Privacy policy

PRIVACY POLICY

PF FRANCHISING, INC Privacy Policy

Last Updated MARCH 2026

Welcome to the Privacy Policy (the “Policy”) of PF FRANCHISING, INC, and its related, affiliated or subsidiary companies (“Functional Patterns”). The purpose of this Policy is to inform you how we collect, use, and share your information when you provide such information. 

If you are a franchisee, an authorized user of a franchisee, or a customer whose information is entered into our franchisee CRM platform powered by Go High Level, please also review the section titled “Franchisee CRM Platform (Go High Level) – Privacy and Terms Addendum” below, which forms part of this Privacy Policy and describes additional practices specific to that platform.

This Policy is part of the Terms of Service that govern your use of the Sites and our Services. 

When we refer to “you” or “your” in this Policy we mean any individual who interacts or uses our Services. By using the Services, you represent that you understand and agree to this Policy, and consent to the collection, use, and sharing of information as described in this Policy. If you do not consent to our practices, you can choose not to use the Services.

Privacy Policy Changes. We will notify users of material changes to this Policy by updating the effective date and, where required, providing additional notice. All changes are effective immediately upon posting. Your continued use of the Services after changes are posted constitutes your acknowledgement of the modified privacy policy and agreement to abide and be bound by that privacy policy. For reference, the effective date of this Policy is posted at the top of this page. Therefore, it is important that you periodically check this page for changes made to this Policy. 

INFORMATION WE COLLECT

Information You Voluntarily Provide

PROJECT FUNCTION collects information about you when you interact with our Services
including information that you voluntarily provide when you use the Services; register and create an account for any of the Services; complete any survey, questionnaire, application, or other form of information request from PROJECT FUNCTION; purchase our products; provide a personal testimony about your PROJECT FUNCTION experience; sign up to PROJECT FUNCTION community to receive our newsletter; add or update your account information; submit a Contact Us inquiry; log into the Sites or use the Services from one or more of your devices or otherwise interact with the Services. Information that we collect may depend on how you interact with PROJECT FUNCTION and use the Services. A description of the types of information we may
collect is described in detail below.

  • Profile Data such as user name, password, and user settings
  • Personal Identifiers such as name, address, copy of a government issued ID, billing information and social media accounts
  • Contact Information such as your billing address, delivery address, email address, and telephone numbers.
  • Financial Information such as credit or debit card information, payment details, or other payment information.
  • Commercial Data such as order amount, details about the products and services you have purchased, payments you have made, and/or other details of products and services you have purchased from us in the past.
  • Usage Data, includes information about how you use our Site and Services, such as statistics regarding the opening and clicking on emails, and other activities on the Site, including abandoned cart items, referring/exit pages, and clickstream data.
  •  Marketing and Communications Information such as marketing campaign data, click-throughs, your preferences and consent to receiving marketing from PROJECT FUNCTION only your communication preferences, email, phone calls, and text communications.
  • Professional or Employment Information such as information about your job
    position/occupation.
  • Testimonials and Sensitive Data such as your image, age, gender, pre-existing physical conditions, dysfunctions/biomechanics issues, modalities of training done in the past, descriptive information (e.g. weight, medical history, background, progress and benefits from PROJECT FUNCTION), your signature as well as date and time of signature. We do not generally seek to collect sensitive personal information through this Site. In the limited cases where we do seek to collect such personal information, we will do so in accordance with local privacy law requirements. If you choose to provide us with unsolicited sensitive personal information, you consent to our using such data, subject to applicable law. The term “sensitive personal information” refers to the various categories of personal information identified by various privacy laws as requiring special treatment, including in some circumstances the need to obtain explicit consent. These categories may include personal identity numbers, financial account information, racial or ethnic origin, political opinions, religious, philosophical or other similar beliefs, membership of a trade union or profession or trade association, current or past physical or mental health, biometric or genetic data, sexual life, or criminal record (including information about suspected criminal activities).
  •  Audio and Visual Information such as audio recordings and photographs.If you use our Services at a location within our corporate family or franchisees within our corporate family, that location may use CCTV on the premises for health and security reasons in accordance with local privacy law requirements. If you have any queries in relation to the use of CCTV operating in and around those gyms, including your rights to access the CCTV footage under local privacy laws please contact that location. 

