Privacy Policy

1. Who We Are

AMOL Distributions Ltd is the data controller responsible for your personal data. Matthew Hamilton is the named data controller for the purposes of UK GDPR.

2. What Data We Collect

We may collect the following personal data from you:

• Contact information — your name, email address, and phone number
• Business information — gym name, location, membership numbers, and revenue data you share with us
• Financial data — P&L figures, payroll data, and pricing information you provide as part of the audit process
• Booking data — call scheduling information collected via Brevo Meetings
• Payment data — transaction records processed via Stripe (we do not store your card details)
• Communication data — emails and messages you send us
• Usage data — how you interact with our website, collected via cookies and analytics tools

3. How We Collect Your Data

We collect data when you:

• Book a free discovery call via our website
• Purchase the Gym Profit Audit via Stripe
• Email or message us directly
• Share financial documents or data as part of the audit service
• Visit our website (via cookies — see Section 9)

4. How We Use Your Data

We use your personal data for the following purposes:

• Service delivery — to carry out the Gym Profit Audit and any ongoing consulting services you engage us for
• Booking management — to schedule and manage discovery calls and Zoom sessions
• Payment processing — to process and record payments for services
• Communication — to respond to your enquiries and provide service updates
• Legal compliance — to meet our obligations under UK law, including financial record-keeping
• Service improvement — to improve the quality of our audit and consulting services

5. Legal Basis for Processing

We process your data under the following legal bases:

• Contract performance — processing is necessary to deliver the services you have purchased
• Legitimate interests — to communicate with prospective clients and improve our services
• Legal obligation — to comply with UK financial and tax record-keeping requirements
• Consent — where you have explicitly agreed to receive marketing communications

6. Third Parties We Share Data With

We use the following third-party services which may process your data:

• Brevo (Sendinblue) — email and meeting booking platform. Data stored in the EU. Brevo Privacy Policy →
• Stripe — payment processing. Data stored in the US under Standard Contractual Clauses. Stripe Privacy Policy →
• Zoom — video call delivery. Data stored in the US under Standard Contractual Clauses. Zoom Privacy Policy →
• Google Analytics — website analytics. Data anonymised and stored in the US under Standard Contractual Clauses.
• WordPress / WP Engine — website hosting and content management.

We do not sell your personal data to any third party. We do not share your financial data with any third party except where required by law.

7. How Long We Keep Your Data

• Client financial data — 7 years from the date of service, as required by HMRC record-keeping rules
• Contact and booking data — 2 years from last contact, unless you become a client
• Payment records — 7 years, as required by HMRC
• Email correspondence — 2 years from last contact
• Website analytics — 26 months (Google Analytics default)

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

• Right of access — you can request a copy of all personal data we hold about you
• Right to rectification — you can ask us to correct inaccurate data
• Right to erasure — you can ask us to delete your data, subject to legal retention requirements
• Right to restrict processing — you can ask us to limit how we use your data
• Right to data portability — you can request your data in a machine-readable format
• Right to object — you can object to processing based on legitimate interests
• Right to withdraw consent — where processing is based on consent, you can withdraw it at any time

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. If you are unhappy with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

9. Cookies

Our website uses cookies for the following purposes:

• Essential cookies — required for the website to function correctly
• Analytics cookies — Google Analytics, to understand how visitors use the site
• Marketing cookies — Meta Pixel, to measure the effectiveness of any advertising

You can control cookies through your browser settings. Disabling cookies may affect the functionality of some parts of the website.

10. Data Security

We take reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, or disclosure. Financial data shared with us is handled confidentially and is never shared with third parties outside of the service delivery process.

All client financial data is stored securely and access is limited to Matthew Hamilton only.

11. Changes to This Policy

We may update this privacy policy from time to time. The current version will always be available at www.thefitnesscfo.com/privacy-policy. Significant changes will be communicated to active clients by email.

12. Contact

For any questions about this policy or how we handle your data, contact us at:

AMOL Distributions Ltd (The Fitness CFO)
6 Woodlands Lane, Windlesham, Surrey, GU20 6AH
[email protected]