General & California Privacy Policy


General Privacy Policy

Since 1991, CFF has taken great pride in the relationships that it has developed with its customers. In keeping with this tradition, CFF is dedicated to protecting and respecting your privacy and handling any personal information we obtain from you with care and respect. This General Privacy Policy is designed to answer your questions regarding our privacy policies and principles.

This is the Privacy Policy of California Family Fitness (CFF). Our postal address is: P.O. Box 2960, Orangevale, CA 95662. We can be reached via email at or you can reach us by telephone at 916-987-2030

Visiting Our Website

For each visitor to our website, our web server automatically recognizes only the IP address of your computer. When you visit the CFF Website to manage your MyiClub account, subscribe to fitness program/class schedules, and or sign-up for our Newsletter you may choose to give us basic information: name, email address, mailing address, ZIP code, phone, and credit card numbers. This allows us to process your transactions more efficiently, and ultimately, to give you a higher caliber of customer service. When you visit our website, we may collect more information: your Internet service provider's address, the name of the Web page directing you, as well as your clicks and activity on our site. This tracking data helps us understand how to make our site more available and user friendly to our customers.

Your Service Information

The personal information we collect is intended to offer better customer service and to improve communications. This information you provide can help CFF provide greater security and inform you of products and services that may be of interest.

Secure Information

CFF is proud to be a certified PCI DSS Compliant Service Provider. The CFF website uses Secure Socket Layer (SSL) technology to encrypt personal information such as User IDs, Passwords, and account information over the Internet. Any information provided to you is scrambled en route and decoded once it reaches your browser. We take the following steps to protect our customers' personal information against loss, misuse, and alteration.

Goals PCI DSS Requirements

Build and Maintain a Secure Network

  1. Install and maintain a firewall configuration to protect cardholder data

  2. Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

  1. Protect stored cardholder data

  2. Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

  1. Use and regularly update anti-virus software or programs

  2. Develop and maintain secure systems and applications

Implement Strong Access Control Measures

  1. Restrict access to cardholder data by business need to know

  2. Assign a unique ID to each person with computer access

  3. Restrict physical access to cardholder data

Regularly Monitor and Test Networks

  1. Track and monitor all access to network resources and cardholder data

  2. Regularly test security systems and processes

Maintain an Information Security Policy

  1. Maintain a policy that addresses information security for all personnel

Name Removal From Our Lists At Any Time

To delete your name from the CFF email mailing list, simply contact us by email at or by selecting the “unsubscribe” link at the bottom of any CFF email. Be sure to provide your full name, mailing address, email address, and phone number. We appreciate your patience as it may take up to four weeks to process your request from the date of receipt.

Children's Privacy Statement

CFF adheres to a strict privacy code regarding children and does not knowingly accept personal information from any child. If it is brought to our attention that a subscriber is under age, we will immediately remove all personal and identifiable information from our records in compliance with the Online Children's Privacy Protection Act of 1998. In addition, we will not disclose this information to any other companies.

This children's privacy statement explains our practices with respect to the online collection and use of personal information from children under the age of thirteen, and provides important information regarding their rights under federal law with respect to such information.

    • CFF’s website is not directed to children under the age of thirteen and we do NOT knowingly collect personally identifiable information from children under the age of thirteen as part of our website. If we become aware that we have inadvertently received personally identifiable information from a user under the age of thirteen as part of our site, we will delete such information from our records. If we change our practices in the future, we will obtain prior, verifiable parental consent before collecting any personally identifiable information from children under the age of thirteen.

    • We do NOT knowingly allow children under the age of thirteen to publicly post or otherwise distribute personally identifiable contact information through our website.

    • Because we do not collect any personally identifiable information from children under the age of thirteen as part of our website, we do NOT condition the participation of a child under thirteen in the website's online activities on providing personally identifiable information.

Employee Conduct

The CFF Privacy Guidelines express our absolute commitment to integrity, our related corporate values and ethical standards and the associated business conduct we expect from all our employees. The guidelines include very specific guidelines concerning the safeguarding of confidential information, which includes customer information. In general, these guidelines limit employee access to confidential information, and limit the use and disclosure of such information to specifically authorized processes and transactions. If it is determined that employees have violated the guidelines, corrective action may be taken, including immediate dismissal.


CFF makes reasonable efforts to maintain the security of your personal information in order to prevent unauthorized access to it through the use of technology and internal procedures.

Information Disclosed If Required By Law

If required by law, CFF may provide any and all information we have about you to law enforcement or other government agencies, pursuant to a subpoena, warrant, or other order by a court of competent jurisdiction. In all cases, we will require written documentation of the request, proof of the identity of the law enforcement official making the request, and we will take reasonable steps to authenticate the validity of the request. Any law enforcement or government agency request submitted with less than a court-issued order will be evaluated on a case-by-case basis according to the need and urgency, as well as the particular law enforcement agency making the request.

Privacy Policy Updates

Efforts to bring new services, ideas and partners to benefit our customers may make it necessary for us to create a new Privacy Policy. If this occurs, we will post the new policy on our website. Once posted, the new policy will go into effect immediately, replacing any previously stated policy.

