Privacy Policy for CHRISTUS Wilton P. Hebert Health and Wellness Center

Effective Date: March 28, 2025

1. Introduction

This Privacy Policy describes how Trustmark Mutual Holding Company Health Fitness Corporation* ("HealthFitness", "we", "our", "us"), operating CHRISTUS Wilton P. Hebert Health and Wellness Center ("CHRISTUS HWC") on behalf of CHRISTUS HEALTH SYSTEMS, collects, uses, shares, and protects personal information obtained from individuals who interact with our facilities, services, website (CHRISTUSHWC.org), and mobile applications.

By using our services, visiting our facilities, accessing our website, or using our mobile applications, you acknowledge that you have read and understand the practices described in this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

  • Contact information (name, address, email address, phone number)

  • Demographic information (date of birth, gender)

  • Emergency contact information

  • Membership and payment information

  • Health and fitness information, including:

    • Health history and questionnaire responses

    • Fitness assessments and measurements

    • Exercise and activity history

    • Attendance records

  • Information provided when participating in programs or services

  • Information collected through our mobile application, including usage data

2.2 Technical Information

When you use our website or mobile application, we may automatically collect:

  • Device information (type, operating system, browser)

  • IP address and network information

  • Cookies and similar technologies

  • Usage patterns and preferences

  • Location information (with permission on mobile devices)

2.3 Mobile App-Specific Data Collection

Our mobile application may collect additional information:

  • Device identifiers (such as IMEI, Android ID, or Advertising ID)

  • Mobile device settings and permissions

  • App usage statistics and interaction data

  • Precise location data (only when location services are enabled and with your explicit permission)

  • Camera and photo access (only with permission and when using relevant features)

  • Fitness tracker integration data (when you connect third-party fitness devices)

  • Push notification tokens (to enable notifications if you opt-in)

3. Analytics and Advertising

3.1 Analytics Services

CHRISTUS HWC uses Google Analytics and other third-party analytics services on our website and mobile application to analyze visitor traffic, understand how users interact with our services, and improve our offerings. These services may collect information such as your IP address, device information, browser type, operating system, referring URLs, time spent on pages, pages visited, and app usage patterns.

For more information about how Google Analytics collects and uses data when you use our Site, visit Google's Privacy & Terms page. To opt out of Google Analytics tracking, you can use the Google Analytics Opt-out Browser Add-on.

3.2 Social Media and Advertising

We may use various social media platforms (including but not limited to Facebook, Instagram, YouTube, and Bing) to advertise our services. These platforms may use cookies and similar technologies to collect information about your interactions with our content and provide measurement services and targeted advertisements.

You can manage your preferences for targeted advertising through each platform's settings:

4. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our health and wellness services

  • Process membership applications, renewals, and payments

  • Communicate with you about your membership, classes, events, and services

  • Personalize your experience and deliver content relevant to your interests

  • Develop new features, products, and services

  • Monitor and analyze usage patterns and trends

  • Protect the security and integrity of our facilities, website, and mobile application

  • Comply with legal obligations

5. Information Sharing

We may share your personal information with:

  • CHRISTUS HEALTH SYSTEMS, the owner of CHRISTUS HWC

  • Service providers who perform services on our behalf (payment processors, IT services, email services)

  • Technology partners, including ClubAutomation, who provide essential services for our mobile application

  • Business partners with your consent or as needed to provide services you have requested

  • Emergency medical personnel when necessary for your health and safety

  • Government agencies or other third parties when required by law, regulation, or legal process

We do not sell your personal information to third parties.

6. Data Security

We implement comprehensive security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction, including:

  • Encryption: We use industry-standard encryption protocols (TLS/SSL) to secure data in transit between your device and our servers

  • Access controls: Employee access to personal data is restricted based on job requirements and subject to confidentiality obligations

  • Regular security assessments: We conduct periodic vulnerability testing and security reviews of our systems and applications

  • Secure data storage: Personal information is stored in secure environments with appropriate technical safeguards

  • Payment security: Payment information is processed through PCI-DSS compliant service providers

  • Mobile app security: Our mobile application implements certificate pinning, app transport security, and other safeguards to prevent unauthorized access

While we implement these security measures, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention and Deletion

7.1 Retention Periods

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

  • Membership account information: Retained for the duration of your membership plus 3 years after termination or cancellation

  • Financial transactions: Retained for 7 years to comply with tax and financial regulations

  • Health and fitness data: Retained for the duration of your membership plus 1 year

  • Marketing communications preferences: Retained until you opt-out or request deletion

  • Mobile app usage data: Retained for 18 months to improve app functionality and user experience

  • Technical information (logs, analytics): Retained for up to 26 months

7.2 Data Deletion

Upon request, we will delete or anonymize your personal information when it is no longer needed for the purposes for which it was collected, unless retention is necessary to:

  • Comply with legal obligations

  • Resolve disputes

  • Enforce our agreements

  • Protect our legitimate business interests

When you request deletion of your account or specific personal information:

  • We will verify your identity before processing the request

  • We will permanently delete or anonymize the requested information within 30 days

  • We will instruct our service providers to delete the relevant information

  • Some information may be retained in backup systems for a limited time until the backup is overwritten

To request deletion of your personal information, contact us using the methods described in Section 10.

8. Your Rights and Choices

You have the right to:

  • Access, correct, or update your personal information

  • Request deletion of your personal information, subject to certain exceptions

  • Opt-out of certain communications from us

  • Control app permissions (like location access) through your device settings

  • Disable cookies through your browser settings

  • Limit mobile app data collection by adjusting permissions in your device settings

In addition to the general rights above, depending on your location, you may have additional rights under applicable laws. To exercise these rights, please contact us using the information provided in Section 10.

9. Children's Privacy

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information without parental consent, please contact us immediately, and we will take steps to remove such information and terminate the child's account.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and mobile application and updating the "Effective Date." For significant changes, we may also notify you by email or through an app notification. We encourage you to review this policy periodically.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

CHRISTUS HWC (Wilton P. Hebert Health & Wellness Center)
3030 North St.
Beaumont, TX 77702
Phone: (409) 983-1280
Email: christus.hwc@christushealth.org
Member Services: Visit our front desk during regular business hours

12. Additional Information

For additional information about HealthFitness's privacy practices, please visit: HealthFitness Privacy Policy

For additional information about Trustmark's privacy practices, please visit: Trustmark Privacy Policy

For additional information about CHRISTUS HEALTH SYSTEMS' privacy practices, please visit: CHRISTUS Health Privacy Practices

*HealthFitness is a subsidiary of Trustmark Mutual Holding Company.