stop sending you marketing messages at any time by logging into the Site and/or the App and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on any marketing message sent to you or by contacting us at any time.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
Myzone Ltd is registered as a data controller in the Isle of Man under the Data Protection Act 2002 and has Notification Number N002814. Accordingly, any personal data we hold must be:

  • Used fairly and lawfully
  • Used for specific and lawful purposes, in a manner that is compatible with those purposes
  • Adequate, relevant and not excessive
  • Accurate and where necessary kept up to date
  • Kept for no longer than necessary
  • Used in accordance with the rights of individuals under the Act
  • Kept secure to avoid unauthorised or unlawful use, accidental loss, or damage

Please be aware that information we collect will be processed in the Isle of Man, British Isles, a jurisdiction in which the data protection laws, have been deemed to provide an adequate level of protection for personal data by the European Commission. Under the GDPR, the European Commission will be reviewing its adequacy decisions and we will update this section of our privacy policy accordingly.

By using the Site or App, providing information to us, and by giving your explicit consent to the transfers of your data, you consent to the transfer to and processing of data by Myzone in the Isle of Man, British Isles and also to the transfer to and processing of data by your facility in their jurisdiction (which is likely to be the jurisdiction in which you reside and which may not offer the same level of protection). If you wish to withdraw your consent for your facility to access your personal information (perhaps because you have left your facility and have moved to another jurisdiction) you should contact
Myzone has been approved by Lloyd's Register Quality Assurance (LRQA) as conforming to Information Security Management Standard ISO/IEC 27001:2013.
Yes (cookies are small files that a site transfers to your computer’s hard drive through your Web browser (if you allow) enabling us to recognize your browser and capture and remember certain information).

We use cookies to help us remember and process site preferences so that we can offer better site experiences and tools in the future. We do not share cookies with third parties.

Some web browsers and devices permit you to broadcast a preference that you not be “tracked” online. However, we do not recognize or respond to browser-initiated Do Not Track signals, as the internet industry has not fully developed Do Not Track standards, implementations and solutions. To learn more about Do Not Track signals, you can visit
We do not share your personally identifiable information with any other party (whether by way of sale, trade, or otherwise) except in the following situations:
We may share your information with affiliates under common control with us, who are required to comply with the terms of this Privacy Policy with regard to your information. Affiliates include: Myzone (Worldwide) Ltd, Myzone (UK) Ltd, Myzone Group Ltd, Myzone Inc, and Myzone (APAC) Pty Ltd.
From time to time we may share information with subcontractors that provide us with services. These services include, among other things, assisting us in operating our website, conducting our business, or servicing you. Our subcontractors are required to keep the personal data that they receive confidential.
You can register your Myzone belt for use at a facility (health club, community hub, social hub, school or employer etc.) by selecting their facility code in your Myzone belt user account. The data shared with the facility depends upon the level of agreement that the facility has entered into with us, as follows:

Level 1.As you are a member of the facility, they will have your name in their records. They are able to see that you are a Myzone belt user connected to their facility, but we do not share any data with them.


Your facility may upgrade its facility agreement by entering into a data-sharing agreement with us. If they have entered into a data-sharing agreement, they are responsible directly to you for the data that they receive and, if applicable, that they share with other third parties. You are advised of the access level that your facility operates under and you must give explicit consent in the Myzone App to your facility accessing data in accordance with its agreement level. If you do not give consent, your data will not be shared with the facility and this may impact on the services that they can provide to you. The additional agreement levels are:

Level 2. The facility has advised us that they are based outside of the EU and that it has no EU citizens as members. They can transfer personal data from the Myzone platform to their systems. They can retain personal data on their systems if you were to terminate your Myzone belt user account and are responsible directly to you for the data that they hold.

Level 3. The facility cannot transfer personal data from the Myzone platform to their systems. If you were to terminate your Myzone belt user account, they will not have access to any personal data.

Level 4. The facility can transfer personal data from the Myzone platform to their systems. They can retain personal data on their systems if you were to terminate your Myzone belt user account and are responsible directly to you for the data that they hold.

