Privacy Policy

We're pretty serious about keeping your info safe and secure. Here's the full breakdown on how we handle your data at Crystalis Forge.

Last Updated: October 29, 2025
Quick Navigation
GDPR Compliant
PIPEDA Compliant
SSL Encrypted

Look, we get it - nobody actually enjoys reading through privacy policies. But here's the deal: at Crystalis Forge Fitness, we've been operating in Vancouver since day one with a simple philosophy: treat people right, keep their trust, and never do anything sketchy with their data.

This policy covers everything we do with your personal information when you train with us, sign up for memberships, book sessions, or just browse our site. We're not gonna sell your email to some random supplement company or spam you with garbage. We collect what we need to run a solid gym and keep you updated on stuff that actually matters.

Based here in Canada, we follow all the rules under PIPEDA (that's the Personal Information Protection and Electronic Documents Act), plus we're compliant with GDPR standards because, honestly, those European folks got it right when it comes to data protection.

Bottom Line: Your data stays with us, we protect it like it's our own, and you've got full control over it. Simple as that.

Personal Identification Info

When you join up or book a session, we'll need the basics - your name, email, phone number, and address. Can't really run a membership or contact you about your PT sessions without this stuff, right?

Health & Fitness Data

Here's where it gets more specific. Since we're running high-intensity strength programs and athletic conditioning, we need to know about any injuries, health conditions, fitness goals, and current training levels. Our coaches use this to keep you safe and design programs that'll actually work for you. We take this data seriously - it's protected under health information regulations.

Payment Information

We process membership fees, class packages, and personal training payments. Your payment details go through secure, encrypted processors - we don't store your full credit card info on our systems. That's handled by certified payment gateways that are way better at security than we'd ever be.

Usage Data

We track stuff like which classes you attend, when you check into the gym, what programs you're enrolled in, and how you're progressing. This helps us improve our services and give you better recommendations. Plus, it's cool to look back and see how far you've come.

Website Analytics

Like pretty much every website out there, we collect some technical data when you visit - IP address, browser type, pages you look at, how long you stay. Nothing creepy, just standard analytics to make the site better.

We're not doing anything weird with your data, promise. Here's exactly what we use it for:

  • Running Your Membership: Processing payments, tracking attendance, managing your account, sending you membership updates.
  • Training Programs: Your coaches need your health info and fitness goals to design proper Olympic lifting progressions, CrossFit programming, or whatever you're working on. Safety first, gains second.
  • Communication: We'll email or text you about class schedules, program updates, facility closures, or new services. We keep it relevant - no spam about random stuff you don't care about.
  • Improving Services: Looking at attendance patterns, popular class times, equipment usage - helps us figure out what's working and what needs tweaking.
  • Nutrition Consulting: If you're working with our nutrition coaches, they'll use your dietary preferences, supplement history, and goals to build a plan that fits your training.
  • Legal Compliance: Sometimes we gotta keep records for tax purposes, liability protection, or regulatory requirements. It's boring but necessary.
Marketing Note: If we send promotional stuff (like new class announcements or special offers), you can opt out anytime. One click and you're done - we won't guilt trip you about it.

All your data lives on secure servers located in Canada. We use encrypted databases and regular backups so nothing gets lost if something goes sideways with our systems.

How Long We Keep Your Info
  • Active Members: We keep your data for as long as you're training with us, plus we need it accessible for ongoing programs and coaching.
  • Former Members: After you leave, we hold onto your info for 7 years. Why so long? Canadian tax and liability laws require it. After that, it gets permanently deleted.
  • Health Records: These follow stricter rules - we keep them for 10 years as required by provincial health information regulations in BC.
  • Payment Records: Financial transaction data is kept for 7 years for accounting and tax purposes.
  • Marketing Lists: If you've opted out or unsubscribed, we remove you immediately (though we keep a record that you opted out so we don't accidentally add you back).

Want your data deleted sooner? Just ask. We can work with you on that, though some stuff we legally have to keep for specific periods.

This is your data we're talking about. You've got rights, and we respect them. Here's what you can do:

Access Your Data

Request a copy of everything we have on you. We'll send it over in a readable format within 30 days.

Correct Mistakes

Found something wrong in your profile or records? Let us know and we'll fix it ASAP.

Delete Your Data

Want out? Request deletion and we'll remove what we can (some stuff we're legally required to keep for a while).

Opt Out

Unsubscribe from marketing emails, promotional texts, or any non-essential communication with one click.

Data Portability

Moving to another gym? We'll export your training data so you can take it with you.

Object to Processing

Don't like how we're using your data for something? Speak up and we'll discuss alternatives.

To exercise any of these rights, just shoot us an email at info@crystalisforge.info or call us at (604) 555-2847. We'll get back to you within a couple days.

Yeah, we use cookies. Not the protein cookie kind (though we should stock those), but the digital tracking kind. Here's the breakdown:

Essential Cookies

These keep the site working - stuff like keeping you logged in, remembering your cart if you're buying a membership package, basic functionality. Can't really turn these off if you want the site to work properly.

Analytics Cookies

We use Google Analytics to see how people use the site - what pages are popular, where folks are getting stuck, how they found us. It's all anonymous aggregate data. Helps us make the site less crappy.

Marketing Cookies

These track if you came from an ad or social media post, so we know what's actually working. Also used for retargeting - you know, when you visit our site and then see our ads elsewhere. You can disable these in your browser settings if they bug you.

Cookie Control: Most browsers let you block or delete cookies. Check your browser settings under privacy/security options. Just know that blocking everything might make the site work weird.

We don't sell your data. Period. Never have, never will. But we do work with some third-party services to run the gym smoothly:

  • Payment Processors: Stripe and other secure gateways handle transactions. They see your payment info, but it's encrypted and they're PCI-DSS compliant (that's the gold standard for payment security).
  • Email Service: We use MailChimp or similar services to send newsletters and updates. They can see your email and name, but they're bound by their own privacy policies and can't use your data for anything else.
  • Scheduling Software: Our booking system needs access to your appointment data to, well, book appointments. All good providers with solid security.
  • Cloud Storage: Member data is backed up to secure cloud servers. Everything's encrypted at rest and in transit.
  • Analytics Platforms: Google Analytics and similar tools get anonymized usage data to help us improve the site.

All these third parties are contractually obligated to protect your data and can only use it for the specific services they provide to us.

When We HAVE To Share

Only in specific situations:

  • Legal requirements (like a court order or subpoena)
  • Emergency situations where someone's health or safety is at risk
  • Business transfers (if we ever sold the gym, your data would transfer with proper protections)
  • With your explicit consent for specific purposes

We take security seriously. Here's what we've got in place to protect your data:

SSL Encryption

All data transmitted to and from our site is encrypted using industry-standard SSL/TLS protocols.

Secure Servers

Data stored on firewalled servers with restricted access and regular security audits.

Access Controls

Only authorized staff can access member data, and it's logged every time.

Regular Backups

Daily encrypted backups ensure we can recover your data if something goes wrong.

Software Updates

We keep all systems patched and updated to protect against known vulnerabilities.

Staff Training

Our team is trained on data privacy best practices and confidentiality requirements.

Real Talk: