Vectras

Privacy Policy

Last updated: 15th January 2026

This Privacy Policy explains how Vectras B.V. ("we", "our", or "us") collects, uses, and protects your personal information when you visit our website or use our services. We are committed to protecting your privacy and ensuring transparency about our data practices.

Data Controller Information

Vectras B.V. is the data controller for your personal information. Our contact details are:

  • Company: Vectras B.V.
  • Registration Number: 91520467
  • VAT Number: NL879451203B01
  • Address: Berkenlaan 145, 4812 UI Breda, North Brabant, Netherlands
  • Email: privacy@vectras.world
  • Phone: +31 768528956

Data We Collect

We collect and process various types of personal data depending on how you interact with our services. The data we collect includes:

Information You Provide Directly

  • Contact Information: Name, email address, phone number, and postal address when you enquire about our services or become a member
  • Membership Information: Emergency contacts, health and fitness information, medical conditions relevant to exercise, and fitness goals
  • Payment Information: Billing details and payment card information (processed securely through our payment providers)
  • Communication Records: Records of correspondence, feedback, and support requests

Information Collected Automatically

  • Website Usage Data: IP address, browser type, device information, pages visited, and time spent on our website
  • Cookies and Tracking: Information collected through cookies and similar technologies (see our Cookie Policy for details)
  • Facility Usage: Entry and exit times, areas accessed within our facilities for security and operational purposes

How We Use Your Information

We use your personal data for various purposes based on different legal grounds. Here's how we use your information:

Service Delivery and Contract Performance

  • Providing gym and fitness services, personal training, and wellness programmes
  • Managing your membership, bookings, and access to facilities
  • Processing payments and managing billing
  • Communicating about your services, appointments, and account

Health and Safety

  • Ensuring safe use of equipment and facilities
  • Emergency contact and medical information for safety purposes
  • Maintaining facility security through CCTV and access controls

Business Operations and Improvement

  • Improving our services and developing new programmes
  • Website functionality and user experience enhancement
  • Customer service and support
  • Marketing communications about our services (with your consent)

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary for membership services and contractual obligations
  • Legitimate Interests: Business operations, security, and service improvement
  • Consent: Marketing communications and optional services
  • Legal Obligation: Compliance with health and safety regulations, tax, and other legal requirements
  • Vital Interests: Emergency situations requiring medical assistance

Data Sharing and Disclosure

We may share your personal information in the following circumstances:

  • Service Providers: Payment processors, IT support, cleaning services, and other operational partners
  • Professional Advisors: Legal, accounting, and business advisory services
  • Emergency Services: Medical professionals or emergency services if required for your safety
  • Legal Requirements: When required by law, court order, or regulatory authorities
  • Business Transfers: In the event of merger, acquisition, or sale of business assets

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy and comply with our legal obligations. Our data retention periods include:

  • Active Members: Throughout membership period and for 7 years after termination for legal and tax purposes
  • Enquiries: 2 years from last contact unless you become a member
  • Marketing Consents: Until withdrawn or 3 years of inactivity
  • CCTV Footage: 30 days unless required for security or legal purposes
  • Financial Records: 7 years as required by tax and accounting regulations

International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, including:

  • European Commission adequacy decisions
  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules or certification schemes

Your Rights

Under GDPR, you have several rights regarding your personal data:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Rights Related to Automated Decision-making: Rights regarding automated decision-making and profiling

To exercise any of these rights, please contact us at privacy@vectras.world or +31 768528956. We will respond to your request within one month.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of sensitive data in transit and at rest
  • Regular security assessments and updates
  • Access controls and staff training on data protection
  • Secure payment processing through PCI DSS compliant providers
  • Physical security measures for our facilities and data storage

Cookies and Website Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and analyse website usage. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

Marketing Communications

We may send you marketing communications about our services, special offers, and fitness tips if you have given consent or where we have a legitimate interest. You can:

  • Opt out at any time by clicking the unsubscribe link in our emails
  • Contact us directly at privacy@vectras.world
  • Update your preferences through your member account

Children's Privacy

Our services are primarily designed for adults. We do not knowingly collect personal information from children under 16 without parental consent. If you believe we have collected information from a child under 16, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

  • Posting the updated policy on our website
  • Sending email notifications to active members
  • Providing notice through our facilities

Contact Information

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

Supervisory Authority

You have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data in accordance with data protection law. Contact details:

  • Website: autoriteitpersoonsgegevens.nl
  • Phone: +31 70 888 85 00
  • Address: Autoriteit Persoonsgegevens, Postbus 93374, 2509 AJ Den Haag, Netherlands