HomeKnowledge base › Gyms and member data
Fitness

Gyms and fitness clubs: destroying member data

A gym's member files and intake forms ready for confidential destruction

A gym or fitness club processes more sensitive data than it seems: contact details and payment data for the direct debit, but also intake forms with questions about injuries, heart conditions and medication use. Those health questions make part of the member file special-category personal data. This guide shows, by part, what you keep, when it may go and how to destroy it confidentially.

The quick answer: the administration and direct-debit details you keep for seven years for the tax retention obligation. The membership file you keep while the membership runs and for a short period afterwards. An intake form with health questions is special data that you treat separately. What may go disappears confidentially and with a certificate.

Why a gym processes health data

A gym feels like a simple business, but at the intake it quickly becomes about health. A PAR-Q or intake form asks about injuries, cardiovascular conditions, medication use and sometimes a goal like losing weight or rehabilitating. That is health data, and under the GDPR that is special-category personal data with stricter rules. In addition you process payment data for the direct debit, which also makes the file financially sensitive.

The GDPR requires storage limitation. Do not keep the health questions longer than necessary for safe supervision, and clear them out as soon as that purpose has lapsed. Only the tax administration has a fixed period of seven years.

Retention periods by part

The period differs per type of data. The overview below gives the main line. Count the tax period from the end of the financial year and the other periods from the end of the membership.

PartStarting pointPeriod
Administration and invoicingTax retention obligation7 years
Direct-debit and payment dataTied to administration7 years
Membership contractWhile membership runs+ short period
Intake form with health questionsSpecial-category datadestroy finely
Training and progress dataWhile there is supervisionpurpose-bound
Correspondence and draftsNo retention obligationclear out at once

Use this as a guideline, not a final legal ruling. When in doubt about a specific file, consult your data protection officer or adviser. The tax side is in the 7-year tax retention obligation.

Intake forms and health questions

The intake form is the most sensitive part of the member file. Questions about injuries, heart conditions or medication are health data and should be secured separately, accessible only to whoever does the supervision. As soon as a member cancels or the purpose of the intake has been served, this information should disappear at a fine level. That way you avoid the whole file inheriting the longest period of its most sensitive part.

Also watch out for paper intake forms that stay at the desk or in a binder. They contain the same sensitive data and should be destroyed confidentially afterwards, not into the paper bin.

Cancelled members and trial memberships

Gyms see a lot of turnover: trial classes, day passes and cancellations. Data from all those people often lingers in the system, even long after they have left. For a cancelled member, only the tax administration has to be kept for seven years. The rest, such as contact details, the intake form and training data, you clear out as soon as the membership has ended and there is no longer a purpose. Keeping it to send an offer one day is not a valid ground without consent.

How to handle it in 6 steps

  1. Split the file into administration, contract, health data and training data.
  2. Treat the intake form separately and at a fine destruction level.
  3. Assess per member whether the membership has ended and the short period is past.
  4. Clear out trial and day-pass data without a purpose confidentially at once.
  5. Collect what may go in sealed containers, not in the paper bin.
  6. Have it destroyed confidentially with a certificate and record it in your register.

Destroy confidentially with a certificate

Member files are destroyed confidentially, because they contain health data and payment data. The paper and any data carriers travel sealed and stay that way until destruction, so the chain is closed. An old membership-administration computer or backup belongs with it too.

Afterwards you receive a certificate of destruction with the date, quantity and level. That certificate is your proof towards the GDPR that you acted carefully. Record the destruction in your record of processing. We collect within 20 km of Amsterdam with no call-out charge, work nationwide through pooled collection rounds and charge a fixed price per box or roll container. Drop-off on site is not possible; it works by appointment through collection.

Member data to be destroyed?

Tell us what you have and you get a fixed price. We collect it sealed, destroy it at the right DIN level and you receive a certificate for your GDPR file. No call-out charge within 20 km of Amsterdam.

Request a quote

Common mistakes

  • Keeping cancelled members' data just in case. After the end of the membership the purpose lapses.
  • Treating the intake form as ordinary paper. Health questions are special data.
  • Leaving trial and day-pass data in the system. Without a purpose it should be cleared out.
  • Throwing away unshredded. An intake form on the street is a reportable data breach.
  • Keeping no proof. Without a certificate you cannot demonstrate the destruction.

Frequently asked questions

How long does a gym keep member data?

The administration and direct-debit details fall under the seven-year tax retention obligation. The membership file itself you keep while the membership runs and for a short period afterwards, after which it may go.

Is an intake form with health questions special data?

Yes. Questions about injuries, heart conditions or medication use in an intake or PAR-Q are health data and therefore special-category personal data. Treat them separately and destroy them at a fine level as soon as they are no longer needed.

How long do I keep a cancelled member's data?

Only the tax administration you keep for seven years. The other data, such as contact details and the intake form, you clear out as soon as the membership has ended and there is no longer a purpose.

How do I destroy gym files in line with the GDPR?

Confidentially and with a certificate of destruction. Paper and data carriers travel sealed and the destruction is recorded in the record of processing.

Conclusion

A gym processes health and payment data of many members, with a lot of turnover. Keep the administration seven years, keep the membership file while the membership runs and shortly afterwards, and treat the intake form with health questions separately. What may go you have destroyed confidentially at a fine level, with a certificate as proof. That way you keep nothing too long and protect your members' health data.

Read also: tattoo and piercing studios: destroying consent forms, beauty salons: destroying client data, sports clubs: GDPR and member administration and the GDPR retention periods cheatsheet.


Have member data collected? Request a quote via desnipperaar.nl. Within a few minutes you have a fixed price, including a certificate as proof.

Related guides: Riding stables: destroying customer data.

Also relevant: Sauna and wellness: destroying customer data.