Information We Collect When You Use the Services

Automated technologies or interactions: As you navigate around the Sites and/or use the Services, certain information can be collected using various technologies to help us personalize your PROJECT FUNCTION experience. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, time zone setting and location, language preferences, device type and ID, and other technical information from the devices you use to access our Services.

Cookies and Tracking Technologies: We and our service providers use cookies, pixels, and other tracking technology to recognize your browser or device and to capture and remember certain information about your activities on our Services with the purpose of delivering customized and personalized services.

  •  Cookies. A cookie is a small text file that is saved on your web browser when you visit a website. You can view and delete existing cookies through your browser. If you do not want to store cookies on your computer, you can set your browser to refuse cookies or to alert you when cookies are being sent. However, some parts of the Services may not function properly if you choose not to accept cookies.
  • Pixel Tags (aka clear gifs). These are tiny graphics with a unique identifier, similar in function to cookies, which allow us to monitor the use of our Services, for example, to count users who have visited those pages and for other related website statistics. Pixel tags generally work in conjunction with cookies, registering when a particular device visits a particular page. You cannot decline pixel tags; however, if you turn off cookies the pixel tag will simply detect an anonymous visit. In addition, we use pixel tags in our HTML-based emails to let us know which emails have been opened by the recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns.
  •  Analytics. We use third party cookies provided by Google Analytics to assist us in better understanding our Sites’ visitors. These cookies collect IP address and usage data, such as the length of time a user spends on a page, the pages a user visits, and the websites a user visits before and after visiting our Sites. In addition to reporting usage statistics, Google Analytics can also be used to help show more relevant ads on Google properties (like Google Search) and across the web. For more information on Google Analytics, visit Google’s Privacy and Terms.

Information You Provide to A Third Party

We may receive information about you from third parties. We may associate this information with the other information we have collected about you as described in this Policy. The collection, use, and disclosure of information received from third parties may be governed by the third parties’ privacy policies. Please carefully review these third-party privacy policies before submitting your information to a third-party application or otherwise interacting with it to understand how your information may be collected, used, and disclosed by these third parties. We have no control over, and cannot and do not assume responsibility for the data collection and privacy practices employed by any of these third parties or their services.

USE OF YOUR INFORMATION

Our primary purpose for collecting your information is to provide you with the goods and services you request. We may also use your information for the following purposes:

  • Provide you with our goods and Services and to operate our business.
  •  Verify your identity and account information in connection with our goods and
    Services you request.
  • Provide you with required notices, updates about our courses, testimonials, products and services as well as other important information.
  • Provide you with recommendations for products and services that we believe would be of interest to you.
  • Assist you with setting up and managing your account with us.
  •  Resolve disputes and/or questions about our goods and Services.
  • Problem troubleshooting, data analysis, testing, system maintenance, support,
    reporting and hosting data.
  •  Enforce our Terms for use of our Services and the terms of this Policy.
  • Customize, measure and improve our Services and content.
  • For our own internal business purposes.
  • Communicate with you about products, services, updates, events, promotional offers, research, insights, and other information that may be of interest to you from us (excluding via SMS/text messaging, which is reserved for PROJECT FUNCTION direct communications only).
  • Protect our interests, including establishing, exercising and defending legal rights and claims.
  • As necessary to comply with legal requirements, to prevent fraud, to co-operate with law enforcement and regulatory authorities, and to stop other prohibited, illegal, or harmful activities.
  • For purposes disclosed at the time you provide/we request your information or as otherwise set forth in this Policy.

INFORMATION WE SHARE

MOBILE MESSAGING DATA PRIVACY No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. Information sharing to subcontractors in support services, such as customer service is permitted. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services.

Information You Instruct Us to Share

In connection with the Services, you may be presented with an option to have us send certain information to third parties or give them access to it. If you choose to do so, your information will be disclosed to such third parties and all information you disclose may be subject to the third-party privacy policies and practices of such third parties.

In no event will we share Testimonials or Sensitive Data with any third party.

Service Providers

We may use third-party service providers to perform certain business services and may
disclose your information to such service providers as needed for them to perform these business services. Service providers are only allowed to use, disclose, or retain this information to provide these services. Business services provided include, but are not limited to, hosting services, software as a service, document management services, communications services such as email services, software and website development services, analytics services, call center services, and marketing services. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services. 

Legal Process

Subject to applicable law, we may disclose information about you i) if we are required to do so by law, regulation or legal process, such as a subpoena; ii) in response to requests by government entities, such as law enforcement authorities; iii) when we believe disclosure is necessary or appropriate to prevent physical, financial, or other harm, injury, or loss; or iv) for the purposes of cooperation with law enforcement agencies’ and/or in connection with an investigation of suspected or actual unlawful activity. 

