Last Modified: November 1, 2019
This Policy describes how we collect, use, and store (“Process” or “Processing”) all forms of your information (“Information”) through our products and Services, as defined below. The “Services” include, but are not limited to, the provisioning of: (i) employees of Exos (or in some cases, independent contractors) (“Exos Staff”), (ii) any software and equipment developed by Exos, which generally does not include any third party vendor software (e.g. Journey, OPS, ESD, Kiosk, Circuit, Performance Quotient, etc.) (“Exos Products”), (iii) solutions related to managing worksite and community fitness centers, (iv) wellness and fitness programs, (v) physical therapy solutions, (vi) elite and professional athletics training and military training, and/or (vii) remedial exercises as agreed upon by you, either directly with Exos or via contractual obligation as agreed upon by your employer, community center, or representative (“Client”).
When you access and utilize the Exos Offerings you agree to the Terms and Conditions of this Policy.
Our Commitment to You
Exos is committed to protecting all Information we Process. Exos will deploy reasonable safeguards aligned with industry standards in order to maintain the security and privacy of all Participants. Exos Staff are trained annually to address protection of Personal Information, and we strive to continually protect our Clients’ and Participants’ Information, while helping our Participants achieve their fitness goals. Exos will continue to practice privacy by design to ensure only the necessary Information is being collected and/or transmitted.
Please note, this Policy does not address the privacy practices of third-parties, including those incorporated through the Services. Please review the privacy policies of any third-parties before you disclose information to them. Through your use of any of the Exos Offerings you consent to these practices when directed to the Policy.
Changes to the Policy
In the event we make material changes involving your Personal Information, as determined in the reasonable discretion of Exos, or we have added new categories of Personal Information into our Information Processing activities, we will update this Policy. We will not materially reduce your rights under this Policy without notifying you.
We may periodically change this Policy without notification to keep pace with new technologies, industry practices, regulatory requirements, and similar reasons. This will be reflected through the date after “Last Modified” at the beginning of this Policy. These changes may include our annual review, additional provisions, or capabilities that do not affect the scope of Processing or categories of Information collected.
If you do not agree to such revised Policy at such time, please refrain from using Exos Offerings, and contact us to close any account you may have created.
Categories of Personal Information
We collect two types of Information: (i) Information that identifies a single individual or is associated with an identifiable individual (e.g. name, postal address, telephone number, email address) (“Personal Information”), and (ii) aggregated or de-identified Information that cannot reasonably identify a single individual (e.g. demographic information (e.g. your age or gender) and other statistical Information) (“Non-Personal Information”). Exos does not knowingly collect Personal Information from individuals under the age of thirteen (note that the minimum age may vary based on country/region and local law). If we become aware that an individual under the age of thirteen has provided Personal Information, we will take all reasonable steps to remove such Personal Information or obtain the appropriate consents.
Personal Information we collect or obtain includes, but is not limited to, the following:
Date of birth
Badge ID number
Emergency contact name
Emergency telephone number
Heart rate threshold or cap
Body mass index
Initial fitness level
Physical assessment scores (VO2 score rating & functional movement screen score)
Nutrition assessment results
Motivation assessment results
Physical activity readiness information
Date and time of visit
Workout data (date, duration, heart rate, and power generated)
Your self-reported answers to questions (e.g. purpose for visiting, current wellness)
Other information either desirable or necessary to provide quality Services
Use of a Service and
Aggregate, Non-Personal Information we collect or obtain includes, but is not limited to:Number of registered members at each fitness location where
Participants of fitness and wellness programs take place (“Facility”)
Types of Services and equipment
Fitness outcome data
Usage data based on hours of operation
Client/customer survey scores
How We Use Personal Information
We collect Information from you for the following reasons and use the Information for the following purposes:
To develop customized training programs based on Participant’s personal history and condition that will track Participant’s progress towards each Participant’s fitness goals and needs.
To customize Participants’ experiences.
To provide Services which you have requested from us.
To track the effectiveness of the Exos system.
To analyze, improve, customize, and advertise use of Exos Offerings.
To provide you with notifications related to your use of any of the Services offered in connection with a Service.
To track the use of a Facility.
To develop, customize, enhance, or provide advertising for Exos Offerings.
To demonstrate Exos’ performance under any agreement established to represent a Participant in the provision of Services that includes, but is not limited to, health and wellness programs, worksite fitness centers, community fitness centers, elite and professional athletic training, military training, physical therapy, and direct fitness center participation (“Agreement”)
For those who have opted-in or visited our public facing website (ex. www.teamexos.com): to send you targeted communications, publications, news, and information about events, special offers, promotions, benefits, and to administer contests, promotions, surveys, and/or sweepstakes.
