Privacy Policy

SwingFIT Academies (DIFC) Limited

SwingFIT Academies (DIFC) Limited and its affiliates (collectively the “Company”, “we” or “us”)
is the data controller responsible for your personal data under this privacy policy, and we value
your security and privacy. In accordance with the DIFC Law No.5 of 2020 as amended by DIFC
Law No.1 of 2025 (the “Data Protection Law”) and our Terms and Conditions, this privacy
policy (the “Policy”) outlines:

(i) the categories of personal data we collect;
(ii) the legal basis and purpose for processing such data;
(iii) your rights as a data subject, including your right to access, correct, erase, or restrict the
processing of your personal data;
(iv) how you may exercise those rights by contacting us via the communication channels
provided below.

We may collect your personal data when you use our website or otherwise interact with us. You
may at any time request access to, rectification of, or erasure of your personal data, or object to
or restrict its processing, by contacting our Data Protection Officer or writing to us using the
contact details provided in this Policy.

This is our official website: https://swingfitacademies.com/
What is included in this Policy

1. What data do we collect?
2. How do we collect your data?
3. Why do we process your data?
4. Do we share your data with third parties?
5. How do we protect your data?
6. How long do we keep your data?
7. Marketing
8. What are your data protection rights?
9. Cookies
10. What types of cookies do we use?
11. How to manage your cookies
12. Children
13. Privacy policies of other websites
14. Changes to our Policy
15. How to contact us
16. What data do we collect?

1.1. Data that you give us:

a. Name
b. Email address
c. Phone number
d. Mailing address
e. Social media handles
f. Payment information (if applicable)

1.2. Data that we collect from you:
a. Technical information (including but not limited to IP Address, operating system, unique
device identifiers, time zone settings, browser information)
b. Behavioural Data (including but not limited to browsing behaviour and interaction history
on our website)
c. Cookie data (see point 9 below)
d. Records of correspondence between you and us

1.3. Any information relating to an identified or identifiable natural person provided to
us or collected by us, on its own or in combination with other non personally identifiable
information can be used to identify an individual specifically, shall be classified and
treated as personal data under this Policy.

1. How do we collect your data?
   
   We collect and process your data when you:
   a. Place an order or make a booking for any of our products or services.
   b. Voluntarily complete a customer survey or interact with any of our company
   communication channels, including via telephone, email, other digital forms and our
   social media platforms
   c. Use or view our website via your browser’s cookies
2. Why do we process your data?
   3.1. The below table outlines:
   i. Our purposes for collecting your data
   ii. Our legal justifications (each a “legal basis”) under the Data Protection Law for each
   purpose
   iii. Categories of data that we use for each purpose
   
   3.2. Here is an explanation of each legal basis to help you understand the table:
   a. Performance of a contract: When it is necessary for our Company or a third party to
   process your data to:
   i. Comply with obligations under a contract with you. This includes our obligations
   under the Terms and Conditions to avail our products and services
   ii. Verify information prior to you entering into a contract with us

1. 
   Legitimate interest: When we have a legitimate interest in processing your data in a
   certain way, which is necessary and justifiable considering the risks the processing may
   pose.
   c. Consent: Where you have given your consent for the data to be processed for one or
   more specific purposes.
   d. Compliance with legal obligations: Where we must process your data to comply with
   a law.

3.3. We will take all steps reasonably necessary to ensure your personal data is
processed fairly and lawfully, in accordance with the Data Protection Law and this
Policy.
3.4. Unless otherwise notified, we do not ordinarily rely solely on automated decision
making when processing your personal data.

1. Do we share your data with third parties?
   
   4.1. We may share your information with third parties as follows:
   a. To our subsidiaries and affiliated entities, where permitted under applicable law
   b. To payment service providers to process payments
   c. To management partners who manage your bookings and provide us with customer
   management services
   d. To government or law enforcement authorities if requested or required under applicable
   law
   
   4.2. In order to conduct our operations or fulfil regulatory obligations, we may transfer,
   process or store the personal data described in this Policy outside of the Dubai
   International Financial Centre (DIFC) including to countries that may not offer an
   equivalent level of data protection. Where such transfers occur, we take appropriate
   security measures and implement appropriate safeguards in accordance with the Data
   Protection Law to protect your personal data in accordance with this Policy.
   