COMMUNICATIONS AND OPT-OUT

While we value our communications with you, if you do not want PROJECT FUNCTION or its representatives to contact you for marketing purposes, you may opt-out of this preference at any time by following the unsubscribe instructions included in the email. This opt-out will not apply to operational or informational emails related to your account or other administrative purposes. You may continue to receive promotional email messages for a short period while we process your request

SMS / TEXT MESSAGE COMMUNICATIONS

By providing your phone number and submitting a form on our website or landing pages, you expressly consent to receive SMS text messages from Project Function, including appointment reminders, account notifications, and marketing communications where permitted. SMS consent is collected through website forms and landing pages, where users explicitly agree to receive text communications.

  • Message frequency may vary
  • Message and data rates may apply
  • You can opt out at any time by replying STOP
  • For help, reply HELP or contact us at support@projectfunction.com

We collect SMS consent through website forms, landing pages, and in-person intake forms where users explicitly agree to receive text communications.

We do not share SMS opt-in data or consent with third parties for marketing purposes.

CHILDREN

The Services are intended for adult use only and are not directed towards children, minors, or anyone under the age of 16. If you are under the age of 16, you are not authorized to provide us with any personally identifying information.

USE OF THE SERVICES

By accessing and using the Services, you acknowledge and agree that we control and operate the Services from our offices in the United States of America and that the Services are intended for use by users located in the United States of America. Unless expressly stated to the contrary, we make no representation that the Services are appropriate or will be available for use in other locations. Any use in locations outside of the United States of America will be subject to the laws of that location. 

Franchisee CRM Platform (Go High Level) – Privacy and Terms Addendum

1. Scope and Roles

We provide access to a customer relationship management (CRM) platform powered by Go High Level (the “Platform”) for use by our franchisees and their authorized personnel. This Addendum governs franchisee use of the Platform and supplements our General Privacy Policy and Terms.

For purposes of applicable U.S. privacy and data security laws:

  • We act as business/controller for personal information about franchisees and their users processed through the Platform (for example, franchise owner contact details, account credentials, subscription and billing information).
  • Each franchisee is an independent business/controller for personal information about its customers and leads entered into the Platform (for example, customer names, contact details, appointments, and communications). We and Go High Level act as service providers/processors to that franchisee for such customer data.

Nothing in this Addendum creates an employment, partnership, or agency relationship between us and any franchisee.

2. Categories of Data Processed

Through the Platform we process, on our own behalf and on behalf of franchisees, the following categories of information:

  1. Franchisee account and user data – business contact information, login credentials, roles and permissions, support communications, and usage/activity within the Platform.
  2. Franchisee billing and payment data – billing contact information, subscription details, and payment method or bank information needed to charge monthly fees. Cardholder data is handled via PCI DSS‑compliant payment processors; we do not store full card numbers or CVV codes on our systems.
  3. Customer/lead CRM data – information about customers, prospects, and other contacts that a franchisee chooses to store (for example, names, contact details, marketing preferences, purchase or appointment history, and related notes).
  4. Technical and usage data – IP address, device identifiers, log data, and usage metrics collected through the Platform for security, troubleshooting, and analytics.

Franchisees are responsible for ensuring they only capture appropriate information through the Platform and do not use it to collect highly sensitive data except as permitted by our terms and by law (for example, Social Security numbers, full payment card data, or detailed medical records).

3. How Data Is Used

We use personal information processed through the Platform only as permitted by our agreements and applicable law, including to:

  • Provide, maintain, and secure Platform functionality and related services to franchisees.
  • Create and manage franchisee accounts, authenticate users, and enforce access controls.
  • Process franchisee subscriptions, fees, refunds, and related communications.
  • Monitor performance, detect and prevent fraud or abuse, and improve the Platform.
  • Comply with legal, regulatory, tax, and accounting obligations.

We do not use customer CRM data to independently market our services directly to those customers and do not treat that data as our own for unrelated purposes.

