Privacy Policy.

Privacy Policy

Last updated: 22 May 2026

1. About this Policy

   This Privacy Policy applies to all personal information we collect, hold, use and disclose in the course of operating our business. It should be read together with our Website Terms & Conditions, any separate Membership Agreement, and any in-person consent and waiver forms you sign at our facility.

   If you do not agree with any part of this Policy, you must not use our Services or provide your personal information to us.

2. Who we are

   The entity responsible for handling your personal information is:

   Elevate Athletica Pty Ltd
   ACN 677 895 840
   5/210 Robinson Rd E, Geebung QLD 4034, Australia
   Email: admin@elevateathletica.com.au

3. Information we collect

   The types of information we collect depend on how you interact with us. They include:

   Personal information
   • name, date of birth, gender and photograph;
   • contact details (email, postal address, phone number, emergency contact);
   • account credentials (username, password, profile preferences);
   • billing information, payment details and transaction history (processed through our third-party payment providers);
   • membership, booking, attendance and class participation records;
   • communications between you and us, including enquiries, feedback and complaints;
   • information about your device, IP address, browser and use of our website and App (see clause 9 — Cookies and analytics).
   Sensitive (health) information

   In delivering personal training, group coaching, programming and physical fitness services, we collect information that is treated as sensitive information under the Privacy Act. This may include:

   • relevant medical history, pre-existing conditions, prior surgeries, current injuries and rehabilitation status;
   • pregnancy status (where you choose to disclose it);
   • medications, allergies and other health risk factors relevant to training;
   • body composition data, including measurements obtained through InBody Composition Analyzer scans;
   • fitness assessments, performance metrics, exercise capacity and progress over time;
   • activity, workout, heart rate, sleep and wellness data synced from your wearable or device via Apple Health, Google Health (Health Connect) or similar integrations (see clause 10).
   Why we collect it

   We collect this information so we can deliver our Services safely and effectively — including assessing your suitability for particular sessions, designing appropriate training programs, monitoring progress, managing your membership, processing payments, responding to enquiries, marketing our Services (where permitted), and complying with our legal obligations.

4. How we collect your information

   We collect information:

   • directly from you — when you fill in a form on our website, sign up for the 7 Day Experience, complete a pre-exercise screening or health questionnaire, book a class, register for membership, install or use the App, contact us by phone, email or social media, or speak with a coach in person;
   • through our website and App — automatically, via cookies, analytics and similar technologies (see clause 9);
   • from third-party integrations you choose to connect — including Apple Health, Google Health / Health Connect, and the InBody Composition Analyzer (see clause 10);
   • from our payment, scheduling and member-management platforms (for example PushPress and other booking or payment providers we use from time to time);
   • from third parties acting on your behalf — including a family member, guardian, doctor or allied health professional, where you have authorised them to share information with us; and
   • from publicly available sources, where relevant.

   If you provide personal information about another person (such as an emergency contact), you must have that person's authority to do so and must inform them of the matters set out in this Policy.

5. Consent to collect sensitive (health) information

   Under the APPs, we generally must not collect sensitive information about you without your consent. By:

   • completing a pre-exercise screening, intake form or health questionnaire (in writing, electronically or via the App);
   • undergoing an InBody scan or coach-led fitness assessment;
   • connecting your Apple Health, Google Health / Health Connect or other wearable data to the App; or
   • otherwise voluntarily disclosing health information to us or our coaches,

   you expressly consent to us collecting, holding, using and disclosing that sensitive information for the purposes described in this Policy, including for the safe delivery of our Services, the design and adjustment of training programs, attendance and progress tracking, risk management, and the provision of de-identified data for analytics (see clause 14).

   You may withdraw your consent at any time by contacting us at admin@elevateathletica.com.au. If you withdraw consent, we may be unable to safely provide some or all of our Services to you.

6. How we use your information

   We use your personal and sensitive information to:

   • provide, manage and improve our Services, including coaching, programming and bookings;
   • assess your readiness to train, screen for risk factors and tailor sessions to your needs;
   • create and maintain your account, manage your membership and process payments;
   • communicate with you about your enquiries, bookings, schedule changes, account and safety matters;
   • send you direct marketing about our Services (see clause 8);
   • respond to feedback, complaints, accidents, injuries or incidents at the facility;
   • train and supervise our staff and contractors, including for quality assurance;
   • understand how our website and App are used, and to develop new features;
   • maintain the security and integrity of our systems, prevent fraud and detect misuse;
   • comply with our legal, regulatory and insurance obligations; and
   • any other purpose to which you have consented or which is otherwise permitted or required by law.

