Privacy & Data Security Policy

Last Modified: July 27, 2025


At Gym Revival Group, protecting your Personal Information is a responsibility we approach with absolute precision and gravity. This Privacy & Data Security Policy explains how we access, collect, use, store, and share (“process”) your Personal Information — in strict accordance with applicable U.S. privacy laws, including CCPA/CPRA, and globally recognized best practices. This Policy reflects our commitment to enterprise-grade security, transparency, and compliance across every touchpoint.


Gym Revival Group is the premier business transformation firm for the fitness industry. We engineer high-performance fitness enterprises by embedding proprietary systems and enterprise-grade infrastructure across our Four Pillars of Transformation: Market Entry, Sales Systems, Operations, and Enterprise Strategy. Our programs deliver measurable outcomes in club turnarounds, accelerated launches, multi-unit scalability, and enterprise takeovers — trusted by gym owners, investors, and operators nationwide.


By utilizing our services ("Services"), including visiting our website at www.gymrevivalgroup.com, engaging with us through digital or offline touchpoints, or otherwise sharing personal information, you acknowledge and consent to the practices described herein.

1. Grounds for Data Processing

The processing of your personal information (meaning, any information which may potentially allow your identification with reasonable means; hereinafter "Personal Information") is conducted based on one or more of the following legal grounds:


  • Performance of a Contract: Necessary for the execution of a contract with you or your organization, including preliminary engagements or consultations, or to take steps at your request prior to entering into a contract.

  • Legitimate Interests: Pursued by Gym Revival Group, including but not limited to customer service, analytics, direct marketing, fraud prevention, and the continuous improvement of our Services.


  • Compliance with Legal Obligations: Necessary for us to comply with legal obligations to which we are subject.


  • Consent: Where explicitly required by law, we will obtain your explicit consent for specific processing activities.


We only process Personal Information where we have a lawful basis — and in strict accordance with applicable U.S. laws and international data protection standards.

2. Information We Collect

We collect various types of information to provide and enhance our Services.


2.1 Personal Information You Provide Voluntarily

We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.


The personal information we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. This may include, but is not limited to:


  • Contact & Professional Details: Full Name, Professional Email, Company / Club Name, Job Title, Location (City, State).


  • Business Profile & Needs: Primary interests (e.g., Distressed Club Turnaround, Multi-Unit Scaling), specific challenges (e.g., Membership Sales, PT Implementation), and number of locations you operate.


  • Financial Information: Current Monthly EFT Revenue.


  • Source Information: How you heard about us.


  • Voluntary Submissions: Any other information you voluntarily submit via forms, email, calls, or during strategic dialogue.


  • Sensitive Information: When necessary, with your consent or as otherwise permitted by applicable law, we process financial data (e.g., details related to Electronic Funds Transfer for club revenue assessment).


All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.


2.2 Information Automatically Collected (Derivative Data)

Some information is collected automatically when you visit, use, or navigate our Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.


Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in our dedicated Cookie Notice.


The information we automatically collect includes:


  • Log and Usage Data: Service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services. This may include your Internet Protocol (IP) address, device information, browser type and settings, and information about your activity in the Services (such as date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take).


  • Device Data: Information about your computer, phone, tablet, or other device used to access the Services. This may include device and application identification numbers, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.


  • Location Data: Information about your device's approximate location, derived from your IP address.


2.3 Information from External Sources

We may collect limited data from public databases, marketing partners, and other outside sources to enhance our ability to provide relevant marketing, offers, and services to you and update our records. This information may include mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), Internet Protocol (IP) addresses, social media profiles, social media URLs, and custom profiles, for purposes of targeted advertising and event promotion. We apply the same data governance, privacy rights, and opt-out options to this data as we do to directly collected information.

3. How We Process and Use Your Information

We process your personal information for a variety of precise purposes, depending on how you interact with our Services.


  • To Deliver and Facilitate Delivery of Services: To provide you with the requested services and transformation programs.


  • To Respond to User Inquiries/Offer Support: To respond to your inquiries and solve any potential issues you might have with the requested service via contact forms, email, or our chatbot.