Exos routinely de-identifies Personal Information and uses such Non-Personal Information for:
Improving Exos’ and our partners’ services and/or Exos Offerings;
The development of new Exos Products or Services; and
The analysis of Exos Products and Services to improve upon Exos Products and Services.
Information Retention and Your Data
Upon the termination of an Agreement between a Client and Exos, all associated Exos Products will be decommissioned, and Exos will stop the collection of Information. Exos will retain certain instances of Information, including Non-Personal Information.
For individuals located in the European Economic Area (the “EEA”), Personal Information collected on a legal basis (e.g. consent, contractual requirements, or due to legal reasons), can be retained for audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements, to maintain our contractual obligations, and for fraud and security monitoring purposes.
As a Participant, you have the ability to access, correct, obtain, opt-out, amend, delete, and stop the Processing of your Personal Information, subject to some limitations. In order to do so, please contact us at PrivacyOfficer@teamexos.com.
Disclosure of Personal Information
Except as set forth in this Policy or as specifically agreed to by you, we will not disclose any of your Personal Information. Exos may disclose Personal Information (to the extent permitted by applicable law):
To a person who, in the reasonable judgment of Exos, is seeking the Information as an authorized Client of the Participant.
In situations where sharing or disclosing your Information is required to perform the Services or fulfill an Agreement between Exos and a Client.
To any other entity that acquires all or a portion of our organization by merger, reorganization, operation of law, or a sale of some or all of Exos’ assets.
To disclose or release your Information by a court or other government authority of competent jurisdiction.
To third-parties that are utilized in connection of the furtherance of the Services (e.g. vendors, service providers, and/or sub-processors).
We will disclose Non-Personal Information for improving Exos’, and our partners’, services and/or products, the development of new Exos Products or Services, and the analysis of Exos Products and Services to improve upon Exos Products and Services.
This section addresses any authorized transfer outside of the EEA, which consists of the EU Member States, Iceland, Liechtenstein, and Norway. We may share your Personal Information with our affiliates or to third-party service providers to assist us with Processing or storing your Personal Information, but only in accordance with the Information Processing and contractual requirements of our Clients. Where we are sharing your Personal Information with a third-party vendor, we take steps to ensure that they use appropriate safeguards to protect your Personal Information. For any transfers outside of the EEA and UK countries, we ensure model contract clauses, as established by applicable law, between the parties transferring data have been established to ensure adequate technical safeguards. We also may disclose your Personal Information (to the extent permitted by applicable law) limited to the amount necessary in situations where the Client has requested Services that require sharing or disclosing your Information and where you have authorized such sharing or disclosure (e.g. providing you with calendar events, sending you newsletters and communications, providing you with education courses, and for other marketing purposes).
Third Party Sub-Processors
The following is an inexhaustive list of current third-party vendors that may either directly or indirectly collect Information from you in their capacity as a processor of Exos. All applicable third-party vendors, as part of the solution to the Services being provided, are required (i) to complete a Data Processing Agreement that establishes model contract clauses (Commission Decision 2010/87/EU), and (ii) to ensure appropriate safeguards are in place to protect your Personal Information. Please review the relevant privacy policies of the appropriate third-party below for further Information on how each third-party handles your Personal Information.
List of Exos’ Sub-Processors (Non-Exhaustive)
Third Party Name
Category of Data
Amazon Web Services
United States and Ireland
Coaches Data (encrypted)
United States and Switzerland
Backup System Infrastructure
Google (Google LLC)
Analytics and reporting of Non-Personal Information
Hosting of Exos Public Facing Website
Teamexos.com Website Visitors
Wistia Media Player
Teamexos.com Website Visitors
Legal Basis for Data Processing
We maintain our legal basis to process your Information through your consent and as described in our Agreement to our Clients. We maintain the most prudent requirements when providing Exos Offerings to you. The requirements include:
Fulfillment of all Participants’ rights to access, rectification, portability, objection/opt-out, withdrawal of consent, and erasure/deletion.
Exos properly maintaining the option for you to opt-out of Exos marketing via Exos Products.
Your ability to automatically opt-out of Information collection using our self-service options on Exos Products.
Fulfillment of your individual requests within thirty (30) days of notification.
Processing of your Information only as described to you under this Policy or as specifically agreed to by you.
We are committed to resolving complaints about your privacy and our collection or use of your Personal Information. All Participants with inquiries, opt-out requests, or complaints regarding this Policy, or the collection, Processing, or use of your Personal Information should first contact the Privacy Officer.
