Privacy Policy

Last updated July 31, 2020

Predictive Fitness, Inc. d/b/a TriDot (“we” or “us”) is a cloud-based platform that enables users to optimize their triathlon training regimens and race-day performance. We are committed to the protection of the privacy of visitors (“visitors”) to our website, tridot.com and individuals or entities that register to use our products and services (“customers”).  This privacy policy covers how we collect, use, retain, disclose, and transfer the personal data of visitors and customers.

We review our privacy practices on an ongoing basis, and as such, this privacy policy is, and will continue to be, subject to change. If such change includes any significant, material changes, we will provide clear notice of the update on the homepage of our website.  Please read this privacy policy carefully to understand our policies and practices regarding your personal data.

To the extent provided under applicable law, the terms “personal data,” “data controller” and “data processor” shall have the meanings given to their respective corresponding terms under such law.

Without limiting the foregoing, to the extent that the California Consumer Privacy Act (the “CCPA”) applies to your use of our products or services, the following terms used herein shall have the following meanings:

  • Personal data shall mean personal information;
  • Data controller shall mean business; and
  • Data processor shall mean service provider.

1. Role of Predictive Fitness

We act as a data controller with respect to personal data collected from visitors and customers.

2. Collection of Personal Data

Throughout this privacy policy, we use the term “personal data” to mean any information relating to an identified or identifiable natural person, such as name, email address, and phone number and which is not otherwise publicly available. Personal data may include other types of information depending on the definition that applies in your physical location.

This section explains the various ways in which we may collect your personal data.

Personal Data You Provide to Us

We may collect personal data you provide to us in the following scenarios:

  • You provide it to us by signing up for an account and/or using our products and services;
  • You provide it to us by filling out a form to request content, such as a newsletter;
  • You provide it to us by filling out a form or starting a conversation to request additional information about our products or services;
  • You provide it to us in connection with purchasing products through our online store;
  • You provide it to us by applying for a job with us; or
  • You provide it to us by contacting us via email or telephone.

The personal data collected in these instances may include your name, phone number, email address, physical address, medical information, geolocation data, biometric data, genetic data, payment information, data about your training and event performance and/or any other personal data that you choose to provide.

Personal Data We Collect Automatically

As you navigate our website, we may also collect information through the use of commonly used information-gathering tools, such as web beacons, standard information from your web browser (such as browser type and browser language), your IP address, and the actions you take on our website.  We may receive reports based on your use of our website and/or products and services from third party service providers as de-identified information or as aggregate data (as defined below).

Personal Data We Collect From Third-Parties

We may obtain personal data about you from third-party products or from third party sponsored activities or events in which you are a participant. For example, we may obtain geolocation and biometric data from third-party products, such as bicycle computers, triathlon watches, heart rate monitors or similar devices.  We may also obtain geolocation and biometric data from third-party services, such as third-party genetic screening applications and third-party workout mapping platforms.  We may obtain genetic data from third-party service providers with whom you have subscribed to for services and elected to share with us.  Personal data will only be obtained by us from such third-party providers if and to the extent you elect to have such personal data transmitted to us.

Children’s Information

Our site is directed to individuals who are the age of majority or older in their jurisdiction.  We do not knowingly collect information from children under the age of 13.  If you believe your child has provided information to us, please contact us using the information provided below.

3. Cookies and Do Not Track

When you visit our website, we use “session cookies” (a piece of information stored on your computer temporarily and deleted from the user’s device when the browser is closed) and “persistent cookies” (which stay on your device until you delete them).  Session cookies help us confirm your identity and are required in order to log into your account, whereas persistent cookies assist you in using our website or services (such as by not having to re-enter your username and password each time you use our services) or aid in website navigation.

We also use performance cookies provided by Google and Facebook, which enable us to provide a better user experience when using our website and to improve our web services and to aid in marketing efforts.

If you wish to prevent cookies from being used as you navigate our website, you can set your browser to refuse all cookies and/or indicate when a cookie is being sent.  Users who disable their web browsers’ ability to accept cookies will be able to browse the website, but may not be able to access or take full advantage of all of the features and services on the website.

Some web browsers have a “do not track” feature. This feature lets you tell websites you visit that you do not want to have your online activity tracked. These features are not yet uniform across browsers. Our sites are not currently set up to respond to those signals.

