5 Star Fitness

Privacy Policy

Last updated: June 2026

1. Who We Are

This application is operated by 5 Star Fitness(the “Business”), the organisation responsible for your personal information (an APP entity under the Australian Privacy Act 1988). The application is built and maintained by AI Plan Consultingas a technical service provider acting on behalf of the Business.

For data protection queries, contact: robert@aiplanconsulting.ai

2. What Data We Collect

We collect and process the following personal data:

  • Identity data: First name, last name, date of birth, gender
  • Contact data: Email address, phone number, emergency contact details
  • Health data: Body weight, body fat percentage (sensitive information under the Australian Privacy Act 1988)
  • Attendance data: Session check-in records with timestamps
  • Programme data: Enrolment status, goals, photo submission tracking

3. How We Handle Your Data

  • Health data (weight, body fat): Recorded only when you choose to participate in a weigh-in — participation is entirely voluntary. Measurements are used solely to support your fitness programme and are not shared with third parties or used for marketing. As sensitive information under the Australian Privacy Act 1988 (APPs), this data is handled with enhanced care.
  • Attendance data: Collected to deliver the fitness programme you have enrolled in and to allow your trainer to follow up if attendance drops.
  • Contact data: Used to communicate with you about your programme (scheduling, session reminders, and trainer follow-ups). It is not used for marketing.

4. How We Use Your Data

  • Recording and displaying your session attendance
  • Tracking weight and body composition progress during programmes
  • Generating competition leaderboards and programme awards
  • Identifying low attendance for follow-up by your trainer
  • Contacting you about your programme
  • Emergency contact in case of injury during sessions

5. Data Sharing

Your data is shared only with:

  • Trainers: Can view your name, attendance, and measurements to deliver sessions
  • Other clients at the session: On the self-service check-in screen, your first name and surname are visible so you can identify yourself in the roster. The page is only reachable via a per-session link distributed at the venue and is limited to a short time window around the session; no other personal data is shown there.
  • AI Plan Consulting: As the technical service provider, with access for system administration only
  • Supabase (hosting): Data stored on Supabase infrastructure with encryption at rest

We do not sell, rent, or share your data with third parties for marketing purposes.

6. Data Retention

Your personal data is retained for the duration of your engagement with 5 Star Fitness plus 2 years. After this period, personal data is anonymised or deleted. Aggregated, non-identifiable data (e.g. programme statistics) may be retained indefinitely.

7. Your Rights

Under the Australian Privacy Act 1988 (APPs), you have the right to:

  • Access: Request a copy of all personal data we hold about you
  • Correction: Request correction of inaccurate or out-of-date data
  • Deletion: Request deletion of your data where it is no longer needed
  • Data export: On request, we can provide your data in a machine-readable format (JSON)
  • Complaint: Lodge a complaint with the OAIC (Australia) — oaic.gov.au

To exercise any of these rights, contact robert@aiplanconsulting.ai. We aim to respond within 30 days.

8. Data Security

  • All data transmitted over HTTPS (TLS 1.2+)
  • Database encrypted at rest
  • Role-based access control (trainers vs administrators)
  • Comprehensive audit logging of all data changes
  • Rate limiting and brute force protection on authentication
  • Health data (weight, body fat) treated as sensitive information with enhanced protections

9. Overseas Storage

Data is stored on Supabase infrastructure, which may be located outside Australia. Where data is held overseas, we take reasonable steps to ensure it is handled consistently with the Australian Privacy Principles (APP 8).

10. Changes to This Policy

We may update this privacy policy from time to time. Significant changes will be communicated via the application. The “last updated” date at the top of this page indicates when it was last revised.

Back to login