You always have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how we Process your Personal Information.
For any questions regarding opt-out requests, complaints, or the collection, Processing, or use of your Personal Information, please refer to the below contact information:
Exos Data Protection Officer
U.S. Domestic Number:
Attention: Exos Privacy Officer
2629 E. Rose Garden Lane, Phoenix, AZ 85050, USA
You can contact the manager staff at the Facility to which you are a Participant of. They will contact the Exos Privacy Officer on your behalf.
Opt-out Request Instructions
If you wish to opt-out, there are two available options. Within the Exos Product, Journey, there is a self-service tool for any Participant to perform the opt-out request, provide re-verification, and choose if you would like a file for portability. In the event that the Participant is unable to use the self-service portal, a request can be submitted to the Privacyofficer@teamexos.com. In such an event, we will respond, verify your account, determine if you would like a file for portability, and ensure you understand that by proceeding further you will be unable to use the Exos Products, but you will still be able to use the Facility.
Authorized Agent Requests
If you utilize an authorized agent or a representative on your behalf to submit an opt-out request, we must obtain verifiable proof that the authorized agent represents you. The authorized agent can submit the opt-out request by emailing PrivacyOfficer@teamexos.com. We will respond, verify your account and authorized agent, and provide further instructions on completing an opt-out request. We recommend only using an authorized agent, when you no longer have access to your email account registered with Exos Products, as this may require additional steps to verify your representative.
Last Modified: November 1, 2019
Definition of Cookies
Website and Application Analytics
You can refuse the use of Google Analytics by clicking on the following link. An opt-out cookie will be set on the computer, which prevents the future collection of your data when visiting: Disable Google Analytics.
Cookie and Pixel Tracking Policy
Types of Cookies
These Cookies are strictly necessary to provide you with our Web-Services, and to enable essential features, such as providing shopping cart or live chat functionality. If you disable these Cookies, we will not be able to fulfill your requests.
Performance and Functionality of Cookies
These Cookies collect Information about how you use our Web-Services and allow us to remember the choices you make while browsing. The Information these Cookies collect allows us to optimize our Web-Services and make them easier for you to use, and it does not personally identify you. If you disable or opt-out of these Cookies, you may not be able to use certain features of our Web-Services, and it may reduce the support or Information that we can provide you.
Analytics and Customization Cookies
Exos utilizes these Cookies to collect Information we use in aggregate form to help us understand how our Web-Services are performing, how effective our marketing campaigns are, and to help us customize our Web-Services. If you disable or opt-out of these Cookies, you may not be able to use certain features of our Web-Services, and it may reduce the support or Information that we can provide you.
Exos utilizes these Cookies to collect Information about your browsing or shopping history. Additionally, these Cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that advertisements are properly displayed, and in some cases, selecting advertisements that are based on your interests. We may share this Information with third-parties to help create and deliver advertising personalized to you and your interests. If you disable or opt-out of these Cookies, you may not be able to use certain features of our Web-Services, and it may reduce the support or Information that we can provide you.
Social Networking Cookies
Exos utilizes these Cookies to enable you to share pages and content on our Web-Services through third-party social networking and other websites. These Cookies may also be used for advertising purposes.
In addition to using Cookies, a Web-Services or other online system operated by any of us may employ “pixel tracking”, a common process which may be used in connection with advertisements and/or internal tracking. Pixel tracking involves the use of pixel tags that are not visible to the Participant and consist of a few lines of computer code. Pixel tracking allows us to compile aggregate and specific usage statistics. A “pixel tag” is an invisible tag placed on certain pages of websites that is used to track a Participant’s activity for the purposes of the Service. We may access these pixel tags to identify Participant activity. If you utilize the Web-Services or other online system operated by us, and we link you to another website, we may also be able to determine that you were sent to and/or transacted with a third-party website. Your Information may be compiled in aggregate for use in our marketing and research.
Cookies Placed by Third Parties
You may also encounter Cookies on our public-facing website (e.g. www.teamexos.com). We may also allow third-parties to place Cookies on our public-facing websites to track Information about your online activities and/or across third-party sites or online services, including to send you targeted advertisements based on that Information, which may include the remarketing of Web-Services that you have viewed on our websites and on third-party websites.
Controlling and Opting-Out of Cookies
Your browser or device may offer settings that allow you to choose whether browser Cookies are set, and ability to delete them. For more Information about these controls and to exercise your cookie preferences, visit your browser or devices’ help material.
Do Not Track
Some browsers include the ability to transmit “Do Not Track” signals. We do not Process or respond to “Do Not Track” signals. Instead, we adhere to the standards described in our Policy and this Cookie Statement.