Peloton Biometric Data Privacy Policy
Last Updated: March 22, 2024
Peloton Interactive, Inc. together with our affiliates (“Peloton”, “we”, or “us”) respects you/our members’ privacy and we are committed to protecting it. This Policy provides our practices regarding the collection, use, disclosure, storage, retention, destruction, and security of Biometric identifier(s) and Biometric Data (collectively referenced herein as “Biometric Data”). For more information about our general practices regarding the processing of your personal data, please see the Peloton Privacy Policy. Peloton is committed to complying with applicable laws and regulations when processing Biometric Data, including those laws and regulations that may require Peloton to provide notice or obtain consent prior to processing what some laws and regulations may deem Biometric Data. Members may withdraw their consent at any time by contacting us as described below.
Definitions
"Biometric Identifier" means a retina or iris scan, fingerprint, voiceprint, scan of hand or face geometry, or other unique biological patterns or characteristics. Biometric identifiers do not include writing samples, written signatures, human biological samples used for valid scientific testing or screening, demographic data, tattoo descriptions, or physical descriptions such as height, weight, hair color, or eye color.
"Biometric Data" means the measurement or technological processing of any data, regardless of how it is captured, converted, stored, or shared, based on an individual's biometric identifier that identifies a consumer, whether individually or in combination with other data to identify an individual. Biometric Data does not include data derived from items or procedures excluded under the definition of biometric identifier.
Sharing and Disclosure of Biometric Data
Peloton will obtain a member’s consent and release prior to sharing Biometric Data with vendors, service providers, or partners who are contracted to perform services directly related to the purpose of the collection of the Biometric data. Vendors, service providers, and partners who have access to Biometric Data are required to keep the information secure, confidential, and are restricted in their use of the data.
Peloton will not disclose, redisclose, or otherwise disseminate Biometric Data unless:
- authorized by the member or an authorized representative of the member to whom the Biometric Data relates;
- needed to complete a financial transaction requested or authorized by the individual;
- required by law or municipal ordinance;
- required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction; or
- as required under applicable law, necessary for the establishment, exercise or defense of legal claims of wherever courts are acting in their judicial capacity.
Personalized Experiences: Automated Decision-Making
We may process your Biometric Data to make automated decisions about you. We carry out this processing for the purposes of providing workout recommendations to you based on our inferences about your preferences and practices, including for example recommendations about certain muscle exercises based on your previous exercises.
Subject to local legal requirements and limitations, you can contact us to request further information about automated decision-making, object to our use of automated decision-making, toggle off “Personalized Experiences” in your app or on your fitness unit (see here for more information), or request an automated decision to be reviewed by a human being.
Security
Safeguarding Biometric Data is important to us. While no systems, applications or websites are 100% secure, we strive to establish reasonable systems, policies and procedures to protect Biometric Data from loss, destruction, misuse, and unauthorized access, acquisition, disclosure or alteration.
Retention and Destruction
Peloton will securely destroy Biometric Data within the sooner of a reasonable time after the initial purpose for collecting or obtaining such data has been satisfied. If Biometric Data is maintained by a vendor on our behalf we will instruct them to destroy the Biometric Data.
Where permitted under applicable law, Peloton will retain Biometric Data if required to do so per a valid warrant or subpoena issued by a court of competent jurisdiction or if necessary for the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity.
What Biometric Data is Collected and Purposes for Collection
Biometric Data can be temporarily processed to support the functionality of the Services. Peloton will obtain a member’s consent prior to uploading or sharing such Biometric Data.
We collect Biometric Data such as pictures (if you choose to upload a profile picture), videos, voice recordings, or physical characteristics that are collected in connection with Services you consent to use; for example, characteristic movements to better assist your exercise form. While these could be considered biometric information under relevant law, we do not use them to identify you.
Why do we process your Biometric Data?
We may process your Biometric Data to:
Analyze your performance: We may use Biometric Data captured through Peloton Guide to compare past and current performances and provide you with analytics about your progress over time.
Provide workout recommendations: We may recommend workouts to you based on our inferences about your preferences and practices, including for example recommendations about certain muscle exercises based on your previous exercises. Recommendations may include information derived from Biometric Data we collect from you, and involve the use of automated decision making (see above for more details).
Understand you: We may use your voiceprint to understand your voice commands and, if you opt in, to improve our abilities to understand voice commands in general when you are using Peloton Guide.
How to contact us?
If you have any questions or would like to contact us or our Data Protection Officer, you can do so by email at privacy@onepeloton.com or at the addresses below.
U.S. and Canadian residents:
Peloton Interactive, Inc.
441 Ninth Avenue, Sixth Floor
New York, NY 10001
USA
Attn: Legal Department
UK residents:
Peloton Interactive UK Ltd.
Orion House
5 Upper St Martin’s Lane
London WC2H 9EA
United Kingdom
Attn: Legal Department
Australia residents:
Peloton Interactive Australia Pty Ltd
20 Martin Place
Sydney NSW 2000
Attn: Legal Department