Privacy policy

Dynamic is part of Tacx B.V. Please read the full Privacy policy of Tacx here for more information about the storing of data on, usage and possibilities of your Tacx account.

Your privacy is important to us. Therefore, we a have a few fundamental principles:

  • we don’t ask you for personal information unless we truly need it.
  • we don’t share your personal information with anyone except to comply with the law, develop our products and services and provide you with our products and services, or protect our rights.
  • we treat your personal information with the highest regard to privacy and security.

This privacy policy applies to the Dynamic websites and related services (the “Site”), currently accessible at https://dynamic-cycling.com. The following statement (the “Privacy Policy”) discloses the guidelines Tacx has established for protecting the information you provide to Tacx during your visit to or use of the Tacx Service. The Site is owned, operated, and maintained by Tacx, e-mail: privacy@tacx.com.


What information about me does Tacx collect and how is it used?
Tacx B.V. (“Tacx”) is the data controller of your personal data in the sense of the EU General Data Protection Regulation. The principles set out in this Privacy Policy apply to all instances in which Tacx receives your personal data as a data controller for the purposes described in this Privacy Policy.

Visiting the Site and setting up a Tacx account
To use the core functionality of the Site and to access any data collected by Tacx, you must first complete the registration form at the Site and agree to our Terms and Conditions to set up a Tacx account. During registration you will be required to provide: personal information such as your name and email address. You can also use your Facebook or Google account to set up a Tacx account. You can then also choose to share some information from these accounts with the Tacx account. You can always choose to remove Tacx from this account to stop sharing this information. Tacx does not knowingly collect information from children under 13 years old. If we or a third party service provider requires a birth date to order a specific product or service, you will not be able to enter a birth date that indicates that you are less than 13 years old. If you opt-in for the Dynamic newsletter during registration, Tacx will use your email address to send you newsletters with updates and news about Tacx. You may remove your name from our email list by updating your profile in the Account section or by emailing support@tacxgermany.com. We will respond to your request in a reasonable timeframe, and in any event in less than 30 days.

We also collect data if you make a purchase on our Site. This includes your (shipping) address. If you make a purchase on the Site, we may also ask you for your creditcard and billing information. This personal data is solely processed and handled by our payment providers. Tacx uses a creditcard processing company, Adyen, to process your creditcard information as required for your order and to ensure that your transaction is secure. This processing company does not retain, share, store or use your personally identifiable information for any other purposes. Tacx does not have any access to the personal data collected by this creditcard processing company.

Contacting customer service
When you contact our customer service for help, we collect your name and email address and any information you may provide us with. We collect and store this personal data to provide you with customer service and to improve the Tacx Service. You may decide to send Tacx personally identifying information in an e-mail message which might contain information or inquiries about the Tacx Service. Tacx will use this information to identify you as a Tacx member and to respond to the electronic mail. Tacx will only use the information obtained to resolve the issue identified in the e-mail. Tacx never sells e-mail addresses. You may change or request deletion of your personal information by contacting support@tacxgermany.com. We will respond to your request in a reasonable timeframe, and in any event in less than 30 days.

Data that you request Tacx to share
You can request Tacx to share your information with other parties. You may for example ask Tacx to link your Tacx account to a third party app, such as Facebook, Strava or Google. Information collected by third parties, which may include such aspects as location data or contact details, is governed by their privacy practices. You should exercise caution, and review the privacy statements applicable to the third-party websites and services you use.

Tacx only collects personal information about you if you voluntarily choose to share it with Tacx. Tacx does not share, rent or sell information concerning Tacx’s members or other users of its Tacx Service to third parties in ways other than disclosed in this Privacy Policy. We have added an extensive list of some third parties to this Privacy Policy.

Data storage and retention
Your personal data is stored by Tacx on its servers, and on the servers of the database management services Tacx engages, located also in the United States. Tacx retains data for the duration of the user’s relationship with Tacx and otherwise as required under applicable law. Personal data will be kept for no longer than is necessary for the purposes for which your personal data are processed. We will retain your personal data as long as you are a Tacx user or require our services so that we can provide these services to you.

At the moment you cancel your Tacx membership or withdraw your consent for the processing of your personal information, all your personal data received and stored are erased if no longer needed by us. Unless we are required to retain this personal data by law or to comply with our regulatory obligations. In such a case, we will only keep this personal data for as long as necessary. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at support@tacx.com. We will respond to your request in a reasonable timeframe, and in any event in less than 30 days.

Cookies
When you visit the Site, a cookie will be stored on your computer. What are cookies? “Cookies” are small pieces of information that are stored by your web browser’s software on your computer’s hard drive or temporarily in your computer’s memory. The use of cookies is an industry standard and can enhance the user experience and your access to information on a website or other online system operated by Tacx. Cookies are used on most major websites. Cookies may enable Tacx to recognize you and personalize your viewing experience on a website or other online system operated by Tacx.

When you visit our Site or Software, we may collect information about the type of device you use, your device’s unique identifier, the IP address of your device, your operating system, the type of internet browser that you use, usage information, diagnostic information, and location information from or about the computers, phones, or other devices on which you install or access our Products or Services. Where available, our Services may use GPS, your IP address, and other technologies to determine a device’s approximate location to allow us to improve our products and Services.

Generally, cookies work by assigning to your computer a unique number that has no meaning outside of Tacx. Tacx’s cookies do not contain any personally identifying information; Tacx uses them to provide features such as personalization, to save your member ID and to keep track of your shopping cart. Tacx may also use cookies to assist it in delivering content specific to your interests. Additionally, after you’ve entered your member ID and password during a session on Tacx’s Site, Tacx saves that information so you don’t have to re-enter it repeatedly during that session. Most web browsers automatically accept cookies, but you can usually change your browser to prevent that. Not accepting cookies may make certain features of the Site unavailable to you. Tacx may use your IP address to identify you, to administer the Site and to assist in diagnosing problems with Tacx’s server.

Tacx also uses cookies to analyze the use of the Site and to match the content of the Site and ads to your preferences. These cookies are placed by Google Analytics and Google AdWords.

  • We use Google Analytics to collect information about Site usage for statistical analysis: Google Analytics uses a collection of cookies to collect Site information and report Site usage in a partly anonymous form.
  • We use Google AdWords Remarketing for targeted marketing to users that visit our Site. Google Remarketing cookies allow Tacx advertising to be served once a user leaves our Site and visits any Google Display Network Partner enabled Site. When you visit an eligible site, cookies are referenced by that site to display our advertising based upon the history of sites visited by your browser. We also use these cookies to assess the effectiveness of our advertising through this medium.

The information that is recorded in Google Analytics and Google AdWords cookies does not contain any information that can identify you personally. Google stores the information collected by the cookies on their servers. Google may also transfer this information to third parties where required to do so by law. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this Site. Tacx does not have access to or control over these third parties or the cookies, web beacons or other technology that these third parties may use. We are not responsible for the security, privacy of the information collected by these third parties or the privacy practices of these third parties or the content on any third party website. You are encouraged to review the privacy policies of these third parties.

You can remove or reject cookies using your browser or device settings, but in some cases doing so may affect your ability to use our products and Services.

If you wish to opt-out from being tracked by Google Analytics on this Site with the effect for the future, please copy and paste the following address in your browser:

https://tools.google.com/dlpage/gaoptout?hl=en.

Like most standard website servers the Site uses log files. This includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the Site, track user’s movement in the aggregate, and gather broad demographic information for aggregate use. IP addresses, etc. are not linked to personally identifiable information. In addition, Tacx uses Google Analytics as a method of tracking site statistics and user behavior on the Site. We have attached an overview of our cookies to this Privacy Policy.

We will not associate identifiers from cookies or similar technologies with sensitive identifiers, such as the race, religion, sexual orientation or health of our users.

To learn more about your ability to manage cookies and web beacons, please consult the privacy features in your browser. In addition, to find out more about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.

Do Not Track
Some browsers include the ability to transmit “Do Not Track” signals. We do not process or respond to “Do Not Track” signals. Instead, we adhere to the standards described in our Privacy Policy.

Tacx will only share your personal information with third parties if:

  • Tacx has your consent;
  • Tacx deems this necessary to provide you with the Tacx Service. All companies are contractually engaged in providing us with services like the purchase of products and services, email management and payment processing.
  • Tacx determines that it is required to do so by law; such as in response to a court order or subpoena;
  • Tacx finds that you are in breach of its terms and conditions or any of its policies or usage guidelines for specific Tacx Services;
  • it is necessary in Tacx’s opinion to do so to prevent, investigate, detect or prosecute criminal offenses or attacks on the technical integrity of the Site or Tacx’s network;
  • it is necessary in Tacx’s opinion to do so to protect the rights, property, or safety of Tacx or its employees, the users of the Tacx Service, or the public; or
  • information about you and your use of the Tacx Service may be aggregated with other information collected via the Tacx Service or otherwise used in ways that do not personally identify you or constitute personally identifiable information. This type of aggregated or statistical information may be used by us to improve the quality of the Tacx Service or for other purposes that we may deem appropriate.

