We use cookies to give you the best experience on our site. By continuing, you're agreeing to our use of cookies as described in this privacy policy.

Privacy Policy

Look, we get it - nobody actually reads these things. But we're trying to be straight with you about how we handle your info.

Last Updated: October 28, 2025

Quick Navigation
Overview Info We Collect How We Use It Cookies & Tracking Data Sharing Your Rights Security Measures Contact Us
Download PDF Version
GDPR Compliant

GDPR Compliant

Overview

Alright, let's cut through the legal jargon. At Eldravex Citadel Fitness, we're not in the business of selling your data or doing anything shady with your personal info. We collect what we need to run a proper training facility, keep you safe, and make sure you're getting the results you came here for.

This policy covers our facility at 1847 Stronghold Avenue in Vancouver and our online platforms. If you're training with us, booking sessions, or just browsing our site, this applies to you.

Real talk: We're a strength and combat conditioning gym, not a tech company. We keep things simple and secure.

Information We Collect

Personal Details

When you sign up or interact with us, we'll typically grab:

  • Your name, email, phone number - basic contact stuff
  • Address details for membership agreements
  • Emergency contact info (because we're lifting heavy things here)
  • Date of birth and ID verification for liability reasons
  • Payment and billing information
Health & Fitness Data

Since we're all about performance, we track:

  • Medical history and injury disclosures - gotta know what we're working with
  • Fitness assessments and baseline measurements
  • Training progress, PR's, and performance metrics
  • Body composition data if you're doing our full programs
  • Goals and training preferences
Facility Usage Data
  • Check-in times and attendance records
  • Class bookings and session schedules
  • Equipment usage and facility access logs
  • Security camera footage (yeah, we've got cameras for everyone's safety)
Technical Stuff

Like every website these days, we collect:

  • IP addresses and device information
  • Browser type and operating system
  • Pages you visit and how you navigate our site
  • Cookies and similar tracking tech

How We Use Your Information

We're not doing anything weird with your data. Here's the straight-up breakdown:

Membership Management

Processing your memberships, billing, and keeping your account active

Training Programs

Designing personalized programs and tracking your progress

Communication

Sending you updates, schedule changes, and training tips

Safety & Security

Keeping the facility secure and handling emergencies

Legal Compliance

Meeting Canadian privacy laws and liability requirements

Facility Improvement

Making the gym better based on usage patterns

Cookies & Tracking Technologies

Yeah, we use cookies - not the protein kind unfortunately. These little data files help our website remember you and work properly.

Types of Cookies We Use:
Cookie Type Purpose Duration
Essential Make the site actually work - login, security, that stuff Session
Functional Remember your preferences and settings 1 year
Analytics Help us understand how people use the site 2 years
Marketing Track ad performance (only if you consent) 6 months

You can manage cookie preferences in your browser settings. Just know that blocking certain cookies might make the site less functional.

Who We Share Your Data With

We're pretty protective of your info, but sometimes we gotta share it:

Payment processors, email services, and scheduling software. They're bound by contracts to keep your data secure.

Only in emergencies or if you've given us written permission to coordinate with your doctor or physio.

If the law requires it or we need to protect someone's safety, we'll share what's necessary. Court orders, police requests, that kind of thing.

If we ever sell the gym or merge with another business, your data would transfer as part of that deal. We'd let you know beforehand though.
Important: We don't sell your personal information to third parties. Period. That's not how we operate.

Your Privacy Rights

Under Canadian privacy law (PIPEDA) and GDPR if you're from Europe, you've got some solid rights:

Right to Access

You can ask to see what data we have on you. We'll send you a copy within 30 days.

Right to Correct

If something's wrong or outdated, let us know and we'll fix it.

Right to Delete

Want us to erase your data? We'll do it unless we legally need to keep certain records.

Right to Opt-Out

Don't want marketing emails? No problem. Click unsubscribe or tell us directly.

Data Portability

Get your data in a format you can take elsewhere. Training logs, progress reports, all that.

Right to Object

If you don't like how we're processing your data, speak up. We'll review it.

To exercise any of these rights, just shoot us an email at info@eldravexcitadel.info or call (604) 827-4563.

Security Measures

We take data security as seriously as we take proper squat form. Here's what we've got in place:

  • Encrypted data storage and transmission (SSL/TLS protocols)
  • Secure payment processing through PCI-compliant processors
  • Regular security audits and software updates
  • Limited staff access to sensitive information
  • Physical security at our facility - locked file cabinets and secure computer systems
  • Firewall protection and anti-malware systems
  • Regular backups stored securely offsite

But real talk - no system is 100% hack-proof. We do everything we can, but if there's ever a breach, we'll let you know right away and tell you what happened and what we're doing about it.

How Long We Keep Your Data

We don't hoard your info forever. Here's our retention schedule:

Data Type Retention Period
Active membership records Duration of membership + 1 year
Financial records 7 years (tax law requirement)
Medical & waiver forms 7 years (liability protection)
Training logs & progress data Duration of membership + 2 years
Security footage 30-90 days unless needed for incident
Marketing data Until you opt-out or 3 years inactive

Third-Party Links & Services

Our website might link to other sites or services - supplement companies, equipment vendors, that kind of thing. Once you click away from our site, this privacy policy doesn't apply anymore. Those sites have their own policies, so check 'em out if you're concerned.

We try to only link to reputable sources, but we can't control what other companies do with your data once you're on their turf.

Minors & Youth Programs

We offer programs for athletes under 18, but they need parental consent. If you're a parent or guardian, you'll need to provide consent and we'll collect that information on behalf of your kid. Parents have full access to their child's data and can request changes or deletion anytime.

Youth members (13-17) can participate with guardian consent. Anyone under 13 needs direct parental supervision for all activities.

International Data Transfers

We're based in Canada, and your data is primarily stored on Canadian servers. Some of our service providers might be in the US or elsewhere, which means your data could cross borders. Canada has solid privacy laws, and we only work with providers who meet similar standards.

If you're from the EU, we comply with GDPR requirements for data transfers and have appropriate safeguards in place.

Changes to This Policy

We might update this policy from time to time as laws change or we add new services. When we make significant changes, we'll let you know via email or a notice on our website.

The "Last Updated" date at the top tells you when we last revised things. We recommend checking back occasionally, especially if you haven't trained with us in a while.