Data protection

Privacy policy

1. Controller

RX Edge Athletics GmbH
Burgholzer Platz 6
60433 Frankfurt am Main
Germany
Email: info@rx-edge.de

2. General Information on Data Processing

We process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable German data protection laws. This Privacy Policy explains the nature, scope, and purpose of the processing of personal data when visiting our website and when using external services.

3. Website Hosting and Server Log Files

Our website is hosted by a European hosting provider.

Data processed

  • IP address
  • Date and time of access
  • Requested page or file
  • Browser type and operating system

Purpose

  • Technical delivery of the website
  • System security and abuse prevention

Legal basis
Art. 6(1)(f) GDPR (legitimate interest)

Retention period
Server log files are stored for a limited period and then deleted.

4. Contact Requests

When you contact us by email or via a contact form, we process the information you provide.

Purpose

  • Responding to enquiries
  • Initiation of a contractual relationship

Legal basis
Art. 6(1)(b) GDPR (pre-contractual measures)

Retention period
Data is deleted once the enquiry has been conclusively handled, unless statutory retention obligations apply.

5. Memberships, Bookings and Waivers via Octiv

Trial sessions, memberships, class bookings, waivers, and contractual administration are handled via the external platform Octiv.

By clicking the relevant links, you are redirected to Octiv’s website. Data processing there takes place within the framework of a data processing agreement.

Data processed (depending on use)

  • Name and contact details
  • Contract and membership data
  • Booking and attendance data
  • Consents and liability waivers

Legal basis
Art. 6(1)(b) GDPR (performance of a contract)

6. Payment Processing via Stripe

Payments are processed via Octiv using the payment service provider Stripe.

Data processed

  • Payment details (e.g. IBAN or card information)
  • Transaction and payment status data

Legal basis

  • Art. 6(1)(b) GDPR (performance of a contract)
  • Art. 6(1)(c) GDPR (legal obligations)

Stripe may process personal data in third countries, in particular the United States. Appropriate safeguards such as EU Standard Contractual Clauses are applied.

7. Health-Related Information (voluntary)

Members may voluntarily provide health-related information (e.g. injuries or physical limitations) to enable safe and appropriate training.

Key points

  • Provision of such data is voluntary
  • No disadvantages arise if the data is not provided

Legal basis

  • Art. 6(1)(b) GDPR (contract)
  • Art. 9(2)(a) GDPR (explicit consent)

Consent can be withdrawn at any time with effect for the future.

8. Embedded Content: YouTube and Google Maps

Our website may include embedded content from YouTube and Google Maps.

When such content is loaded, your IP address is transmitted to Google. Data processing may also take place in third countries.

Legal basis
Art. 6(1)(f) GDPR (legitimate interest in an appealing presentation and location information)

We recommend loading such content only after active user selection (click-to-load).

9. Data Backups

We perform regular backups of our website using a backup plugin. These backups are stored in a cloud storage service provided by Google.

Purpose

  • Data security
  • Recovery in case of technical incidents

Legal basis
Art. 6(1)(f) GDPR (IT security and business continuity)

Due to technical reasons, backups may contain all website data and are deleted according to defined rotation cycles.

10. Cookies and Tracking

Our website does not use cookies for analytics, marketing, or tracking purposes.

No web analytics tools or profiling technologies are used.
A cookie consent banner is therefore currently not required.

11. Your Rights

You have the right to:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)

You also have the right to lodge a complaint with a supervisory authority.

12. Supervisory Authority

The Hessian Commissioner for Data Protection and Freedom of Information
Wiesbaden, Germany

13. Updates to this Privacy Policy

This Privacy Policy will be updated in the event of technical or legal changes.

Last updated: 27.12.2025