LindoraLogo_LindoraBlue

Lindora Privacy Policy

 

Last updated:  June 26, 2024

 

This Lindora Privacy Policy describes how Lindora Franchise, LLC (“Lindora”) and our corporate parent, Xponential Fitness LLC (collectively, “we”, “us”, or “our”) collects, discloses, and uses personal information. This Lindora Privacy Policy supplements the Xponential Privacy Policy, and applies to personal information we collect online, via our website (https://www.lindora.com/) and our other online platforms or services where this Lindora Privacy Policy is displayed (collectively, “Online Services”), and offline, including at our studios, and programs and events operated by or in partnership with us. For purposes of this Lindora Privacy Policy, the term “personal information” has the same meaning as the equivalent term defined under applicable laws, including related to certain health data, and does not include certain types of information, such as publicly available information or de-identified information.

We encourage you to read our privacy policies – including this Lindora Privacy Policy and the Lindora Consumer Health Data Privacy Policy – carefully and review them regularly for any updates to better understand how we handle your personal information.

 

Summary of this Lindora Privacy Policy

 

This section summarizes the Lindora Privacy Policy – which describes our data handling practices in more detail, below – and is intended to provide a quick-reference related to our collection and use of your personal information. For more information regarding our use of your health data, please see our Consumer Health Data Privacy Policy. 

  • What Personal Information We Collect. We may collect the following categories of personal information from and about you: Identifiers; Characteristics of protected classifications under certain state or federal law; Commercial information; Internet or other electronic network activity information; Payment information; Biometric information; Geolocation data; Professional or employment-related information; Consumer health data; and Other sensitive personal information.
  • How We Collect and Use Your Personal Information. We typically collect personal information directly from you, including via cookies or other tracking technologies, but we may also collect information about you from the Clinician Partners, corporate parent, franchisees, vendors, or other third parties that assist in the provision of services to you. We use this information, consistent with this Lindora Privacy Policy, to: provide you with our products and services, including facilitating your interaction with the Clinician Partners; improve and develop new offerings, features, and services; maintain our business relationship with you, including customer correspondence or other modes of communication; promote our products and services, and otherwise serve advertising and marketing campaigns; comply with applicable laws or legal requirements; or for other purposes with your consent.
  • How We Protect and Retain Your Personal Information. We use reasonable security measures that are designed to protect your personal information; however, no system of transmission or storage of data can be 100% secure, and we cannot guarantee the absolute security of your information. We retain your personal information for as long as is reasonably necessary to fulfill the purpose(s) for which it was collected, or as otherwise required to be retained under applicable law.
  • Selling and Sharing your Personal Information. We may sell or share certain categories of personal information (e.g., we share identifiers for advertising purposes) subject to applicable law. You may opt out of the selling or sharing of your personal information by completing our online request form (Your Privacy Choices Request Form). For more information, please see the section below on “How to Exercise Your Privacy Rights.” 

 

Clinician Partners

Our franchisees partner with wellness professionals and licensed healthcare practitioners (the “Clinician Partners”) to facilitate hormone, GLP-1, or other health-related treatments or services from Lindora. Certain personal information collected by the Clinician Partners in the provision of these services to you is consumer health data. This data may be accessible to us and third parties that assist in providing the health-related treatment(s) or service(s) that you request, each as appropriate; it is securely stored in systems controlled by our corporate parent.

For more information regarding our use of your health data, please see the Lindora Consumer Health Data Privacy Policy.

 

What Personal Information We Collect

We may collect the following categories of personal information from and about you:

  • Identifiers, such as name, email address, IP address;
  • Characteristics of protected classifications under certain state or federal law, such as your age and gender;
  • Commercial information, such as products or services purchased, obtained, or considered;
  • Internet or other electronic network activity information, such as information regarding your interaction with our Online Services;
  • Payment information, such as credit or debit card number and other payment or financial information;
  • Geolocation data, such as information collected through GPS technology;
  • Consumer health data, as the term is defined in applicable privacy laws, such as past and present physical health status, current or future treatments, and your use or purchase of prescribed medication (consumer health data is “sensitive personal information” – for more information, please see the Lindora Consumer Health Data Privacy Policy; and
  • Other sensitive personal information, as the term is defined in applicable privacy laws and for purposes as permitted by applicable laws or with your consent, which may include information related to your body composition, exercise habits, nutrition, metabolic information, vital signs, and precise geolocation data.

