What does CCPA Mean for the Fitness Industry?

Regulations are coming—what is your compliance plan?

The General Data Protection Regulation (GDPR) launched May 25, 2018. This law raised the standards for businesses and how they manage their customers’ personal data. GDPR regulates data privacy for businesses in the European Union and companies that target customers in the EU. Effective January 1, 2020 the California Consumer Privacy Act (CCPA) brings similar legislature to U.S. soil.

The CCPA allows any California consumer to demand to see all the information a company has saved on them, as well as a full list of all third parties that data is shared with. Consumers are given new data access, control of their data, data protection, and non-discrimination against opt-out through CCPA. While the law officially went into effect on January 1st, consumers will be able to demand data from the previous twelve months.


Both laws grant customers the right to access:

  1. what information is collected about them
  2. what information is shared or sold
  3. who their information is shared or sold to

Additionally, both CCPA and GDPR allow customers to request their information be deleted from a company’s database. The CCPA is considered “lighter” than the GDPR but still just as important.

How to prepare for CCPA

CCPA and GDPR might not directly affect your health club due to your location or customer base, but these new regulations are indications that tightened privacy laws are coming for everyone. Now is a good time to measure yourself against the laws and see how your business stacks up. Save yourself trouble in the future by doing this work now!

  • Audit your data. Where is your customer data being stored? Is it easy to find individual data?
  • Update your website. Both GDPR and CCPA require businesses to have an opt-in or opt-out option for customers.
  • Communicate with your team. Make sure all relevant parties are informed about the new legislature and make a communication plan for your customers.
  • Be transparent. 91% of customers say they trust companies that are transparent about how they use their customer data. Abide by GDPR and CCPA regulations to build this trust and, in turn, build long-term relationships with valuable customers.

Not sure how to get started with data compliance at your gym? Contact us for help!

. . .

Disclaimer: This article is not intended to be a legal guide to CCPA or give any advice on compliance and Twist Integrations takes no liability. Please discuss any decision you make with an attorney that specializes in CCPA and GDPR compliance.