  • To Send Administrative Information: To send you details about our products and services, changes to our terms and policies, and other similar information.


  • To Request Feedback: To request feedback and to contact you about your use of our Services.


  • To Send Marketing and Promotional Communications: To send you marketing and promotional communications in accordance with your marketing preferences.


  • To Deliver Targeted Advertising: To develop and display personalized content and advertising tailored to your interests, location, and more.


  • To Post Testimonials: To display testimonials on our Services that may contain personal information.


  • To Protect Our Services: As part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.


  • To Evaluate and Improve Our Services, Products, Marketing, and Experience: To identify usage trends, determine the effectiveness of our promotional campaigns, and to evaluate and improve our Services, products, marketing, and your experience.


  • To Identify Usage Trends: To better understand how our Services are being used so we can improve them.


  • To Determine the Effectiveness of Our Marketing and Promotional Campaigns: To better understand how to provide marketing and promotional campaigns that are most relevant to you.


  • To Comply with Our Legal Obligations: To comply with our legal obligations, respond to legal requests, and exercise, establish, or defend our legal rights.


  • Strategic Lead Qualification: To assess potential client fit and readiness for our specialized transformation programs.


  • Tailored Program Development: To customize our service offerings and communication to align with specific business needs and challenges.


  • Initial Strategic Engagement: To facilitate preliminary consultations and strategic dialogue via various communication channels, including our chatbot.


  • Client Relationship Management: To manage and maintain comprehensive records within our client relationship management (CRM) systems.


  • Market Intelligence & Development: To analyze industry trends, inform strategic insights, and develop new solutions for the fitness business sector.


We do not sell your personal data.

4. Disclosure and Sharing of Personal Information

We may disclose your personal information in specific situations described in this section and/or with the following categories of third-party service providers.


We have contracts in place with our third-party service providers, which are designed to help safeguard your personal information. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will also not share your personal information with any organization apart from us. They also commit to protect the data they hold on our behalf and to retain it for the period we instruct.


The categories of third-party service providers with whom we may disclose personal information are as follows:


  • Ad Networks


  • Cloud Computing Services


  • Communication & Collaboration Tools


  • Data Analytics Services


  • Data Storage Service Providers


  • Finance & Accounting Tools


  • Government Entities


  • Payment Processors


  • Performance Monitoring Tools


  • Retargeting Platforms


  • Sales & Marketing Tools


  • Social Networks


  • Website Hosting Service Providers


We may also disclose or transfer Personal Information in the following situations, subject to strict confidentiality and compliance standards:


  • Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.


  • Internal Disclosure: Personal information is disclosed internally to employees and C-level personnel within our organization for legitimate business purposes related to service delivery, operations, and strategic management.


5. Cookies and Other Tracking Technologies

We utilize cookies and similar tracking technologies (like web beacons, pixels, and tags) to gather and store information when you interact with our Services. These technologies help us maintain the security of our Services, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.


We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising, including to help manage and display advertisements, to tailor advertisements to your interests, or to send abandoned shopping cart reminders (depending on your communication preferences). The third parties and service providers use their technology to provide advertising about products and services tailored to your interests which may appear either on our Services or on other websites.


Our use of Google Maps APIs is cookie-enabled. We also utilize Google Analytics Advertising Features, including: Remarketing with Google Analytics, Google Display Network Impressions Reporting, and Google Analytics Demographics and Interests Reporting.


To the extent these online tracking technologies are deemed to be a "sale"/"sharing" (which includes targeted advertising, as defined under the applicable laws) under applicable US state laws, you can opt-out of these online tracking technologies by submitting a request as described below under section "YOUR PRIVACY RIGHTS."


To learn more about our use of cookies, pixels, and behavioral analytics, please review our Cookies Policy.


6. How Long Do We Retain Your Information?

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.


  • General Personal Information: For active and past clients, data is retained for the duration of the engagement and for a period thereafter (typically 7 years) to comply with legal obligations and for legitimate business interests. For prospects and website visitors, data is retained for a period consistent with our lead nurturing and analytics objectives, typically up to 26 months for aggregated website usage data, unless a user requests deletion or unsubscribes.