   4.3. We rely on you to provide accurate and complete personal data. We will update
   or rectify your personal data when you notify us of changes or inaccuracies, in
   accordance with this Policy and our obligations under applicable law.
2. How do we protect your data?
   
   5.1. We make every effort to ensure that your data is secure on our systems. We
   have staff dedicated to maintaining our data protection and security policies, periodically
   reviewing them, conducting periodic assessments and scheduling regular internal
   training sessions for making sure that our employees are aware of our data protection
   and security practices. Unfortunately, no data transmission over the internet can be
   guaranteed to be 100% secure. As a result, we cannot warrant or guarantee the security
   of any personal data you transmit to us, and you do so at your own risk.
   
   We implement appropriate technical and organisational measures to ensure a level of security
3. appropriate to the risk, in accordance with the Data Protection Law.
4.  
5. 5.2. We have established policies and procedures for securely managing information
6. and protecting personal data against unauthorized access. We continually assess our
7. data privacy information management and security practices. We do this in the following
8. ways:
9. a. Establishing policies and procedures for securely managing information
10. b. Limiting employee access to viewing only necessary information in order to perform their
11. duties
12. c. Protecting against unauthorized access to personal data by using data encryption,
13. anonymization and authentication as required
14. d. Requiring service providers with whom we do business to comply with relevant data
15. privacy legal and regulatory requirements
16. e. Monitoring our websites through recognized online privacy and security organizations
17. f. Engaging in regular third party audits of our policies and practices
18. g. Conducting background checks on employees and providing training to our employees
19. h. Maintaining a Data Breach Response Plan and notifying the DIFC Commissioner of Data
20. Protection and affected Data Subjects where required under the law
21. i. Ensuring personal data is retained only for as long as necessary and securely disposed
22. of, in accordance with our data retention policy

1. How long do we keep your data?
   
   6.1. We keep your personal data only for as long as necessary to fulfill the purposes
   for which it was collected, which include:
   a. Providing you with our services;
   b. Maintaining the quality and performance of our products and services
   c. Supporting internal data analytics and decision-making processes;
   d. Addressing complaints, inquiries, feedback and disputes
   e. Complying with applicable legal, regulatory and contractual obligations
   f. Where applicable, meeting the minimum retention periods required under DIFC laws
   
   6.2. Retention periods are determined in accordance with the nature of the data, our
   legal obligations (including those under DIFC law), and the purposes for which the data
   was collected and processed.
   
   6.3. Where personal data is no longer required, it will be securely deleted,
   anonymised, or pseudonymised, unless further retention is required to comply with legal
   or regulatory obligations.
2. Marketing
   7.1. If you have agreed to receive marketing communications from us and our
   partners, you may always opt out at a later date. You may withdraw your consent at any time or object to the processing of your personal data for direct marketing purposes. You
   have the right at any time to stop us from contacting you for marketing purposes.
3. 7.2. Please note that we may continue to send you transactional or service-related e-
4. mails necessary for your use of our products or services.
5.  
6. 7.3. Please note that if you unsubscribe from our marketing communications, this will
7. not affect promotional messages from third parties or unaffiliated marketers whose
8. services you accessed via our website. We do not control the marketing practices of
9. such third parties and you should contact them directly to exercise your opt-out rights.
10.  
11. 7.4. Finally, we will remove your personal data from our direct marketing lists upon
12. request but please be aware that if such information is also held by a different third
13. party’s marketing directory through your request or election, you will need to request
14. removal with such third party directly.
15.  

1. What are your data protection rights?
   8.1. You have the right to access information held about you. Your right of access can
   be exercised at any time and without the need to provide a reason, in accordance with
   the Data Protection Law.
   
   8.2. You have the right to ask us to rectify information you think is inaccurate. You
   also have the right to ask us to complete information you think is incomplete.
   8.3. You may also request that we restrict the processing of, erase, transfer the
   information you gave us from one organisation to another, or otherwise process your
   personal data in line with the relevant articles providing for such rights set out in the Data
   Protection Law.
   
   8.4. We do not charge a fee for responding to your data subject access request
   unless the request is manifestly unfounded or excessive, in which case a reasonable fee
   may be charged or we may refuse to act on the request.
   
