How do I handle a GDPR request from one of my members?
A quick guide to help you respond confidently and correctly when a member asks about their data.
Why Use This Feature
As a LegitFit client, you’re the data controller for your members’ personal information. That means if a member wants their data deleted, corrected, or accessed, you’re legally responsible for handling the request. LegitFit will support you by carrying out any technical actions needed to stay compliant.
Step-by-Step Instructions
-
Review the request
-
Confirm that it’s legitimate and that the person requesting the data is who they say they are.
-
-
Decide whether the request can be fulfilled
-
In some cases, you may be legally required to retain certain data (for example, for financial or legal reasons), but in most cases, the member’s request should be honoured.
-
-
Reach out to LegitFit
-
Submit a GDPR request to our support team so we can take action (e.g. delete the member’s profile or export their data).
-
-
Provide the following details:
-
Member’s full name
-
Member’s email address (if known)
-
Type of request (access, deletion, correction, etc.)
-
Confirmation that you’re authorised to make the request on their behalf
-
What Happens Next
We’ll log the request, confirm any missing details, and aim to complete it within 30 calendar days, as required by GDPR. You’ll receive confirmation once the request has been processed.
Success Tip
If your member just needs to update their name, email, or phone number, they can usually do this themselves by logging into their LegitFit account — no GDPR request needed!
Fill in the GDPR Request Form Here: