Tacx is an innovative company with great passion for sport and technique. This passion drives the organization and can be seen in all departments; from purchasing to production and product development to logistics. Tacx is a member of the Garmin group of companies.
Our products and services provide you access to your fitness and activity training data so you can track your progress and reach your personal goals. As we provide you with our products and services, we are also dedicated to safeguarding your personal data, respecting your rights and giving you choices about how we use your personal data.
What information about me does Tacx collect and how is it used?
Through the Tacx Service, you can share your activities with Tacx. Data collected by Tacx through an activity may contain the following data about you, your:
- date of birth;
- first name;
- last name;
- heart rate threshold, heart rate zones, maximum heart zones, maximum heart rate, resting heart rate;
- profile image;
- user’s universally unique identifier (also known as UUID);
A bike profile can be selected by the user. It is linked to the user via a parent field, and may contain the following data:
- first name;
- last name;
Tacx uses your data to provide you with the Tacx Service and to help you to make the most of your ride. We for example use your height, weight, gender, age and heart rate to estimate how many calories you have burned and to monitor your progress.
Visiting the Site and setting up a Tacx account
To use the core functionality of the Site and to access any data processed by a Tacx Service, you must first complete the registration form at the Site and agree to our Terms and Conditions to set up a Tacx account. During registration you will be required to provide personal data such as your name and email address. You can also use your Facebook or Google account to set up a Tacx account. You can then also choose to share some information from these accounts with the Tacx account. You can always choose to remove Tacx from this account to stop sharing this information.. If you opt-in for the Tacx newsletter during registration, Tacx will use your email address to send you newsletters with updates and news about Tacx. You may remove your name from our email list by updating your profile in the Account section, by emailing firstname.lastname@example.org or by clicking on the unsubscribe link at the bottom of the emails. We will honor your request in a reasonable timeframe, and in any event in less than 30 days.
We also collect personal data if you make a purchase on our Site or any other Tacx Service. This includes your (shipping) address, payment method such as credit card, and billing information. This personal data is solely collected, processed and handled by our payment providers. Tacx uses a credit card processing company, Adyen, to collect and process your credit card information as required for your order and to ensure that your transaction is secure. This processing company does not retain, share, store or use your personally identifiable information for any other purposes. Tacx does not have any access to the personal data collected by this credit card processing company.
Activating a Tacx Product
When you activate a Tacx Product, you will be asked to download the Tacx App or install Software. A Tacx account is required to use Tacx software. When creating your account profile, you will also be asked to provide personal data such as your name, age, gender, height and weight. We use this information to calculate your personalized stats – including distance traveled, speed, heart rate and calories burned.
Adding data to your Tacx Account
You can choose to share information in your Tacx account. This may include information about you such as your equipment and activities, your biking routes, your name, your zip code and e-mail address. If you choose to share any such personal data with Tacx, Tacx may store it and use it for internal research and, with your consent, Tacx marketing purposes, including e-mailing you with special promotions and other programs of interest. If the information is sent as part of a Tacx Service evaluation, Tacx may also use the information to contact you about your comments.
Syncing your Product
If you choose to sync your Product to the Software or App, data about your activities is transferred from your Product to Tacx. Tacx uses this data to provide you with the Tacx Service and also stores this data. We also store data about each transmission that takes place when you sync your Product.
When using location features
Location features such as mapping can be available if you choose to activate this feature. When this feature is active, Tacx collects data such as GPS signals, device sensors, Wi-Fi access points, and cell tower IDs to determine your specific location. This information is stored together with your other account information. When using a mapping feature, your location information will be shared with our mapping service provider to display your location on a map. This information is solely shared for this purpose and will not be used otherwise. You can always choose to deactivate the location feature. Tacx will stop collecting this information when you deactivate this feature.
Contacting customer service
When you contact our customer service for help, we collect your name and email address and any information you may provide us with. We collect and store this personal data to provide you with customer service and to improve the Tacx Service. You may decide to send Tacx personally identifying information in an e-mail message which might contain information or inquiries about the Tacx Service. Tacx will use this information to identify you as a Tacx member and to respond to the electronic mail. Tacx will only use the information obtained to resolve the issue identified in the e-mail. Tacx never sells e-mail addresses.
Interacting with other riders
Tacx allows you to share data, based on your account settings, with other riders who also have a Tacx account. If you enable Live Opponents, you can compare your performance to other Tacx users doing the same ride. Riders participating in Live Opponents will be able to view your activity performance (such as speed, distance, and power) plus your name and profile picture just as you’ll be able to see theirs. Using the Connections feature, you can request to follow the activities of other riders and to allow other riders to follow yours. When posting a message in the Tacx forum, your Tacx account username and profile photo will be visible to others. You are responsible for all information that is shared with other riders.
Data that you request Tacx to share with 3rd parties
You can request Tacx to share your personal data with other parties. You may for example ask Tacx to link your Tacx account to a third party app, such as Facebook, Strava or Google. Personal data collected by third parties, which may include such aspects as location data or contact details, is governed by their privacy practices. You should exercise caution and review the privacy statements applicable to the third-party websites and services you use.
We request individuals under 16 not provide personal data to Tacx. If we learn that we have collected the personal data from a child under 16, we will take steps to delete the information as soon as possible.
Data storage and retention
Your personal data is stored by Tacx on its servers, and on the servers of the database management services Tacx engages, located also in the United States. Tacx retains data for the duration of the user’s relationship with Tacx and otherwise as required under applicable law. Personal data will be kept for no longer than is necessary for the purposes for which your personal data are processed. We will retain your personal data as long as you are a Tacx user or require our services so that we can provide these services to you.
At the moment you cancel your Tacx membership or withdraw your consent for the processing of your personal information, all your personal data received and stored are erased unless we are required to retain this personal data by law or to comply with our regulatory obligations. In such a case, we will only keep this personal data for as long as necessary.
When you visit our Site or Software, we may collect information about the type of device you use, your device’s unique identifier, the IP address of your device, your operating system, the type of internet browser that you use, usage information, diagnostic information, and location information from or about the computers, phones, or other devices on which you install or access our Products or Services. Where available, our Services may use GPS, your IP address, and other technologies to determine a device’s approximate location to allow us to improve our products and Services.
- We use Google Analytics to collect information about Site usage for statistical analysis: Google Analytics uses a collection of cookies to collect Site information and report Site usage in a partly anonymous form.
- We use Google AdWords Remarketing for targeted marketing to users that visit our Site. Google Remarketing cookies allow Tacx advertising to be served once a user leaves our Site and visits any Google Display Network Partner enabled Site. When you visit an eligible site, cookies are referenced by that site to display our advertising based upon the history of sites visited by your browser. We also use these cookies to assess the effectiveness of our advertising through this medium.
You can remove or reject cookies using your browser or device settings, but in some cases doing so may affect your ability to use our products and Services.
If you wish to opt-out from being tracked by Google Analytics on this Site with the effect for the future, please copy and paste the following address in your browser:
We will not associate identifiers from cookies or similar technologies with sensitive identifiers, such as the race, religion, sexual orientation or health of our users.
To learn more about your ability to manage cookies and web beacons, please consult the privacy features in your browser. In addition, to find out more about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit https://www.allaboutcookies.org/
Do Not Track
- Tacx has your consent;
- Tacx deems this necessary to provide you with the Tacx Service;
- Tacx is required to do so in order to comply with a valid subpoena, legal order, court order, legal process, or other legal obligation;
- It is necessary to enforce any of our terms and conditions or policies; it is necessary to pursue available legal remedies or defend legal claims; or it is necessary in Tacx’s opinion to do so to protect the rights, property, or safety of Tacx or its employees, the users of the Tacx Service, or the public.
Our processing of your personal information will be legitimized as follows:
- Whenever we require your consent for the processing of your personal information such processing will be justified pursuant to Article 6(1) lit. (a) of the General Data Protection Regulation (EU) 2016/679 (“GDPR”). This article in the GDPR describes when processing can be done lawfully.
- If the processing of your personal data is necessary for the performance of a contract between you and Tacx or for taking any pre-contractual steps upon your request, such processing will be based on GDPR Article 6(1) lit. (b). If this data is not processed, Tacx will not be able to execute the contract with you.
- Where the processing is necessary for us to comply with a legal obligation, we will process your information on basis of GDPR Article 6(1) lit. (c), for example complying in the fields of employment law.
- And where the processing is necessary for the purposes of Tacx’s legitimate interests, such processing will be made in accordance with GDPR Article 6(1) lit. (f), for example to detect fraud.
Transferring personal data from the EU to the US
Information we collect from you may be processed in the United States through our Software (Google Cloud Platform). We refer, to https://cloud.google.com/security/compliance/eu-data-protection/ for more information on the safeguards that Google has in place for the transfer the Google Cloud Platform. Personal data regarding individuals who reside in a country in the European Economic Area or in Switzerland are controlled by Garmin Würzburg GmbH and processed on its behalf by Tacx B.V. and Garmin International, Inc.
Garmin International, Inc. complies with the EU-U.S. and Swiss-U.S. Privacy Shield principles regarding the collection, use, sharing and retention of personal information from the EEA, U.K. and Switzerland, as described in our EU-U.S. Privacy Shield certification and Swiss-U.S. Privacy Shield certification. Learn more about Privacy Shield.
Garmin International, Inc. is subject to the oversight of the U.S. Federal Trade Commission and remains responsible for personal data transferred to third parties that process it on our behalf. If you have a complaint about our Privacy Shield compliance, please contact us at email@example.com. You can also refer a complaint to our chosen independent dispute resolution body, JAMS, and in certain circumstances, invoke the Privacy Shield arbitration process.
All Garmin companies are required to follow the privacy practices set forth in this Privacy Statement.
What can I do to help make sure the security works correctly?
Tacx uses reasonable physical, technical and administrative measures to safeguard personal information you provide through the Tacx Service or in connection with Tacx’s Products and Services.
Does Tacx offer opt-out or opt-in services?
Yes. If you choose to stop receiving emails from Tacx, please follow the unsubscribe instructions within each email communication or send an email to firstname.lastname@example.org. Tacx will process your opt-out and you will receive an e-mail confirming that you have opted-out and that Tacx have stopped using/collecting your personal data as well as deleted it, if the personal data is no longer required by law. In addition, the confirmation email will provide instructions and a service list on how to further avoid providing Tacx with personal data in connection with any Products or Services that you may attempt to use or where applicable, still be permitted to use after you have opted-out. Tacx will not provide or share any mailing lists or other information about you to another company or service for promotional purposes. Any service related emails (to confirm a purchase, etc.) generally do not offer an option to unsubscribe as they are necessary to provide the service you requested.
The rights of users
If you reside in the European Union, you have the right under the General Data Protection Regulation to request from Tacx access to and rectification or erasure of your personal data, data portability, restriction of processing of your personal data, the right to object to processing of your personal data, and the right to lodge a complaint with a supervisory authority. For more information about these rights, please visit the European Commission’s “My Rights” page relating to GDPR, which can be displayed in a number of languages. If you reside outside of the European Union, you may have similar rights under your local laws.
To request access to or rectification, portability or erasure of your personal data, contact Tacx at email@example.com. We will respond to your request in a reasonable timeframe, and in any event in less than 30 days. In addition, you may correct, amend or delete submitted information that is inaccurate by visiting “Edit Profile” on the Site or in the App.
If you live in the European Union and you wish to exercise your right to restriction of processing or your right to object to processing, contact Garmin’s EU Data Protection Officer at Garmin Würzburg GmbH at Beethovenstraße 1a+b, 97080 Würzburg, Germany or by email at firstname.lastname@example.org. If you do not live in the European Union but you believe you have a right to restriction of processing or a right to object to processing under your local laws, please contact Tacx at email@example.com.
Data Controller and Data Protection Officer
If you reside in a country in the European Economic Area or in Switzerland, then your personal data collected by Tacx is controlled by Garmin Würzburg GmbH, which is located at Beethovenstraße 1a+b, 97080 Würzburg, Germany. Garmin’s EU Data Protection Officer is located at the same address and can also be reached by email at firstname.lastname@example.org. Such personal data is processed on behalf of Garmin Würzburg GmbH by Tacx B.V.
If you reside outside of the European Economic Area and Switzerland, then the personal data collected by Tacx is controlled by Garmin International, Inc., 1200 E. 151st St., Olathe, Kansas 66062, which you can contact by email at email@example.com
The Tacx Service allows for direct interaction with external social networks or other external platform that are outside our control. The interaction and information obtained by the Tacx Service are always subject to the user’s privacy settings for each social network. We are not responsible for the security or privacy of any information collected by other websites or other services. Information collected by third parties, which may include such aspects as location data or contact details, is governed by their privacy practices. You should exercise caution and review the privacy statements applicable to the third-party websites and services you use. The following third parties may be used by the Tacx Service.
Users can sign in to the Cloud using Google, Facebook or a dedicated Tacx Account. Both Google and Facebook accounts are connected via OAuth2 (OAuth2 is an authorization framework that enables applications to obtain limited access to user accounts) web flows of Google and Facebook. Tacx accounts are handled completely by the Tacx Account backend. Users can also connect their Strava account to their Cloud account (this is part of the Software), the connection is also made via an OAuth2 web flow.
Google analytics gathers anonymous user data. In particular, it gathers the following data and provides it (anonymously and aggregated) to Tacx:
- Numbers of users per age group;
- Numbers of users by gender;
- Number of users per country;
- Number of users per device;
- Number of users per device operating system version:
- Number of users per users interest group;
- Number of active users;
- Time users spend daily;
- Whether or not users have made a purchase.
Firebase is used to collect data on errors in Android and iPhone Apps. Firebase and Fabric’s crash analytics track the failures in the Apps. Such error messages always contain a UUID, which is a 128-bit number used to identify information in computer systems, email and full name. Theoretically, error messages may contain more user information that the user entered into the App or gave access to when signing in with Facebook, Google, or by linking Strava.
OAuth2 Account Connections
For each Google, Facebook, and Strava connection, the user has to confirm if he or she wants to share the data that the Software requests with the Software. The user can deny these requests, effectively disabling the connection. When making the connection the Software sends a scope to the OAuth2 provider in question which contains all the information it requests. The scope is as follows:
• Facebook: email and public profile.
• Google: email and profile.
• Strava: write, full reading and writing rights to Strava account of the user.
Mandrill is used to send emails to specific users. Mandrill contains templates defined by Tacx for several types of email. These are currently two types of email: TCX Export and Password Reset. These templates require the first name of the user and for sending, obviously, the email of the user is required. These data are provided by the Software or account backends. Further data required by these templates is generated by either the account backend or the Software backend. The actual content as it is sent to the user is stored in Mandrill for later reference. In the future, new types of email may require other use of data, logically this data will be provided by the account backend or the Software backend from their storage systems. For sending emails to single users, Tacx uses Mandrill. Some user data is synchronized with Tacx’s MailChimp account for use in the Tacx newsletter.
Spotler is used for sending newsletters to users, the Software synchronizes with Tacx’ Spotler account. The Software backend synchronizes, from its data store, the following data with Spotler: first name, last name, email address, language.
Last updated July 3rd, 2019.