They’ll look after your fitness, but not your data privacy

My daughter and I recently joined a large national gym chain in our local area. It was all pretty quick and easy… the staff were super-positive and friendly, we had a look around at the equipment and facilities, asked about the opening hours and class times. It all felt like a great experience and a healthy lifestyle choice until I decided to conduct a quick check of their privacy policy. Alarm bells (rather than kettlebells) start ringing.

I uncovered an alarming statement buried deep in their privacy policy, which was last updated in September 2018. The policy stated that the company ‘do not necessarily use encryption or other technologies to ensure the secure transmission of information via the internet’. This means that my personal data is basically open to cyber-attack.

Data privacy breaches, based on the prolific number of recent high-profile cases, are growing faster than my muscles. My personal information, bank details, health profile, medical history and even my life goals are all sitting in a basically unprotected environment ready to be hacked and shared by the next cyber-attackers.

The next point made me even more concerned because it states clearly that they are absolved of all risk in the event of a data breach, by stating ‘users of our website are encouraged to exercise care in sending personal information via the internet.’

The health and fitness industry in Australia is growing year on year post-Covid;

• –  Total Australian industry revenue is $2.2b
• –  6.1m total memberships in Australia
• –  Half of all 18–24-year old’s hold a membership
• The ‘Big 4’ fitness groups own over 60% of the market

Given the fact that over 1/3 of all Australians are members of a gym or fitness club, I feel like it’s time that the health and fitness industry prioritised their (and our) data privacy health.

Click here to book a meeting.