nextaras

Privacy Policy

Last updated: 15th January 2026

Introduction

nextaras S.L. ("we," "our," or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website nextaras.world or use our fitness services.

This policy applies to all personal data processing activities carried out by nextaras in connection with our fitness centre services, website, and related communications.

Data Controller Information

The data controller responsible for your personal data is:

nextaras S.L.
Registration Number: B58294061
VAT Number: ESB73920615
Address: Paseo Marítimo 53, 08641 Barcelona, Catalonia, Spain
Email: privacy@nextaras.world
Phone: +34 936 584 241

Data We Collect

The data we collect includes personal information that you voluntarily provide to us when you register for our services, make an inquiry, or interact with our website. This data collection enables us to provide you with our fitness services and improve your experience.

Personal Information

  • Name and contact details (email address, phone number, postal address)
  • Date of birth and age information
  • Health and fitness information (medical conditions, fitness goals, dietary requirements)
  • Emergency contact information
  • Payment and billing information
  • Membership preferences and service selections

Technical Information

  • IP address and browser type
  • Device information and operating system
  • Website usage data and analytics
  • Cookies and similar tracking technologies

How We Use Your Information

We use of your data is based on legitimate interests, contractual necessity, and your consent where required. We use your information to provide our fitness services, communicate with you, and improve our offerings.

Service Provision

  • Providing fitness training, nutrition coaching, and wellness services
  • Managing your membership and account
  • Processing payments and handling billing
  • Scheduling appointments and classes
  • Monitoring your progress and adjusting programmes

Communication and Marketing

  • Responding to your inquiries and providing customer support
  • Sending service-related notifications and updates
  • Providing health and fitness tips (with your consent)
  • Informing you about new services and special offers (with your consent)

Legal and Business Operations

  • Complying with legal obligations and regulations
  • Protecting our rights and preventing fraud
  • Improving our services and website functionality
  • Conducting business analytics and research

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal bases:

  • Contract: Processing necessary for the performance of our fitness services contract with you
  • Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our services and ensuring security
  • Consent: Processing based on your explicit consent for marketing communications and certain data uses
  • Legal Obligation: Processing necessary to comply with applicable laws and regulations

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

  • Service Providers: Trusted third-party vendors who assist us in operating our business (payment processors, scheduling systems, email services)
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, acquisition, or sale of business assets
  • Emergency Situations: To protect the health and safety of our members or staff

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected and to comply with our legal obligations. Our data retention periods are as follows:

  • Active Members: Personal data is retained for the duration of your membership plus 3 years
  • Former Members: Essential data retained for 7 years for legal and tax purposes
  • Marketing Data: Retained until you withdraw consent or for 3 years of inactivity
  • Website Analytics: Anonymised data retained for 2 years
  • Financial Records: Retained for 7 years in accordance with Spanish tax law

After these periods, we will securely delete or anonymise your personal data unless we are required to retain it for longer periods by law.

Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request transfer of your data to another service provider
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw your consent for processing where consent is the legal basis

To exercise any of these rights, please contact us using the details provided in the contact information section below.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of sensitive data in transit and at rest
  • Regular security assessments and updates
  • Access controls and staff training on data protection
  • Secure data storage and backup procedures
  • Incident response procedures for data breaches

International Data Transfers

Your personal data is primarily processed within the European Union. If we need to transfer your data outside the EU, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses approved by the European Commission
  • Certification schemes or codes of conduct

Cookies and Tracking

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse website usage. For detailed information about our use of cookies, please refer to our Cookie Policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and indicating the date of the last update. We encourage you to review this policy periodically.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Privacy Officer
nextaras S.L.
Email: privacy@nextaras.world
Phone: +34 936 584 241
Address: Paseo Marítimo 53, 08641 Barcelona, Catalonia, Spain

You also have the right to lodge a complaint with the Spanish Data Protection Authority (Agencia Española de Protección de Datos) if you believe we have not handled your personal data in accordance with applicable law.