Our processing of your personal information will be legitimized as follows:

  1. Whenever we require your consent for the processing of your personal information such processing will be justified pursuant to Article 6(1) lit. (a) of the General Data Protection Regulation (EU) 2016/679 (“GDPR”). This article in the GDPR describes when processing can be done lawfully.
  2. If the processing of your personal data is necessary for the performance of a contract between you and Tacx or for taking any pre-contractual steps upon your request, such processing will be based on GDPR Article 6(1) lit. (b). If this data is not processed, Tacx will not be able to execute the contract with you.
  3. Where the processing is necessary for us to comply with a legal obligation, we will process your information on basis of GDPR Article 6(1) lit. (c), for example complying in the fields of employment law.
  4. And where the processing is necessary for the purposes of Tacx’s legitimate interests, such processing will be made in accordance with GDPR Article 6(1) lit. (f), for example to detect fraud.

Transferring personal data from the EU to the US
Information we collect from you may be processed in the United States through our Software (Google Cloud Platform). The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GGDPR. A finding of “adequacy” in short means that the European Commission has decided that this country outside the European Economic Area (“Area”) ensures an adequate level of data protection. We refer, to https://cloud.google.com/security/compliance/eu-data-protection/ for more information on the safeguards that Google has in place for the transfer the Google Cloud Platform.

What can I do to help make sure the security works correctly?
Tacx uses bcrypt algorithms to “hash” passwords of users, Tacx does not store its user’s passwords. “Hashing” is the transformation of a string of characters into a value or key, it is a form of encryption. Tacx also uses SSL. The data traffic to the Software (Cloud) is protected by SSL, this also protects the data traffic between the Apps and the Cloud. SSL is a technique used to encrypt the connection between data traffic between for example a website and a server.

To help ensure that these measures are effective in preventing unauthorized access to your private information, you should be aware of the security features available to you through your browser. You should use a security-enabled browser to submit your credit card information and other personal information at the Site or any other Tacx Service. Please note: If you do not use a SSL-capable browser, you are at risk for having data intercepted. Tacx will not be responsible for any compromise of data that is intercepted due to your use of an unsecured browser.

Most browsers have the ability to notify you if you change between secure and insecure communications, receive invalid site identification information for the site you are communicating with, or send information over an unsecured connection. Tacx recommends that you enable these browser functions to help ensure that your communications are secure. You can also monitor the URL of the site you are visiting (secure URLs begin with https:// rather than the normal http://), along with the security symbol of your browser (an open or closed padlock in Netscape or a broken or complete key in Internet Explorer) to help identify when you are communicating with a secure server. You can also view the details of the security certificate of the site to which you are connected. Tacx encourages you to use this to check the validity of any site you connect to using secure communications.

Tacx uses reasonable physical, technical and administrative measures to safeguard personal information you provide through the Tacx Service or in connection with Tacx’s Products and Services.  Please be aware that no data transmission over the internet can be guaranteed to be 100% secure. As a result, Tacx cannot guarantee or warrant the security of any information you transmit on or through the Tacx Service and you do so at your own risk.

Does Tacx offer opt-out or opt-in services?
Yes. If you choose to stop receiving emails from Tacx, please follow the unsubscribe instructions within each email communication or send an email to support@tacx.com. Tacx will process your opt-out and you will receive an e-mail confirming that you have opted-out and that Tacx have stopped using/collecting your personal data as well as deleted it, if the personal data is no longer required by law. In addition, the confirmation email will provide instructions and a service list on how to further avoid providing Tacx with personal data in connection with any Products or Services that you may attempt to use or where applicable, still be permitted to use after you have opted-out. Tacx will not provide or share any mailing lists or other information about you to another company or service for promotional purposes. Any service related emails (to confirm a purchase, etc.) generally do not offer an option to unsubscribe as they are necessary to provide the service you requested.

The rights of users
If you need to correct, amend or delete submitted information that is inaccurate please contact Tacx at support@tacx.com. We will respond to your request in a reasonable timeframe, and in any event in less than 30 days. In addition, you may correct, amend or delete submitted information that is inaccurate by visiting “Edit Profile” on the Site or in the App.

