Privacy Policy

1. Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our compliance with the PDPA. If you have any questions about this policy or wish to exercise your rights regarding your personal data, please contact:

Data Protection Officer
Healing Movement Global Pte Ltd
Email: Simon@HealingMovementGlobal.com
Phone: +65 6545 0801

2. Personal Data We Collect

We collect the following personal data when you interact with our website or services:

1. Booking Information: Name, email address, phone number, HYROX division, and race date.
2. Health and Fitness Information: Current injury status, exercise history, and physical assessment results. This constitutes sensitive data and explicit consent is required.
3. Payment Information: Processed via HitPay. We do not store full credit card details or PayNow data.
4. Website Usage Data: Collected via cookies and analytics tools (Tidio, Meta Pixel, Floot analytics).
5. Communication Records: Interactions via the Tidio chat widget or WhatsApp.

3. Purposes for Collecting Your Data

We use your personal data for the following purposes:

1. To process your booking and payment.
2. To conduct your selected assessments (HYROX Body Check, Injury-Proof Profile, or Race-Ready Programme).
3. To prepare your personalised diagnostic report and exercise recommendations.
4. To contact you regarding your appointment, results, re-test reminders, or follow-up questions.
5. To improve our services through the analysis of aggregated, anonymised data.
6. To send you relevant marketing communications, only if you have opted in. You may opt out at any time.
7. To comply with legal and regulatory obligations.

4. Consent

By voluntarily providing your personal data, you consent to our collection, use, and disclosure as outlined in this policy. For sensitive health and fitness data, explicit written consent will be obtained prior to your assessment session. You may withdraw your consent at any time by contacting our Data Protection Officer. We will inform you of the consequences of withdrawal, which may include our inability to provide certain services. We may still retain your data for legal or business purposes.

5. Disclosure of Personal Data

We may share your data with trusted third parties strictly for operational purposes:

1. Service Providers: Cal.com (booking), HitPay (payment), HubSpot (client records), Tidio (chat), Zapier (automation), and Meta (advertising analytics).
2. Coaches and Trainers: If you upgrade to our Tier 3 Race-Ready Programme, your data may be shared with your coach, subject to your explicit consent.
3. Regulatory Authorities: If required by law.

We do not sell your personal data to any third party.

6. Data Retention

We retain your personal data only as long as necessary:

1. Assessment Records: Retained for 3 years from your last assessment.
2. Booking and Payment Records: Retained for 5 years to comply with Singapore financial regulations.
3. Marketing Preferences: Retained until you withdraw consent.
4. Website Analytics: Aggregated and anonymised data is kept indefinitely.

After the retention period, your personal data will be securely deleted or anonymised.

7. Data Security

We implement robust measures to protect your data against unauthorised access, disclosure, or misuse. This includes encrypted data transmission (SSL/TLS), strict access controls for our staff, and reliance on secure third-party platforms with recognised certifications. We conduct regular reviews of our security practices.

8. Access and Correction

You have the right to request access to the personal data we hold about you or ask for corrections to inaccurate data. Please submit your request to our Data Protection Officer. We will respond within 30 days. A reasonable administrative fee may apply for complex access requests.

9. Transfer of Data Outside Singapore

Some of our third-party processors (e.g., HubSpot, Zapier) may store or process data outside of Singapore. We ensure that any cross-border data transfer complies with the PDPA by maintaining contractual agreements that mandate a standard of protection comparable to Singapore law, and by using services with recognised security certifications.

10. Cookies and Tracking Technologies

Our website uses cookies to enhance functionality:

1. Essential Cookies: Required for basic website operations and security.
2. Analytics Cookies: Floot built-in analytics and Meta Pixel to help us understand visitor behaviour and optimise our marketing.
3. Chat Widget Cookies: Tidio cookies to remember your preferences and chat history.

You may adjust your browser settings to decline cookies, though this may affect website functionality.

11. Do Not Call Registry

We comply with the PDPA's Do Not Call (DNC) Registry provisions. We will not send marketing messages to your telephone number unless you have given clear and unambiguous consent, or if an exemption applies.

12. Data Breach Notification

In the unlikely event of a data breach that poses a significant risk of harm or affects a large scale of individuals, we will notify the Personal Data Protection Commission (PDPC) and affected individuals as required by the PDPA.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our operational practices. The latest version will always be available at beforeyourace.com/privacy-policy. We encourage you to review it periodically.

14. Contact Us

Data Protection Officer
Healing Movement Global Pte Ltd
61 Kaki Bukit Avenue 1, #05-38
Singapore 417943

Email: Simon@HealingMovementGlobal.com
Phone: +65 6545 0801