   8.5. When you contact us about a potential personal data error or query, we will
   confirm or verify the information in question, then correct verified inaccuracies and
   respond to the original inquiry. We will endeavor to send a correction notice to
   businesses or others whom we know to have received the inaccurate data, where
   required or appropriate. However, some third parties and third party sites may continue
   to process inaccurate data about you until their databases and display of data are
   refreshed or until you contact them personally to ensure the correction is made in their
   own files.
   
   8.6. As set out in Article 39 of the DIFC Data Protection Law, we may not discriminate
   against you for exercising your rights by denying services or changing prices or quality of
   service, unless objectively justifiable and applied equally across all individuals accessing
   our services.

8.7. If you would like to exercise any of your data rights, please contact us via the
details below.

We will respond to you within the timeframe required by law, which is
generally 30 days.
info@swingfitacademies.com
+971 52 602 9389

1. Cookies
   
   Cookies are text files placed on your computer to collect standard Internet log information and
   visitor behavior information. When you visit our website, we may, with your consent (where
   required) collect information from you automatically through cookies or similar technology. For
   further information, visit allaboutcookies.org.
2. What types of cookies do we use?
   There are a number of different types of cookies, however, our website uses:
   
   a. Essential / Functional Cookies: These cookies are necessary for the operation of our
   website and cannot be switched off in our systems. They enable core functionality such
   as security, network management, and accessibility.
   
   b. Preferences: These cookies remember your settings and preferences, such as
   language or location, to provide a more personalised experience.
   
   c. Advertising / Marketing: These cookies track your browsing habits to help deliver
   advertising that is more relevant to you. We may share this information with advertising
   partners in accordance with applicable data protection laws. You will be asked to
   consent before we enable advertising cookies.
   
   d. Analytics: We use analytics cookies to understand how visitors interact with our website
   by collecting and reporting information anonymously. These cookies help us measure
   and improve the performance of our site by collecting and reporting information such as
   the number of visitors, how they found the website, which pages are visited most often
   and how users navigate through the site. The data collected is anonymised and does not
   directly identify you. We may use third-party analytics services (such as Google
   Analytics) for this purpose. Where applicable, we ensure appropriate safeguards are in
   place in accordance with data protection requirements. These cookies are used to
   enhance site performance and user experience.
3. How to manage your cookies
   Before we store or access non-essential cookies on your device, we will ask for your explicit
   consent via a cookie banner or tool. You can choose to accept all cookies, reject all non-
   essential cookies, or manage preferences through our cookie settings interface.

Additionally, you can set your browser not to accept cookies, and the above website tells you
how to remove cookies from your browser. However, in a few cases, some of our website
features may not function as a result.

How to contact us
If you have any questions or concerns about this Policy, please contact:
info@swingfitacademies.com
+971 52 602 9389

You may also contact the DIFC Commissioner of Data Protection’s Office at:
Dubai International Financial Centre Authority
Level 14, The Gate Building
+971 4 362 2222
commissioner@dp.difc.ae

Children
This website is not targeted, intended or expected to be of use to children. We do not knowingly
collect or process personal data relating to individuals under the age of 18 without appropriate
consent. If any of the company’s products or services are availed for use by children under the
age of 18, whether through our website or by any other means, such use must be with the
express consent of their parent or legal guardian. Parents or guardians who believe that we may
have collected personal data from a minor without proper consent may contact us using the
details in this Policy to request deletion.

Privacy policies of other websites
Our website may contain links to third-party websites or services not operated or controlled by
the Company. This Privacy Policy applies only to our website. Once you leave our website by
following a link, we encourage you to review the privacy policy of the third-party site to
understand how your personal data may be collected, processed or used.
We are not responsible for the privacy practices, content or terms and conditions of any third-
party websites. Accessing such websites is at your own risk.

Changes to our Policy
We keep our Policy under regular review and may make changes to it from time to time. Where
we make material changes to this Policy or to how we process your personal data, we will take
appropriate steps to notify you, such as posting a notice on our website or contacting you
directly via email (where feasible). Your continued use of our goods, services or website after
such notice constitutes your understanding of the changes. We encourage you to periodically
review this Policy for the latest information on our privacy practices.