Free & Fast Delivery when you spend £99

Privacy Policy

NRS Innovations Limited t/a JTX Fitness
Last Updated: 08/04/2026

1. Introduction

At JTX Fitness (a trading name of NRS Innovations Limited, company number 06839865, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you visit our website at jtxfitness.com, use our services, make a purchase, or otherwise interact with us.


We are committed to complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (PECR). Where we refer to “GDPR” in this policy, we mean the UK GDPR as retained in UK law.


For the purposes of data protection law, NRS Innovations Limited is the data controller of your personal information. Our registered address is Unit 3, Harbour Way, Shoreham-by-Sea, West Sussex, BN43 5HZ.
For any data protection queries, please contact our Data Protection Lead (DPL) via our Contact Page.

 

2. Personal Information We Collect


We may collect and process the following categories of personal data, depending on how you interact with us:


Information You Provide Directly


•    Identity Data: name, title, date of birth.
•    Contact Data: postal address, email address, telephone number.
•    Account Data: username, password, preferences, and settings if you create an account.
•    Transaction Data: details of products you have purchased, returned, or exchanged, payment confirmation, and order history.
•    Communications Data: any information you include when you contact our customer support team or leave a product review.

 

Information Collected Automatically


•    Technical Data: IP address, browser type and version, operating system, device information, and other unique identifiers.
•    Usage Data: information about how you interact with our website, including pages visited, products viewed, items added to your cart or wishlist, and browsing patterns.

 

Information from Third Parties

We may receive personal data from our service providers (such as Shopify, payment processors, and delivery partners), marketing partners, and publicly available sources, where permitted by law.

Financial Information: credit/debit card details and payment information are processed securely by our third-party payment processors (such as Stripe and Shopify Payments). We do not store your full card details on our systems.

 

3. Lawful Basis for Processing

Under UK GDPR, we must have a valid lawful basis for processing your personal data. The bases we rely on are:

•    Performance of a Contract (Article 6(1)(b)): to fulfil orders, process payments, arrange delivery, handle returns and exchanges, and provide customer service.
•    Legal Obligation (Article 6(1)(c)): to comply with tax, accounting, and regulatory requirements (e.g. HMRC record-keeping obligations).
•    Legitimate Interests (Article 6(1)(f)): to improve our website and services, detect and prevent fraud, ensure network security, and provide relevant product recommendations. We only rely on legitimate interests where your rights do not override our interests.
•    Consent (Article 6(1)(a)): for marketing communications (where you have opted in) and for the use of non-essential cookies. You may withdraw consent at any time (see Section 9).

4. How We Use Your Personal Data

We use your personal data for the following purposes:

•    Order fulfilment: processing and delivering your orders, managing payments, and facilitating returns and exchanges.
•    Customer support: responding to your enquiries, resolving complaints, and managing warranty claims.
•    Account management: creating, maintaining, and securing your account if you choose to register one.
•    Website improvement: analysing usage patterns to improve website functionality, content, and user experience.
•    Marketing: sending promotional communications by email where you have opted in. You can unsubscribe at any time using the link in our emails. We may still send non-promotional messages relating to your orders or account.
•    Fraud prevention and security: detecting, investigating, and preventing fraudulent or illegal activity and protecting the security of our website and systems.
•    Legal compliance: meeting our obligations under applicable laws and responding to valid legal requests.

We will never sell or trade your personal data to third parties for their own marketing purposes.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and analyse website traffic. You can manage your cookie preferences at any time using our Cookie Consent Management Tool, accessible via the “Manage Cookies” option on our website.
For full details about the cookies we use, their purposes, and how to control them, please see our separate Cookies Policy.