 

How We Collect Your Personal Information

We typically collect personal information from you, or about you from the Clinician Partners, in order to provide you with our services. More specifically, we may collect personal information:

  • Directly from you, such as when you complete forms, register or purchase products and services, sign up to receive emails or text messages, contact us, book or attend an appointment, make a payment, or visit our Online Services or our clinics or other physical locations, and events;
  • Indirectly from you, including when you interact with our Online Services, such as when certain information is automatically collected using online tracking technologies, such as pixels, cookies, and web beacons, or when you use Wi-Fi services provided by us in our clinics or other physical locations;
  • From the Clinician Partners, as a result of your consultation(s) with the Clinician Partners to obtain hormone, GLP-1 or other health-related service(s) or treatment(s), when your personal information, including consumer health data, is input into secure systems controlled by our corporate parent;
  • From our corporate parent and franchisees, such as when you register for and attend appointments (other than with the Clinician Partners), promotional events, or otherwise interact with us or our franchisees;
  • From our business partners, such as when we collaborate or co-sponsor events with other businesses with which we partner;
  • From our vendors, such as our service providers that collect your personal information on our behalf, including data analytics companies, or that otherwise assist us in the provision of services to you; and
  • From third parties and other sources, such as social media platforms and online advertising networks.

 

How We Use Your Personal Information

We may use or disclose the personal information we collect for different purposes, which may include one or more of the following business purposes:

  • To provide or improve our products and services, including to facilitate your consultation(s) with the Clinician Partners, to obtain hormone, GLP-1 or other health-related service(s) or treatment(s), or otherwise to fulfill the purpose(s) for which your information is collected, including providing you with information, products or services that you request;
  • To process payment or financial transactions, including to facilitate new product orders or process returns;
  • To analyze your use of our products and services, including how you interact with our Online Services, in order to improve the same, personalize your experience and provide recommendations, customize advertising and marketing campaigns, and otherwise to better understand your needs;
  • To respond to your requests or questions, such as when you reach out to us using our “Contact Us” page and otherwise when you interact with us;
  • To communicate with you, including to provide you with email alerts, event registrations and other notices concerning our products or services, or events or news that may be of interest to you;
  • To contact you regarding scheduling or appointment reminders;
  • To market and advertise to you, including sending promotional communications via email, text messages, push notification, or other means, to show you advertisements on the Online Services, social media, and other platforms or websites for products and/or services tailored to your interests;
  • To conduct or provide other programs, such as surveys, contests, or promotional campaigns;
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections;
  • As necessary or appropriate to protect the rights, property or safety of us, our clients or others;
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
  • As described to you when collecting your personal information;
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred; and
  • For any other purpose for which you provide consent, or as otherwise required or permitted by law.

 

To Whom We Disclose Your Personal Information

We may disclose personal information to different persons for various purposes, consistent with this Lindora Privacy Policy, which may include the following:

  • The Clinician Partners, in particular with respect to consumer health data and other personal information to facilitate your interaction with such clinicians, to obtain medication, and other health-related service(s) or treatment(s);
  • Our corporate parent and franchisees, including to maintain your membership or our business relationship with you;
  • Vendors and service providers, including who perform certain services and/or support internal, clinic management, or other business operations;
  • Business partners or other third parties, including for promotional purposes and to serve or display advertising (note that we do not share consumer health data for promotional or advertising purposes;
  • Successor(s) of our business, relating to all or part of the business, to evaluate proposed transaction or conduct a sale, reorganization, merger, acquisition, or other change of control; and
  • Government, regulatory, or investigatory bodies, or other law enforcement entities, including for purposes of complying with applicable law, court order or subpoena.

 

Your Privacy Rights

Depending on applicable laws or the jurisdiction you reside in, you have certain rights regarding your personal information, which may include the right to:

  • Access, know about, or confirm processing of your personal information, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom the business discloses personal information, and the specific pieces of personal information the business has collected about the consumer;
  • Correct inaccurate personal information we maintain about you;
  • Delete your personal information;
  • Receive a copy of your personal information in a portable format, where technically feasible;
  • Opt-out of the “sale” or “sharing” or “targeted advertising” (as these terms are defined under privacy laws applicable to you);
  • Appeal, in connection with a decision made regarding your privacy rights request; and
  • Limit the use and disclosure of sensitive personal information.

Some of these rights may be limited when certain exceptions are provided under applicable laws, including to complete a transaction or to comply with a legal obligation. You will not receive discriminatory treatment for exercising your privacy rights.

You may also enable the Global Privacy Control (GPC) to exercise your opt-out right, which is a tool that communicates your opt-out preferences, if your browser or browser extension supports such a signal. The GPC may apply only to a single browser or device, and you may need to turn on the GPC signal for each browser that you use. For more information about GPC, please visit https://globalprivacycontrol.org/.

 

How to Exercise Your Privacy Rights

To exercise your privacy rights, please submit a request by either visiting and completing our online request form (Your Privacy Choices Request Form) or calling us at (949) 346-3000. To exercise your right to know, correct, and delete personal information, you will need to submit a verifiable request, and we may request additional information to verify your identity before we can respond to your request.