  • Sensitive Personal Information: Sensitive personal information, including financial details, is retained for as long as necessary to fulfill the purposes for which it was collected, and for a period thereafter (typically 7 years) to comply with legal, accounting, and regulatory obligations, or to establish, exercise, or defend legal claims.


  • Inferences: Inferences are retained for as long as the underlying personal information is necessary for our business purposes, including lead qualification, tailored program development, and market intelligence, typically up to 26 months for website usage inferences, or for the duration of a client relationship plus a period thereafter as required by law.



  • Inactive Leads: Information submitted during initial consultations that do not result in engagement is retained for up to 12 months to support future readiness or re-engagement, unless earlier deletion is requested.


When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information. If this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.


7. How We Keep Your Information Safe

We implement rigorous and appropriate technical and organizational security measures designed to protect the security of any personal information we process. These include, but are not limited to: HTTPS/SSL encryption, role-based access control, secure cloud infrastructure, internal data access audits, and employee confidentiality agreements.


However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. While we strive to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment. We conduct regular internal audits, penetration testing, and privacy impact assessments to ensure full alignment with evolving regulatory and enterprise security standards.

8. Collection of Information from Minors

Our Services are not directed at individuals under 18 years of age. We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at privacy@gymrevivalgroup.com.

9. Your Privacy Rights

You have specific rights regarding your personal information, depending on your country, province, or state of residence. We will consider and act upon any request in accordance with applicable data protection laws.


To exercise any of your rights, please contact us using the details provided in the "CONTACT US" section below.


Right to Access: You have the right to request access to the personal information we hold about you.


Right to Rectification:  You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.


Right to Erasure ("Right to be Forgotten"): You have the right to request the deletion of your personal information under certain circumstances.


Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal information under certain conditions.


Right to Object to Processing: You have the right to object to our processing of your personal information under certain circumstances.


Right to Data Portability:  You have the right to request a copy of your personal information in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.


Right to Withdraw Consent: If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing before its withdrawal.


Right to Lodge a Complaint: You have the right to lodge a complaint with a data protection authority regarding our collection and use of your personal information.


9.1 Global Privacy Control (GPC)

We recognize and honor the Global Privacy Control (GPC) signal as a valid opt-out request for the "sale" or "sharing" of personal information, as required by applicable US state laws.

9.2 Opting Out of Marketing and Promotional Communications

You can unsubscribe from our marketing and promotional communications at any time by:


  • Clicking the unsubscribe link at the bottom of our marketing emails.




You will then be removed from the marketing lists. However, we may still communicate with you for example, to send you service-related messages that are necessary for the administration and use of your Services, to respond to service requests, or for other non-marketing purposes.


➤Submit a Privacy Request

10. Do-Not-Track Features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online, except for Global Privacy Control (GPC) as outlined above. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy. We continuously monitor regulatory developments and will implement recognized DNT protocols once industry-wide standards are formally established.

11. Policy Updates

We may revise this Privacy & Data Security Policy periodically. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy frequently to stay informed about how we are protecting your information. Continued use of our Services constitutes acceptance of the updated terms.

12. Corporate Transactions

In the event of a merger, acquisition, restructuring, or asset sale, your information may be transferred to the new controlling entity, subject to this Policy.Any data transferred in a corporate transaction will remain subject to this Policy until amended by the acquiring entity.

13. Contact Us

For questions, requests, or complaints regarding this Privacy & Data Security Policy or our data practices, please contact us:


Gym Revival Group Data Privacy Officer

Email:  privacy@gymrevivalgroup.com

Toll-Free Phone: 800-733-4862

Mailing Address: 8117 Preston Road, Suite 300, Dallas, TX 75225

14. Accessibility & Language Support

We are committed to providing this Privacy & Data Security Policy, as well as all related communications, in accessible formats and multiple languages upon request. Please contact us at privacy@gymrevivalgroup.com to request accommodations.