6. Who We Share Your Data With

We may share your personal data with the following categories of third parties, strictly for the purposes described in this policy:

•    Shopify: our e-commerce platform provider, which hosts our website and processes transactions on our behalf. Shopify also acts as an independent data controller for certain processing activities related to its platform. For more information, see the Shopify Consumer Privacy Policy.
•    Payment processors: such as Stripe and Shopify Payments, which securely handle payment transactions.
•    Delivery and logistics partners: courier and shipping companies that fulfil and deliver your orders.
•    Analytics providers: such as Google Analytics, which help us understand website usage (see our Cookies Policy for details).
•    Marketing platforms: where you have consented to marketing, we use email marketing platforms to send communications.
•    Review platforms: such as Trustpilot, to enable verified customer reviews.
•    Professional advisers: including accountants, auditors, and legal advisers where necessary.
•    Law enforcement and regulators: where we are required to do so by law, or to protect our rights or the rights of others.

All third-party service providers are required to process your data in accordance with our instructions and applicable data protection law. Where they act as data processors, we have appropriate contracts in place under Article 28 of the UK GDPR.

7. International Data Transfers

Our website is hosted by Shopify, whose servers are located in Canada, the United States, and other countries outside the United Kingdom. This means your personal data may be transferred to and processed in countries outside the UK.

Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place, including:

•    UK International Data Transfer Agreements (UK IDTAs) or addendums to EU Standard Contractual Clauses, as approved by the UK Secretary of State.
•    Transfers to countries or territories that the UK has determined provide an adequate level of data protection.
You can contact us for further information about the specific safeguards applied to international transfers of your data.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our standard retention periods are:

•    Order and transaction data: 6 years from the date of the transaction, as required for tax and accounting purposes under HMRC rules.
•    Customer support records: up to 2 years after the expiry of any applicable product warranty.
•    Marketing data: until you withdraw your consent or unsubscribe.
•    Account data: for as long as your account remains active, and for a reasonable period thereafter to allow you to reactivate.
•    Website usage and analytics data: in accordance with the retention periods set out in our Cookies Policy.

When personal data is no longer required, it is securely deleted or anonymised.

9. Your Rights Under UK GDPR

As a data subject, you have the following rights under UK data protection law:

•    Right of Access (Article 15): request a copy of the personal data we hold about you.
•    Right to Rectification (Article 16): request correction of inaccurate or incomplete personal data.
•    Right to Erasure (Article 17): request deletion of your personal data where there is no compelling reason for us to continue processing it.
•    Right to Restrict Processing (Article 18): request that we limit the processing of your personal data in certain circumstances.
•    Right to Data Portability (Article 20): request a copy of your data in a structured, commonly used, machine-readable format.
•    Right to Object (Article 21): object to processing based on legitimate interests or for direct marketing purposes.
•    Right to Withdraw Consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact our Data Protection Lead via our Contact Page. We will respond within one month, as required by law. In complex cases, we may extend this by a further two months, and we will notify you if this is necessary.

For data processed by Shopify as an independent controller, you may also exercise your rights via the Shopify Privacy Portal.

10. Children’s Data

Our website and services are not directed at children under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us and we will take steps to delete it.

11. Data Security and Breach Notification

We implement appropriate technical and organisational measures to protect your personal data, including:

•    Secure website encryption (HTTPS/TLS).
•    Access controls to limit data access to authorised personnel only.
•    Regular monitoring of our systems for security threats.
•    Secure payment processing through PCI DSS-compliant third-party providers.

No method of transmission or storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security. We recommend that you do not share your account credentials with others and that you use a strong, unique password.

If a personal data breach occurs that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay. We will also report the breach to the Information Commissioner’s Office (ICO) within 72 hours where required under Article 33 of the UK GDPR.

12. Third-Party Websites and Links

Our website may contain links to third-party websites and services (such as Trustpilot, social media platforms, and payment providers). These third parties have their own privacy policies, and we are not responsible for their practices or content. We encourage you to read their privacy policies before providing any personal data to them.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the revised policy on our website and update the “Last Updated” date at the top of this page. Where changes are significant, we will take reasonable steps to notify you.

14. Contact and Complaints

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

NRS Innovations Limited t/a JTX Fitness
Unit 3, Harbour Way
Shoreham-by-Sea, West Sussex, BN43 5HZ


Contact JTX Fitness

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

Rated Excellent on Trustpilot
Fast & Free Delivery over £99
Longer Warranties, Fewer Worries
Visit Our Showroom

My Basket

   0 Products

Your Basket is Empty.