4. Sharing and Transfers

We may share personal information processed through the Platform with:

  • Service providers and sub‑processors, including Go High Level and payment processors, who host, support, secure, or operate the Platform, send communications, or process payments under written contracts that restrict their use of the data to providing services to us and require appropriate security measures. This category excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services.
  • Franchisees, who can see and use CRM data for their own customers and leads in line with their relationship with those individuals and applicable law.
  • Affiliates, professional advisers, and auditors as reasonably necessary to operate our business and comply with legal obligations. This category excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties.
  • Regulators, law enforcement, and other third parties when required by law or to protect rights, safety, or security.

Because the Platform is cloud‑based, data may be stored or accessed from servers in the United States and other jurisdictions. Where required by law, we implement appropriate safeguards for cross‑border transfers.

5. Security, Payment Processing, and Retention

We maintain administrative, technical, and physical safeguards designed to protect personal information processed via the Platform against unauthorized access, loss, or misuse, including encryption in transit, access controls, logging, and regular security reviews.

  • Payment and bank information: Payment card data is handled by PCI DSS‑compliant processors, and we follow industry standards to protect bank details and other financial information needed to bill franchisees.
  • High‑risk data: Franchisees must not use the Platform to store full payment card data, unmasked bank credentials, or other highly sensitive identifiers beyond what is necessary for the services and permitted by our agreements and applicable law.

We retain personal information from the Platform only for as long as reasonably necessary to provide services, meet legal and accounting requirements, and enforce our agreements, after which we delete, de‑identify, or aggregate it as permitted by law.

6. Multi‑State Privacy Compliance and Individual Rights

We structure our privacy practices for the Platform to meet or exceed requirements under U.S. federal law and the consumer privacy laws now in effect across approximately twenty U.S. states (including California, Colorado, Connecticut, Virginia, Utah, Indiana, Kentucky, Rhode Island, and others with similar frameworks).

Where these laws apply, individuals may have rights to request access, correction, deletion, or a portable copy of certain personal information, and to opt out of certain uses such as “sale,” targeted advertising, or certain types of profiling, subject to legal exceptions.

  • Customers of franchisees should first direct privacy requests to the franchisee that collected their information, as that franchisee is the primary controller of their CRM data; we may assist franchisees in fulfilling such requests via Platform tools.
  • Franchisees and their users may submit privacy requests relating to account, billing, or technical information we control using the contact methods described in the “U.S. State‑Specific Privacy Rights” and “How to Contact Us” sections of our General Privacy Policy.

We respond to requests in accordance with applicable state law and do not unlawfully discriminate against individuals for exercising their privacy rights.

7. Franchisee Responsibilities and Acceptable Use

As a condition of using the Platform, each franchisee agrees to:

  • Use the Platform only for lawful business purposes, in compliance with all applicable federal and state privacy, data security, telemarketing, and consumer‑protection laws.
  • Provide its own customers with any legally required privacy notices, consents, and opt‑out mechanisms in connection with its use of the Platform.
  • Configure and manage user access, permissions, and security settings (for example, strong passwords and multi‑factor authentication) appropriately.
  • Promptly notify us of any suspected or actual unauthorized access to Platform data relating to its account and cooperate with us on any investigation or legally required notifications.
  • Refrain from uploading to the Platform any information that is prohibited by our terms or by law, including certain highly sensitive personal or financial information beyond what is necessary for the services.

We may suspend or terminate Platform access, with notice where reasonable, where necessary to protect security, comply with law, or address a material breach of this Addendum or our other terms. 

8. U.S. State‑Specific Privacy Compliance (CRM Platform)

This subsection is intended to satisfy and harmonize the requirements of the growing number of U.S. state consumer privacy laws that apply to our CRM Platform (the “Privacy States”), including, for example, California, Colorado, Connecticut, Virginia, Utah, Oregon, Delaware, New Jersey, Indiana, Iowa, Kentucky, Rhode Island, and other U.S. states with similar laws as they come into effect.

Additional disclosures. For residents of Privacy States, and solely with respect to personal information processed through the Platform, we:

  • Collect and use categories of personal information that generally include identifiers (such as name and contact details), commercial and account information (such as subscription and transaction history), internet or electronic activity information (such as log and usage data), professional information (such as business role), and inferences drawn from these categories, and, where you or a franchisee choose to provide it, limited financial or health‑related information.
  • Process these categories for the business purposes described in this Addendum and our General Privacy Policy, including providing and securing the Platform, processing payments, supporting franchise operations, and complying with legal obligations.
  • Disclose these categories to the types of recipients described above (for example, service providers such as Go High Level and payment processors, franchisees, professional advisers, and authorities where required by law), and we contractually restrict our service providers’ use of personal information to permitted purposes.

