What happens if a member contacts LegitFit directly with a GDPR request?
If one of your members reaches out to us about their data, here’s what we do — and why we direct them back to you.
Why Use This Feature
Under GDPR, you are the data controller for your members’ personal information. This means you’re legally responsible for handling requests about their data. LegitFit acts as the data processor and can only take action on member data with your instruction.
Step-by-Step Instructions
Here’s what happens when a member contacts LegitFit directly with a GDPR request:
-
We acknowledge the request and explain our role as data processor.
-
We confirm we cannot take action on their data directly.
-
We direct them back to their fitness provider (you) for follow-up.
-
We do not delete, edit, or alter any data unless we receive a request from you as the data controller.
What Happens Next
This process ensures GDPR compliance and guarantees that your members’ data is only ever handled with your explicit approval.
Success Tip
Be proactive by:
-
Reviewing member requests carefully.
-
Submitting a GDPR request to LegitFit using the GDPR Request Form if action is needed.
-
Letting the member know you’ve taken care of their request.
Extra Tip: Add a note to your website, forms, or automated emails such as:
“For any requests related to your personal data, please contact [Your Studio Name] directly. We are the data controller for all member data.”