You may designate an authorized agent to submit privacy rights requests on your behalf. Authorized agents will be required to provide proof of their authority to act on your behalf by providing relevant documentation. We may contact you to confirm an authorized agent’s representation and to verify your identity.

 

Additional U.S. State-Specific Privacy Information

You may have additional rights based on your location or jurisdiction of residency, as described below.

For California Residents

In the last 12 months, we have disclosed the categories of personal information listed in “What Personal Information We Collect” for the business purpose(s) identified above, subject to the California Consumer Privacy Act, as amended by the California Privacy Rights Act, and its implementing regulations (collectively, the “CCPA”), as well as California’s Shine the Light Law. The parties to which we have disclosed your personal information include our affiliates and brands, service providers, and third parties to which you have authorized such disclosure.

 

In the last 12 months, we have “sold” or “shared” (as those terms are defined under CCPA) the below categories of personal information to the categories of recipients listed below.

 

 

Categories of Personal Information

Categories of Recipients

Identifiers, including device information and other unique identifiers

Business partners, service providers and third parties, such as advertising networks, analytics and social media networks.

Commercial information

Business partners, service providers and third parties, such as advertising networks, analytics and social media networks.

Internet or other electronic network activity information

Business partners, service providers and third parties, such as advertising networks, analytics and social media networks.

Geolocation data

Business partners, service providers and third parties, such as advertising networks, analytics and social media networks.

 

 

We do not knowingly “sell” or “share” the personal information of individuals under 16 years of age. For more information, please see the section below on “How to Exercise Your Privacy Rights.”

 

 

For Washington and Nevada Consumers and Residents

 

For consumers in Washington and Nevada, please refer to our Consumer Health Data Privacy Policy for additional information about processing your consumer health data and your rights.

 

 

Notice of Financial Incentive

We may provide certain discounts, special offers, benefits, or other rewards as part of our membership, which may be interpreted as a “financial incentive” or “bona fide loyalty program” under certain applicable laws, when we collect your personal information, which may include your name, contact information, address, or birthday. Joining this voluntary program is subject to our Terms and all applicable laws. The value of your personal information may vary depending on the types of special offers, benefits, or other rewards that are available and you choose to participate in, and it is reasonably related to the incentives that we offer. You may withdraw from a financial incentive at any time by contacting us as described below.  

 

How We Protect Your Personal Information

We use reasonable security measures that are designed to protect your personal information from unauthorized access and use, which may include using access controls and using Secure Socket Layer (SSL) technology to encrypt certain sensitive information. Furthermore, we implement additional measures to ensure consumer health data is stored in a secure environment.

 

However, no system of transmission or storage of data can be 100% secure. As such, we cannot guarantee the absolute security of your information. Moreover, we are not responsible for the security of information you transmit to us over networks that we do not control.

 

Retention of Your Personal Information

We retain your personal information for no longer than is reasonably necessary to fulfill the purposes described in this Lindora Privacy Policy or any other notice provided to you at the time your personal information is collected, and to comply with our legal obligations.

 

Children’s Privacy

Our services are not directed to or intended for use by individuals under the age of 16. We do not knowingly collect personal information from individuals under the age of 16.

 

Third-Party Websites

To the extent our website may link to a third-party website, and if you should use such links, we are not responsible for the content of any third-party website, nor for the data collection or handling practices of such third party, as we do not control such sites.  We encourage you to review the privacy policy of any such third-party website.

 

Cookie Policy

We use tracking technologies, such as pixels, cookies, and web beacons to ensure that those using our Online Services have the best possible experience. For more information about our cookie practices, please refer to our Cookie Policy.

 

Do Not Track

Some web browsers allow “Do Not Track” signals or settings, which may allow you to request that you do not want certain information about your web page visits tracked and collected across websites. We do not honor “Do Not Track” signals or settings.

 

Transfer of Personal Information

We are located in the United States. You understand and agree that personal information that you provide to us, or which we collect about you may be transferred to, or processed or stored in, the United States, which may not provide the same level of protection to such information as that of your country of residency.

 

How To Contact Us

If you have any questions about our privacy policies (including this Lindora Privacy Policy or the Lindora Consumer Health Data Privacy Policy), how we process your personal information, or have concerns about how we have handled your prior privacy requests and would like to appeal to us or a state regulator, please email our corporate parent at privacy@xponential.com or contact us at: Phone: (949) 346-3000.

 

Xponential

17877 Von Karman Ave.

Irvine, California 9261

Attention: Privacy

 

Changes To This Lindora Privacy Policy

We may revise or update this Lindora Privacy Policy from time to time, including as required under applicable privacy laws or to incorporate changes to our privacy practices. Updates to this Lindora Privacy Policy will be reflected in the “last updated” date, above.