4. Uses of Personal Data

Uses of Personal Data

We use personal data in order to provide our products and services to you, respond to requests from you, to carry out our legal obligations and our obligations to you, to protect your interests, and to provide you with notices.  Following are examples of how we use your personal data and, if you are a resident of the European Union (the “EU”) or United Kingdom (the “UK”), the legal basis for such use:

  • We may process the personal data you provide to us when you fill in forms on our website to respond to your request and to contact you about that request. Our legal basis for processing this personal data is our legitimate interest in communicating with you and fulfilling your requests.
  • We may process your personal data to provide products and services to you (including the as well as for non-marketing or administrative purposes (including any geolocation data that we may collect from third-party products, such as bicycle computers, triathlon watches, heart rate monitors or similar devices). Our legal basis for processing this personal data is in the performance of our contract to provide products and services to you; provided, that for any biometric, genetic or other sensitive personal data, the basis for such processing is consent.  You may withdraw your consent at any time by deleting your account; however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
  • We may process your personal data for purposes of allowing you to share such personal data with others (e.g., coaches or other users) through our products and services.  Our legal basis for processing this personal data is your consent.  You may withdraw your consent at any time by deleting your account; however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal. You should be thoughtful about your sharing choices. Once you have chosen to share any personal data, the individuals with whom you share this information may also use or share your personal data, including any biometric, genetic or other sensitive information that you choose to share.  
  • We may process the personal data you provide to us for the purpose of operating our website, products and services, ensuring the security and integrity of our website, products and services and maintaining back-ups of our databases. Our legal basis for processing this personal data is our legitimate interests, namely the proper administration of and security of our website, products and services; provided, that for any biometric, genetic or other sensitive personal data, the basis for such processing is consent.  You may withdraw your consent at any time by deleting your account; however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
  • We may process the personal data that you provide to us for the purpose of improving and optimizing our website, products and services, including the analytics capabilities included therein.  Our legal basis for processing this personal data is our legitimate interests, namely the improvement and optimization of our website, products and services; provided, that for any biometric, genetic or other sensitive personal data, the basis for such processing is consent.  You may withdraw your consent at any time by deleting your account; however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
  • For data and information that we collect through tracking technologies about your interaction with our website, products and services, we use this information for analyzing the use of the website or such products or services in order to improve the quality, design and user experience of our website or such products or services. Our legal basis for processing this type of data is our legitimate interests, namely to provide you with a better user experience.
  • We may use the personal data you provide to us for the purpose of offering, marketing and selling products and services to you. Our legal basis for processing this personal data is consent.  You may withdraw your consent at any time by deleting your account; however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
  • We may also use any of your personal data for the purposes of: (i) enforcing our agreements and policies, (ii) protecting or defending our legal rights; (iii) protecting your vital interests or the vital interests of another natural person; (iv) complying with a legal obligation; or (v) providing you with customer support, including answering questions, troubleshooting problems, and other support that you may, from time to time, request.

Retention of Personal Data

Personal data is not kept by us for longer than is necessary for the specific purpose identified in this privacy policy unless we are required to retain your personal data for a longer period of time to comply with our legal obligations (for example, if we are required to retain your personal data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.  Notwithstanding the foregoing, if you create an account with us, we will retain your personal data for so long as you maintain such account and for a period of three (3) years thereafter.  

Automated Decision-Making

We do not use any personal data provided by you for the purpose of any automated decision-making that produces legal effects concerning you or similarly significantly affects you.

5. Sharing of Personal Data

Personal Data

We may disclose personal data that we collect or you provide as described below.  We do not share or sell your personal data with any third-parties for direct marketing purposes.