Individuals connected with facilities are not our employees or agents and you should satisfy yourself that the facility has procedures in place to protect your privacy (and, if applicable, the privacy of any child).
Any data shared with facilities includes your first name, last name, nickname, belt ID, phone number, email address, date of birth, gender, resting heart rate, and maximum heart rate.

Your facility can also access data showing when you have participated in any class activity, the duration of such activity, and the number of calories burnt. In addition, facilities can access the names of your social connections linked with their facility and access the number of “likes” and the number of comments you have made against activities of other belt users. If you do not consent to facilities having access to such information you should not proceed with your belt registration. The facilities do not have access to any personal biometric data unless you permit them to have such access.
Our products are sold to facilities through third party distributors. If you decide to purchase a product, in order for you to enter into an agreement with the distributor, and for the distributor to fulfil the agreement for a facility, we may transfer any information that you (a facility) provide to us to the distributor.
We provide information to providers of merchant / transaction fulfilment services so that payment can be collected from you. We use CyberSource, an eCommerce payment management company, owned by Visa Inc., and SimplePay.
In the event that we are bought, or substantially all of our assets are acquired, your information will be transferred to the acquiring company.
We use your information to analyse, develop and improve our services. We may use third party analytics providers to gain insights into how our services are used and to help us improve. The iOS App uses a service called Fabric/Crashlytics to provide “crash” reports. Crashlytics uses and stores personal data for 90 days. Further details are available at
We may report to law enforcement agencies any activities that we reasonably believe to be unlawful, or that we reasonably believe may aid a law enforcement investigation into unlawful activity. In addition, we reserve the right to release your information to law enforcement agencies if we determine, in our sole judgment, that the release of your information may protect the safety or property of any person or entity.
We may share your information with others as required by, or permitted by, law. This may include sharing your information with governmental entities, or third parties in response to subpoenas, court orders, other legal process, or as we believe is necessary to exercise our legal rights, to defend against legal claims that have been brought against us, or to defend against possible legal claims that we determine in our sole discretion might be brought against us.
You may choose to permit other Myzone users to access your activities, biometrics and (provided you are aged 18 or over) images. If any user (including coaches/trainers) connected with a Facility wish to access this information (and your phone number) through their account, you will be advised by email and can choose to refuse such access.
Notwithstanding the above, we may provide anonymised (non-personally identifiable) information to other parties for marketing, advertising, or other uses.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We have provided you with a means of managing your privacy settings. You can update your default settings in the App and control what and with whom you share your personal information.

The default settings are as follows:

Allow my connections to see my “moves” data = ON (visible)
Allow my connections to see my photos = ON (visible)
Allow my connections to see all my connections = ON (visible)
Allow me to be viewed as a connection of a connection = ON (visible)
If you choose to purchase any of our products, credit card information will be collected by a third party payment processor which has represented to us that the payment data that you transfer is encrypted (turned into unidentifiable code) by a method known as SSL (secure sockets layer).

While we take reasonable and appropriate measures to protect data that you submit directly to us, remember that the Internet is a global communications vehicle open to threats, viruses and intrusions from others and we cannot promise, and you should not expect, that we will be able to protect your information at all times and in all circumstances.

We store data on servers that are either owned or leased by us. We rent space for our servers from a dedicated hosting service provider that is compliant with ISO 27001 standards of security. We store our data at Domicilium, based the Isle of Man, British Isles. The Quality and Information Security Management Systems of Domicilium have been approved by Lloyd's Register Quality Assurance (LRQA) to the following Quality and Information Security Management Standards: ISO 9001:2008; ISO/IEC 27001:2013.
We allow you as a parent or guardian to create a Myzone account for a child in your care (your child) that is under the age of 16. A child’s account operates as a sub-account of your Myzone account. Your child can access their account by using the Site or App but with restricted features. You can access your child’s account by using the Site.

A parent/guardian may consent to the appointment of a school to act in the capacity of parent/guardian of their child.

When a parent or guardian creates a Myzone account for their child, you can exercise each of the rights described in the “Your rights” section in connection with the child’s account. This includes the right to access the information that Myzone collected from the child, correct inaccuracies about the child, or delete information collected about a child. In addition to these rights, you can instruct Myzone to stop collecting additional information about your child (e.g., disable their account). As is indicated below, these rights can be exercised by contacting or, in some cases, using online features that are built into your Myzone online account.