Users have the right to withdraw their consent for the processing of personal data or the further processing of personal data by Tacx at any time. A withdrawal should be sent to Tacx at support@tacxgermany.com. We will respond to your request in a reasonable timeframe, and in any event in less than 30 days.

In addition to the information contained in this Privacy Policy, you may be provided with additional and contextual information concerning particular services or the collection and processing of your personal data upon request.

Users have the right at any time, to know whether their personal data has been stored and can consult Tacx to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, cancelled, updated or corrected, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. You may also ask us to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. You may withdraw your consent for the processing of personal data or the further processing of personal data by us at any time. Requests should be sent to Tacx at the contact information set out below. Users also have the right to lodge a complaint against Tacx with a supervisory authority.

In addition to the information contained in this Privacy Policy, you may be provided with additional and contextual information concerning the Products or Services or the collection and processing of your personal data upon request.

Users have the right to request to obtain and reuse their personal data for their own purposes across different services. Requests should be sent to Tacx at the contact information set out below.

Privacy Policy changes
If Tacx makes changes to any terms or conditions of this Privacy Policy, these changes will be posted on the Site in a timely manner. If Tacx decides to change this Privacy Policy, it will post those changes on this Privacy Policy and other places Tacx deems appropriate, which may include the Site, for a period of time Tacx deems appropriate, so that you are aware of what information Tacx collects, how Tacx uses it, and under what circumstances, if any, Tacx discloses it. We expect most such changes to be minor. Any non-material changes will take effect immediately upon posting of an updated Privacy Policy. However, there may be cases where changes to the Privacy Policy may be more significant. In such cases, We will first provide a more prominent notice. In case of a business transaction in which a portion or all of Tacx’s business is acquired, Tacx will notify you as described above in this paragraph. We will in any case not reduce your rights under this Privacy Policy without your explicit and informed consent.

Your continued use of our Products and Services after the effective date of the Privacy Policy means that you accept the revised Privacy Policy. If you do not agree to the revised Privacy Policy, please refrain from using our Products or Services and contact us to close any account you may have created.

All prior versions of this Privacy Policy will be kept in an archive for your review upon request. More details concerning the collection or processing of personal data may be requested from Tacx at any time. Please see the contact information at the end of this Privacy Policy.

Contact information
Tacx is responsible for this Privacy Policy.
Data controller and owner: Tacx B.V.,

By writing to us: Rijksstraatweg 52, 2241 Wassenaar, The Netherlands
By email: privacy@tacx.com

Thank you for taking the time to read this Privacy Policy. Updated on April 24, 2019

If you have any questions about this Privacy Policy, the practices of the Tacx Service, or your dealings with Tacx, please contact us at privacy@tacx.com

Third parties
The Tacx Service allows for direct interaction with external social networks or other external platform that are outside our control. The interaction and information obtained by the Tacx Service are always subject to the user’s privacy settings for each social network. We are not responsible for the security or privacy of any information collected by other websites or other services. Information collected by third parties, which may include such aspects as location data or contact details, is governed by their privacy practices. You should exercise caution, and review the privacy statements applicable to the third-party websites and services you use. The following third parties may be used by the Tacx Service. We have tried to include an overview that is as complete as possible on all third parties, however, we cannot guarantee the truthfulness and completeness of this overview.

Users can sign in to the Cloud using Google, Facebook or a dedicated Tacx Account. Both Google and Facebook accounts are connected via OAuth2 (OAuth2 is an authorization framework that enables applications to obtain limited access to user accounts) web flows of Google and Facebook. Tacx accounts are handled completely by the Tacx Account backend. Users can also connect their Strava account to their Cloud account (this is part of the Software), the connection is also made via an OAuth2 web flow.

Google Analytics
Google analytics gathers anonymous user data. In particular, it gathers the following data and provides it (anonymously and aggregated) to Tacx:

  • Numbers of users per age group;
  • Numbers of male users;
  • Numbers of female users;
  • Number of users per country;
  • Number of users per device;
  • Number of users per device operating system version:
  • Number of users per users interest group;
  • Number of active users;
  • Time users spend daily;
  • Whether or not users have made a purchase.