  • We disclose personal data to third-party vendors who help us operate the website and the services, including hosting and cloud computing providers.  These third-parties may be based in locations outside the EU and UK. These third-parties are contractually obligated to maintain the confidentiality of your personal data consistent with the terms of this privacy policy and to comply with the applicable data protection laws.
  • We may disclose your personal data if we believe in good faith that such action is necessary in order to comply with (i) a legal obligation, (ii) protect and defend the rights of Predictive Fitness, (iii) act in urgent circumstances to protect the personal safety of our users or customers, or (iv) protect against legal liability.
  • If you purchase our products or services, your payment information may be provided to a third-party payment processor, and such processor’s use of such payment information would be governed by such processor’s own privacy and other policies.
  • With your consent, we may provide your personal data to third-parties for purposes of enabling such third-parties to use such personal data for purposes of your relationship with such third-parties.  Any use of your personal data by such third-parties will be subject to the terms and policies implemented by such parties, and Predictive Fitness shall have no responsibility for any improper use or disclosure of your personal data by such third-parties.  Predictive Fitness will obtain your express consent prior to any such disclosure, and if you do not wish for your personal data to be shared in this manner, you may choose not to permit Predictive Fitness to disclose it.
  • We may, from time to time, partner with other companies to jointly offer products or services. In such cases, you will be asked to specifically opt in to share your personal data with our business partners if you choose to purchase or specifically express interest in a jointly offered product or service.  If you do not wish for your information to be shared in this manner, you may choose not to purchase or express interest in a jointly offered product or service.
  • We may transfer your information to an entity or individual that (i) acquires, buys, or merges with us, or our affiliated business units or (ii) acquires or otherwise takes possession of all or any part of our business assets, including in connection with a liquidation or dissolution.

Aggregated Data

We may share with third-parties “aggregate data,” which is information that has been removed of any personal data and is combined with information of others so that you cannot reasonably be identified as an individual. This information does not identify any particular individual or disclose any particular individual’s data.  We may share aggregate data with our users as well as third-parties as we deem appropriate.

6. Data Security

We take the protection of your data seriously and use reasonable measures to safeguard the collection, transmission and storage of any data we collect. Despite using reasonable protections to protect your data, we cannot guarantee the security of the information you share with us.  We use industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of personal data and credit card numbers and employ network segmentation strategies to prevent disclosure to bad actors. We also engage providers that are industry leaders in online security to strengthen the security of our products and services.  

To maximize the effectiveness of our security measures, you should use a security-enabled browser to submit your credit card information and other personal data to us. Please note that if you do not use a SSL-capable browser, you are at risk for having data intercepted.  We also recommend using a unique password in connection with your account and updating that password frequently.

While we continue to work hard to protect your personal data, no data transmission over the Internet can be guaranteed to be absolutely secure, and we cannot guarantee the security of any personal data you provide to us.

7. Your California Privacy Rights

If you are a California resident, then you have certain additional rights under the CCPA regarding your personal data.

Right to Know

You have the right to know and see what data we have collected about you over the past twelve months, including:

  • The categories of personal data we have collected about you;
  • The categories of sources from which the personal data is collected;
  • The business or commercial purpose for collecting your personal data;
  • The categories of third parties with whom we have shared your personal data; and
  • The specific pieces of Personal data we have collected about you.

Right to Delete

You have the right to request that we delete the personal data we have collected from you (and direct our service providers to do the same), subject to certain legally permitted exceptions.

Exercising Your Rights

To exercise your right to know or your right to delete, please submit a verifiable consumer request to us as indicated in Section 12 (“Contact Us”) of this privacy policy or, if you are a user of our application, through the application. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal data. You may only make a verifiable consumer request to exercise your right to know twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal data or an authorized representative; and
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal data if we cannot verify your identity or authority to make the request and confirm the personal data relates to you.

8. Your Rights Under GDPR

We strive to provide you with choices regarding the personal data you provide to us, and we understand that you may have the right to access, correct, delete, object to and restrict our use of your personal data.  In particular, if you are a resident of the EU or UK, you have the following rights with respect to your personal data:

  • Access. You can ask us to confirm whether we are processing your personal data, to give you a copy of that data, and to provide you with other information about your personal data (to the extent that such information has not already been provided to you in this privacy policy).
  • Rectification. You can ask us to rectify inaccurate information. We may seek to verify the accuracy of the data before rectifying it.
  • Erasure. You can ask us to erase your personal data, but only (i) when it is no longer needed for the purposes for which it was collected, (ii) when you have withdrawn your consent (where the data processing was based on consent), (iii) following a successful right to object, (iv) when it has been processed unlawfully, or (v) to comply with a legal obligation to which we are subject. We are not required to comply with your request to erase your personal data if the processing of your personal data is necessary for compliance with a legal obligation or for the establishment, exercise, or defense of legal claims. There are certain other circumstances in which we are not required to comply with your erasure request, although these two are the most likely circumstances in which we would deny that request.
  • Restriction. In certain contexts, you can ask us to restrict (i.e., keep but not use) your personal data.  We can continue to use your personal data following a request for restriction (i) where we have your consent; (ii) to establish, exercise, and defend legal claims; or (iii) to protect the rights of another natural or legal person.
  • Objection. You can object to any processing of your personal data which has our ‘legitimate interests’ as its legal basis if you believe your fundamental rights and freedoms outweigh our legitimate interests. Once you have objected, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms. In addition, you can object to the processing of your personal data for direct marketing purposes, which includes profiling to the extent that it is related to such direct marketing without providing any reason. We will then cease the processing of your personal data for direct marketing purposes.
  • Portability. You can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it ‘ported’ directly to another data controller, but only where our processing is based on your consent and the processing is carried out by automated means.
  • Withdrawal of Consent. You can withdraw your consent in respect of any processing of personal data which is based upon a consent which you have previously provided.