Your child’s account displays their username, name, “moves” activity, and profile picture. This data is shared with their connections and your facility. If you wish to collect and share your child’s biometric data with a facility, you must consent to this in your Myzone account. If such consent is given Myzone will collect the information described under the “What information do we collect?” section about your child, and use that information as is described in the “What do we use your information for?” section.

Throughout the European Union, different member states have implemented or are in the process of implementing, varying ages at which children are deemed capable of giving valid consent to the processing of their personal data, as indicated below:

Country Age for Valid Consent (correct as of 4 October 2018)
Austria 14
Belgium 13
Bulgaria 14
Croatia 16
Czech Republic 13
Denmark 13
Estonia 13
Finland 13
France 15
Germany 16
Greece 15
Hungary 16
Italy 16
Latvia 13
Lithuania 14
Luxembourg 16
Malta 16
Netherlands 16
Norway 13
Poland 13
Portugal 13
Republic of Ireland    16
Romania 16
Slovakia 16
Slovenia 15
Spain 13
Sweden 13
Switzerland 16
United Kingdom 13

When you give the consent described above in respect of a child that is able to provide valid consent, the child must also give their own consent to the processing of their personal data via their Myzone account as they will have attained the Age for Valid Consent.

Users under 16 years of age are not permitted to upload photos. You can view your child’s connections and comments made on your child’s “moves” activity by accessing their account using the Site.

The parent or guardian of any person aged below 16 years and the child where they are aged from the Age for Valid Consent and 16, are required to consent to the collection and use of their child's and their own personal data at the time that the parent or guardian registers a belt for their child. Parents and guardians must communicate this consent through completion of additional steps in their Myzone account. Persons aged from the Age for Valid Consent to 16 must also communicate this consent through completion of additional steps in their Myzone account. Parents and guardians will have complete access to their child’s Myzone account.

Once the child has attained the age of 16, they are eligible to create and independently manage their own Myzone account.
You have the right to:

Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasureof your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Users are able to request the deletion or removal of personal data. Users can email and we will remove their personal data from all records, including archive records, and disable their account. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Once an account has been deleted, we will not be able to recreate it. It should be noted that we do not know the reasoning behind any period of inactivity on a Myzone account, and we are reluctant to close accounts without the consent of Users. We contact all Users that have had no activity on their account over a period of 24 months to determine if they wish to retain their account. We delete the account if we receive confirmation that account is no longer required. Please note that the removal of such personal data will render the belt and service inoperable. Also note that content you have shared with others or that others have copied may also remain visible after you have deleted your account or deleted the information from your own account. Please also note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. Users have a right to move their data from one facility to another. However, if the other facility is not a Myzone customer, we will only be able to assist in transferring data if this is technically feasible. If you wish to transfer your account or receive a copy of your data, contact

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
Please also visit our Terms and Conditions section establishing the use, disclaimers, and limitations of liability governing the use of our websites and Apps at

The following additional terms also apply to your use of this Site and/or an App:

  • Our Terms of Use, which set out the terms and conditions on which you may make use of this Site or an App.
  • Our Acceptable Use Policy, which sets out the permitted and prohibited uses of this Site or an App. When using our Site or an App, you must comply with this Acceptable Use Policy.
  • Our User License (or Facility Licenses, if applicable), which sets out the terms that govern your use of the Myzone system.
  • Our Important Information, which sets out some provisions to which you must consent when registering a Myzone physical activity belt.

If you purchase products on our Site, in addition to this Privacy Policy, the Terms and Conditions of Sale for deliveries to your location will apply to any such purchase. The Terms and Conditions of Sale are an agreement between you and the supplier as stated therein.

By ordering or registering your Myzone belt, and by Myzone facilities registering their facility, you confirm your acceptance of our Privacy Policy.
This policy was written in English. To the extent a translated version conflicts with the English version, the English version prevails.
Should you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
If we decide to change our Privacy Policy, we will post those changes on this page, send an email notifying you of any changes or display a message on this Site, and/or update the Privacy Policy modification date below. If the change relates to the use of children’s accounts, an email will be sent to the relevant Responsible Adult, being the parent or guardian of the child.