7. Who we disclose your information to

   We may disclose your personal information to:

   • Our staff, coaches and personal trainers (including contractors engaged by us) — so they can deliver, supervise and progress your training;
   • Service providers and contractors who help us run the business — for example IT, hosting, software development, member-management, scheduling, payment processing, email and SMS delivery, analytics, marketing, accounting, legal, insurance and professional advisers;
   • Health and emergency services — in the event of an accident, injury or medical emergency at the facility, or where we reasonably believe disclosure is necessary to prevent or lessen a serious threat to a person's life, health or safety;
   • Government, regulators and law-enforcement bodies — where required or authorised by law, court order, subpoena or in response to a lawful request;
   • Our insurers and legal advisers — in connection with claims, disputes or incidents;
   • Any prospective purchaser or successor — if we restructure, sell or transfer all or part of our business or assets; and
   • Any other party with your consent or as otherwise permitted by the Privacy Act.

   We require our contractors and service providers to handle your information in accordance with the Privacy Act and only for the purposes for which we disclose it.

   We do not sell your personal information.

8. Direct marketing

   We may use your contact details to send you direct marketing communications — for example, information about new sessions, events, member offers, training tips and updates — by email, SMS, push notification, mail or social media.

   We will only send marketing communications where we are permitted to do so under the Privacy Act and the Spam Act 2003 (Cth). Every commercial electronic message we send will include a clear way for you to unsubscribe, and we will action your request within a reasonable time.

   You can also opt out at any time by emailing admin@elevateathletica.com.au. Even if you opt out of marketing, we will still send you communications relating to your account, bookings, safety, billing and other operational matters.

9. Cookies, analytics and tracking

   Our website and App use cookies, pixels, tags, software development kits (SDKs), local storage and similar technologies to operate properly, remember your preferences, understand how visitors use our site, measure marketing and advertising performance, deliver personalised content, and improve our Services.

   The tools we use include Google Analytics and the Meta (Facebook/Instagram) Pixel, as well as other analytics, advertising, retargeting, customer-relationship-management, communication, performance-monitoring and similar third-party tools that we use from time to time in the ordinary course of operating our business. These tools may collect information about your device, IP address, approximate location, browser type, operating system, pages visited, time on site, referring URL, and interactions with our Services. Some of these tools may set their own cookies, combine information across sessions and devices, and operate from servers outside Australia (see clause 13).

   We may engage new vendors, replace existing vendors, or add additional tracking and analytics technologies from time to time without specifically updating this Policy each time, provided the way we handle your personal information remains consistent with this Policy and the Privacy Act.

   You can control cookies through your browser settings and, on mobile devices, through your operating system's privacy settings (including limiting ad tracking, resetting your advertising identifier, and controlling app permissions). Disabling cookies and similar technologies may affect how parts of our Services work.

10. Mobile App and third-party health integrations

    The Elevate Athletica App may integrate with third-party health and fitness platforms, including Apple Health, Google Health / Health Connect and the InBody Composition Analyzer.

    Where you choose to connect one of these integrations, the relevant platform may share with us information such as your activity, workouts, heart rate, sleep, body composition, weight and other health metrics. The data shared depends on the categories and permissions you grant on your device.

    We use this data to support coaching, track your progress, personalise your programming and improve the Services. You can disconnect an integration or revoke specific permissions at any time through the relevant device or platform settings. Once disconnected, we will stop receiving new data from that source, but we may retain data previously shared in accordance with this Policy.

    Your use of the third-party platforms themselves (Apple, Google, InBody, etc.) is governed by their own privacy policies, which we encourage you to review.

11. Data security

    We take reasonable steps to protect personal information we hold from misuse, interference, loss, and unauthorised access, modification or disclosure. These steps include physical security at our facility, restricted staff access on a need-to-know basis, password and access controls, encryption in transit, regular software updates, and contractual obligations on the third parties who handle data on our behalf.

    However, no method of transmission over the internet, or method of electronic storage, is completely secure. While we strive to protect your personal information, we cannot guarantee its absolute security and you provide it to us at your own risk.

    If we become aware of an eligible data breach affecting your personal information, we will notify you and the Office of the Australian Information Commissioner ("OAIC") in accordance with the Notifiable Data Breaches scheme under the Privacy Act.

12. Storage and retention

    We hold personal information in a combination of electronic and (where applicable) physical records. Electronic records are stored on systems operated by us or by our third-party service providers, using a mix of access controls, encryption and other safeguards described in clause 11.