We do not knowingly use customer CRM data for our own independent marketing to those customers, and we do not treat that data as being “sold” or used for “targeted advertising” in a way that would require an opt‑out under most Privacy State laws. If our practices change such that a “sale,” “sharing,” targeted advertising, or high‑risk profiling occurs, we will update our notices and provide any required opt‑out or consent mechanisms.

Your Privacy State rights. Subject to exceptions under applicable law, residents of Privacy States may have the right to:

  • Request access to, or a portable copy of, personal information we maintain about them.
  • Request correction of inaccurate personal information.
  • Request deletion of certain personal information.
  • Opt out of:
    • the “sale” of personal information;
    • the use of personal information for targeted advertising; and
    • certain profiling in furtherance of decisions that produce legal or similarly significant effects.
  • In some states, limit or require consent for our use or disclosure of certain “sensitive” personal information (for example, precise geolocation, certain health information, or children’s data).
  • Appeal our decision if we decline to take action on a request, using the process we will provide in our response.
  • We will not unlawfully discriminate against anyone for exercising these rights. 

How to exercise these rights for CRM data.

  • If you are a customer or lead of a franchisee, you should first contact that franchise location, which is the primary controller of your CRM data. We may support the franchisee in responding to your request using Platform tools.
  • If you are a franchisee or authorized user, or if your request concerns Platform account, billing, or technical data that we control, you (or your authorized agent, where permitted) may exercise your rights by using the contact methods described in our General Privacy Policy and indicating that your request relates to “U.S. State Privacy Rights – CRM Platform.”

We may need to reasonably verify your identity (and, where relevant, your authority to act for someone else) before responding. We will respond within the timeframes required by applicable state law and will explain any denial or limitation of your request and how to appeal where that right exists.

Your Privacy Rights Under Certain State Laws 

The following rights apply to general personal information but specifically exclude mobile messaging opt-in data and consent.

Some states including California, Connecticut,  Colorado, Delaware, Minnesota,Montana, Oregon, Tennessee, Texas, Utah,  Virginia,  and Washington have passed data privacy laws that may extend certain rights to individuals  that are described in our Supplemental Website Privacy Notice including:

  • The right to request us to stop sharing your Personal Information to third parties 
  • The right, with some exceptions, to have your Personal Information deleted from our possession or control.
  • The right to correct inaccuracies in your Personal Information.
  • The right to receive equal service and pricing from us even if you exercise any of your privacy rights.
  • Special Notice to Those Who Reside Outside the United States:

Our servers are located in the United States and all personal data is collected and processed by us in the United States. If you are not located in the United States your personal data will therefore be transferred to, processed, and stored in a country outside of the country where you live. By submitting your personal information to us, you are consenting to the processing of your personal information in the United States. Your personal information will only be used by us for legitimate business purposes as set forth in this Privacy Policy.

If you have questions or concerns about these rights and how they relate to this Privacy Policy or the Site, please direct your inquiries to  us at: 

Email address: legal@functionalpatterns.com

Physical Address:
PROJECT FUNCTION LLC
Mailbox #14
Henderson, Nevada 89074.

NOTICE TO CALIFORNIA RESIDENTS

Your California Privacy Rights. California Civil Code Section 1798.83 permits California residents who have provided personally identifiable information to us or our third-party advertisers and marketing partners, if any, to request certain information regarding our disclosure of personally identifiable information to third parties for their own direct marketing purposes. Requests should be submitted via email to legal@functionalpatterns.com and should include CALIFORNIA PRIVACY RIGHTS in the subject line. Please be aware that not all information sharing is covered by the requirements of Section 1798.83 and only information on covered sharing will be included in our response. This request may be made no more than once per calendar year.

Your ‘Do Not Track’ Browser Setting. Some web browsers incorporate a Do Not Track (“DNT”) feature that signals to the websites that you visit that you do not want to have your online activity tracked. At this time, our website does not respond to DNT signals. PROJECT FUNCTION may allow certain third-party advertising partners to place tracking technology, such as cookies and pixels on our websites. This technology allows us and/or third parties to collect personally identifiable information about an your online activities over time and across different websites.


CONTACT INFORMATION

If you have any questions about our privacy practices or this Policy, please contact us at:

Email address: support@projectfunction.com

Physical Address:
PROJECT FUNCTION LLC
Mailbox #14
Henderson, Nevada 89074.