Requests for any of the foregoing should be submitted via email to: privacy@tridot.com.  Please allow a reasonable time to process any such request.

9. International Transfers

If we transfer any personal data from the UK, Switzerland or the European Economic Area (“EEA”) to a third country or territory outside the UK, Switzerland or the EEA that has not received a binding adequacy decision by the European Commission or a competent national data protection authority, such transfer will occur only with your explicit consent and in accordance with applicable data protection laws. In particular, where data is collected from an individual in the UK, Switzerland or the EEA, explicit consent will be obtained for the data to be transferred to the United States. You should know that the United States’ laws may not provide the same level of protection as the laws of the EEA.

We provide an individual opt-out choice, or opt-in for sensitive data, before we use personal data for a purpose other than which it was originally collected (including the uses set forth in Section 4 of this privacy policy) or subsequently authorized. To request to limit the use of your personal data, please submit a written request to privacy@tridot.com.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Predictive Fitness is committed to resolving complaints about your privacy and our collection or use of your personal data transferred to the United States. Individuals in the EU, UK or Switzerland with international transfer inquiries or complaints should first contact Predictive Fitness by email at privacy@tridot.com.

Predictive Fitness does not sell the personal data of its users.

10. Third-Party Websites

Our website may contain links to other websites that are independent, are not owned or operated by us and are not covered by this privacy policy.

We have no responsibility or liability for the content and activities of other websites, even if they are linked to our website.  We also have no responsibility or liability for any transactions between you and any third-party, even if linked to our website.

11. Updates to this Privacy Policy

This privacy policy may change from time to time, so please check back periodically to check the most recent modification date to ensure that you are aware of any changes in our processing of your data.  If we make any material changes, we will notify you by means of a notice on our website. Your continued use of the website and/or services after any changes signifies your express and unambiguous consent to any such changes.  If you do not agree to such changes, your choice is to immediately cease using our website and/or services.

12. Contact Us

We commit to resolve complaints about your privacy and our collection or use of your personal data. If you have any questions or concerns regarding the way in which your personal data is being processed or you want to exercise your rights above, please reach out to us using the following details:

By Post
Predictive Fitness, Inc.
Attn: DPO
2600 E. Southlake Blvd., Suite 120 #140
Southlake, Texas 76092

By Email
privacy@tridot.com

As Predictive Fitness does not have establishments in the EU or the UK, we have appointed an EU and UK representative whom you may contact if you are located in such jurisdictions to raise any issues or queries you may have relating to our processing of your Personal Data and/or this privacy policy more generally. The EU and UK postal addresses for this representative are as follows:

EU location
DPR Group
3rd and 4th floor, Altmarkt 10 B/D
Dresden, 01067, Germany

UK location
DPR Group
BPM 335368, 372 Old Street, EC1V 9AU
London, United Kingdom

To reach our EU and UK representative by electronic mail, please send emails to datainquiry@dpr.eu.com referencing “Predictive Fitness, Inc.” in the subject line. You can also contact our EU and UK representative through their online web form at www.dpr.eu.com/datarequest.  Please ensure that all postage is addressed to “DPR Group” and not “Predictive Fitness” or “TriDot.” 

13. Filling a Complaint

If you are in the EU or UK, you may lodge a complaint with a supervisory authority that has authority in your country or region. Please click here for contact information for such authorities.

* * * * *

Patents applied for in the U.S. and abroad. Trademarks of Predictive Fitness, Inc. include nSight, TriDot, SwimDot, BikeDot, RunDot, TrainX, RaceX, Physiogenomix, EnviroNorm, eNorm, IronIndex, Optimized Triathlon Training, Normalized Training Stress, NTS, and Training Stress Profile.

Copyright © Predictive Fitness, Inc. All Rights Reserved.