    We will retain your personal information for as long as we consider necessary to:

    • provide and continue to provide our Services to you, including managing your account, bookings, training history and progress over the life of our relationship with you;
    • perform and enforce our agreements with you and otherwise protect our legal, commercial and insurance interests, including in connection with any actual, threatened or anticipated dispute, claim, complaint, audit or investigation;
    • comply with our obligations under applicable laws and regulatory requirements (including the Privacy Act, the Australian Consumer Law, taxation laws, work health and safety laws, applicable Queensland and Commonwealth health-records and statute-of-limitations laws, and our insurer's requirements); and
    • for any other purpose permitted or required by law.

    You acknowledge that the retention period for any particular piece of personal information will depend on its nature and the purpose for which we hold it, and that some categories of information (in particular health, incident, financial and member-history records) are routinely retained for extended periods because of legal, insurance and limitation-of-actions considerations.

    When we determine that we no longer need your personal information for any purpose set out in this Policy or required by law, we will take reasonable steps to destroy or de-identify it.

13. Overseas disclosure

    To operate our business and deliver our Services we use a range of third-party providers — including for website and App hosting, cloud infrastructure, payment processing, scheduling and member management, communications (email, SMS, push notifications), analytics, advertising, customer support, file storage and back-office software. Some of those providers (and their sub-processors) may store, process, transmit or otherwise access your personal information on servers or from locations outside Australia.

    The countries to which your personal information may be disclosed or in which it may be stored include, without limitation, the United States, the United Kingdom, member states of the European Union (in particular Ireland and the Netherlands), Singapore, New Zealand, and other jurisdictions in which our service providers (and any of their sub-processors) operate from time to time. The actual set of jurisdictions may change as we change vendors, and we may add new overseas recipients without specifically updating this Policy each time.

    Before disclosing personal information to an overseas recipient, we take steps that are reasonable in the circumstances to ensure the recipient does not breach the Australian Privacy Principles in relation to that information — for example, by entering into written contracts that impose privacy obligations, or by relying on the recipient being subject to a law or scheme that effectively protects the information in a way that is at least substantially similar to the APPs.

    By providing your personal information to us, and by continuing to use our Services, you expressly consent to your personal information being disclosed to, and stored, processed and accessed by, overseas recipients on the terms set out in this Policy. Where you give that consent in accordance with APP 8.2(b) (or any successor provision), we will not be required, under APP 8.1, to take such reasonable steps in relation to that overseas disclosure, and we will not be accountable under section 16C of the Privacy Act for any act or practice of the overseas recipient that would breach the APPs.

14. De-identified and aggregated data

    We may de-identify or aggregate personal information so that it can no longer reasonably identify you, and use that de-identified or aggregated data for any lawful purpose, including business analytics, benchmarking, research, marketing, training program development and reporting. De-identified and aggregated data is not personal information under the Privacy Act and is not subject to the same restrictions as identifiable information.

15. Access and correction

    You have a right to request access to the personal information we hold about you, and to ask us to correct it if it is inaccurate, out of date, incomplete, irrelevant or misleading.

    To make a request, please email admin@elevateathletica.com.au. We may need to verify your identity before responding. We will respond within a reasonable period (generally within 30 days).

    There is no fee for making a request, although in rare cases a reasonable cost-recovery charge may apply for retrieving older records. We may refuse access or correction in limited circumstances permitted by the Privacy Act (for example, where giving access would unreasonably impact the privacy of others), and we will explain our reasons in writing if we do.

16. Complaints

    If you believe we have breached the Privacy Act, the APPs or this Policy, please contact us first so we can try to resolve the issue. Send your complaint in writing to admin@elevateathletica.com.au with enough detail for us to investigate. We will acknowledge your complaint promptly and aim to provide a substantive response within 30 days.

    If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC):

    • Website: oaic.gov.au
    • Phone: 1300 363 992
    • Mail: GPO Box 5288, Sydney NSW 2001

    Where applicable Queensland health-records legislation applies, you may also have rights under that legislation in addition to those under the Privacy Act.

17. Children and minors

    Our Services are intended for adults. If a person under 18 wishes to train with us, we require the consent of a parent or guardian, who will be responsible for providing and managing the minor's personal information. We do not knowingly collect personal information from a child under 18 without parental or guardian consent.

18. Changes to this Policy

    We may update this Privacy Policy from time to time to reflect changes in our Services, our internal practices or the law. The version published at elevateathletica.com.au/privacy is always the current version, and the "Last updated" date at the top of this Policy reflects when it was last revised.

    For material changes that meaningfully affect how we handle your personal information, we will take reasonable steps to notify you in advance — for example by email, in-App notification or a prominent notice on our website.

    Your continued use of our Services after a change takes effect constitutes your acceptance of the updated Policy.

19. Contact us

    Questions, access or correction requests, or privacy complaints can be sent to:

    Elevate Athletica Pty Ltd
    5/210 Robinson Rd E, Geebung QLD 4034
    Email: admin@elevateathletica.com.au