Mandrill
Mandrill is used to send emails to specific users. Mandrill contains templates defined by Tacx for several types of email. These are currently two types of email: TCX Export and Password Reset. These templates require the first name of the user and for sending, obviously, the email of the user is required. These data are provided by the Software or account backends. Further data required by these templates is generated by either the account backend or the Software backend. The actual content as it is sent to the user is stored in Mandrill for later reference. In the future, new types of email may require other use of data, logically this data will be provided by the account backend or the Software backend from their storage systems. For sending emails to single users, Tacx uses Mandrill. Some user data is synchronized with Tacx’s MailChimp account for use in the Tacx newsletter.

MailChimp
MailChimp is used for sending newsletters to users, the Software synchronizes with Tacx’ MailChimp account. The Software backend synchronizes, from its data store, the following data with MailChimp: first name, last name, email address, language.

Extensive overview of data that is collected
The following systems may be used by the Software and App for storing user data. We have tried to include an overview that is as complete as possible on all data that is collected and through what settings or Software, however, we cannot guarantee the truthfulness and completeness of this overview.

Various user data is stored in the Tacx Cloud (which is part of the Software). Some of this data is sensitive data. All Tacx applications communicate with, and store their data through, two backend systems:

  • The Cloud backend stores user profile information and training data; and
  • The Account backend is used to authenticate users through email/password combinations and handles the web flow such as the Tacx.com website and TTX applications.

Both these systems store their persistent data in the Google Cloud data store. The Google Cloud data store stores data in the form of entities, which may have one or more indexed fields.

The Cloud data store contains all user profile data, activity, workout and social data.

Account data store
Account data store is storage of Tacx Account credentials and tokens. It contains data used for user authentication based on email and password, and the OAuth2 flow directed towards the Software (for client apps that enter want to get a token from the Software).

Authorization Code
Authorization Code is the code generated when client applications request an authorization code according to the OAuth2 standard.

Client
Client is data for authenticating and authorizing client applications. It contains the following data: (1) Client’s ID, regardless of its validity and; (2) Client’s encrypted secret and prefixes of valid redirect URI (uniform resource identifier) for the OAuth2 web flow.

Cloud data store
Cloud data store is storage of all user profile and training information. It has a search index that duplicates some information.

Cloud File Storage
Cloud File Storage is storage of user profile images. Files in the Cloud File Storage are stored in Protobuf, PNG, or Jpeg format. The PNG and Jpeg files concern profile images uploaded by the user. The following data may be stored in Protobuf files: (1) distances and heights measured in meters; (2) durations measured in seconds; (3) heart rates and cadence measured in Hertz; (4) power measured in Watt; (5) energy measured in Joule and; (6) speed measured in meters per second.

Code Identifier Mapping
Code Identifier Mapping is used to map the code sent when a password reset request is made to the account for password reset.

Email Settings
Email Settings is used to track whether or not the user will receive emails from the Software and which emails to receive. A link is included in each email message that allows the user direct access to its settings without having to log in. The code included in that link is stored in Email Settings Code, which contains the following data for identification: (1) email; (2) expiration data and; (3) user UUID (universally unique identifier).

Email User Id Mapping
Email User Id Mapping maps an email address to a user account.

Payment Notification
Payment Notification is used to manage payment through Adyen. Payment Notification tracks notifications sent by Adyen to the Cloud about payments.

Persistent Token
Persistent Token stores OAuth2 tokens mapped to user accounts.

Subscription
Subscription of a user is tracked, which contains the following data: (1) cancel date if canceled; (2) which subscription this is a continuation of; (3) the type of continuation; (3) creation date; (4) end date; (5) reasons for failure if any; (6) the start date of the original subscription; (7) the payment method; (8) the plan and; (9) the start date.

User
User consists of three fields, namely inactive fields which are once filled in but no longer used, fields for possible future use and fields that are currently in use. For each of these fields, the data collected are categorized as follows:

For a number of fields for possible future use, it contains the following data: (1) address, city, country, postal code and state for billing and delivery purpose and; (2) nickname, phone and website for miscellaneous purpose.

For a number of fields that are currently in use, it contains the following information or data: (1) dates: registration, last modification of profile, possible deregistration; (2) linked accounts: ids for Google, Facebook, Tacx Account; (3) personal information: biography, data of birth, email, first name, last name, location, gender. The latter only if filled in at your Tacx account.

UserCredentials
User Credentials contains the user’s email, first name, and encrypted password.

 

Please read the full Privacy policy of Tacx here for more information about the storing of data on, usage and possibilities of your Tacx account.

Last updated April 24th, 2019.