CFF may also amend our current Privacy Policy at any time. If we amend this Privacy Policy to permit material changes in the way we collect, use, and/or share your personal information, we will notify you of such amendment by sending you an email at the last email address that you provided us, and/or by prominently posting notice of such amendment on the websites covered by this Privacy Policy. Any such amendment to this Privacy Policy will be effective thirty (30) calendar days following either our dispatch of an email notice to you or our posting of notice of the changes on the websites covered by this Privacy Policy.

Please note that, at all times, you are responsible for updating your personal information to provide us your current email address. In the event that the last email address that you have provided us is not valid, or for any other reason is not capable of delivering to you the notice described above, our dispatch of the email containing such notice will nonetheless constitute effective notice of the amendment described in the notice. In any event, an amendment to this Privacy Policy may permit material changes in the way we use and share personal information that you provided us prior to our notification to you of such amendment.

The effective date of this CFF General Privacy Policy is January 15, 2020. It replaces all prior privacy policies issued by CFF. We reserve the right to change the CFF Privacy Policy at any time. Any changes to our Privacy Policy will be reflected in the updated version displayed at our corresponding website.

Consent to Receive Telemarketing Calls & Texts

By submitting information, I authorize CFF and ABC Financial Services to deliver to me, at the telephone, cellphone, or email address(es) provided, telemarketing calls, emails and texts and informational calls, emails and texts. I UNDERSTAND THAT I AM NOT REQUIRED TO AGREE TO BE CONTACTED AS A CONDITION OF PURCHASING ANY PROPERTY, GOODS OR SERVICES. I can request to not be contacted by CFF by emailing or calling 1-866-4CALFIT (1-866-422-5348) or writing to the postal address below.

Questions Regarding CFF Privacy Policy

If you have any questions regarding our Privacy Policy, we will do our best to answer them. Here's how to contact us:

Postal: P.O. Box 2960, Orangevale, CA 95662
Phone: 916-987-2030 (Customer Service)
Fax: 916-987-2040
Hours of Operation: Monday-Friday, 8am-5pm, Pacific Standard Time

California Privacy Policy

California Family Fitness (the “Gym”) has developed this California Privacy Policy out of respect for the privacy of our members and visitors to our website. This policy describes the personal information we collect, use, and disclose about individual members and website visitors who are California residents. This policy applies only to California residents who are natural persons; it does not apply to any entities (whether business, non-profit or governmental) or to any person who is not a California resident. For California residents, this policy supplements and modifies, but does not replace, our general Privacy Policy, which can be accessed here:

Whenever you visit our website, we will collect some information from you automatically simply by you visiting and navigating through this site, and some voluntarily when you submit information using a form on the website, request information, or use any of the other interactive portions of our Web site. Through this website, we will collect information that can identify you and/or your activity.

And whenever you communicate, interact or do business with us, whether online or at our Gym locations, we will be collecting personal information from you or about you in the course of our interaction or dealings with you.

The Gym may collect the following categories of personal information about you based on your specific transactions and interactions with the Gym, its website, or its mobile device application (“app”). For each category of information, the business purposes for which we use the information and the third parties with whom we have shared the information in the last 12 months are referenced by a number that coincides with the number in the lists that follow below in this policy.

 Category  Examples  Business Purpose  Sources  Shared in Last 12 Months With
 Personal Identifiers & Contact Information  Name, alias, address, email address, driver’s license number, member ID number, account username and password  1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 16, 17  From you the consumer  A, C, D, E, F, G, H
 Protected Classifications Gender, ethnicity, disability, familial status, language preference  1, 3, 4, 9, 11   From you the consumer A, C 
 Commercial Transactional Data Records of products or services provided, membership history, purchasing history  1, 2, 3, 4, 10  From you the consumer   A, C, F
 Biometric Data Voice recordings of customer calls recorded for training or quality assurance purposes   9 From you the consumer Not shared 
 Internet Activity Browsing history, search history, type of browser used, cookies, device used to access the site, domain name from which our site was accessed  10, 11, 12, 13, 14, 15, 16   Visitors of our website and the device and browser used to access the website
 Geolocation Data IP address   10, 11, 12, 13, 14, 15, 16 Visitors of our website and the device and browser used to access the website  Not Shared 
 Mobile Device Data Information collected when you navigate, access or use any of our websites via mobile device, including device type, software type   10, 11, 12, 13, 14, 15, 16 Visitors of our website and the device and browser used to access the website   E
 Financial Data Credit card, debit, or other payment information  1, 3  From you the consumer   A
 Medical and Health Data Weight, blood pressure, heart rate, allergies, medical conditions, physical injuries, and health insurance related information   1, 4 From you the consumer   G
 Employer Information Employer name, pay stub, employer ID badge, proof of employment verification letter   17 From you the consumer   H
School Information  School name, school schedule, screen shot of school dashboard  17   From you the consumer   H

The Gym may use your personal information and share it with various service providers and third parties for the following business purposes:


Business Reason


To provide services such as personal training and classes


For security and insurance purposes, a copy of the driver’s license is obtained


To process, complete, and maintain records on transactions including registration, gym membership, guest passes, classes, personal trainer sessions, and merchandise


To provide access to childcare, Kidz Klub, or PlaySchool facilities


We retain your selection for Text opt in/opt out to ensure customers who opted out are not sent any text messages


To schedule, manage and keep track of customer appointments


To respond to and address consumer accidents or injuries


To maintain records of when customers decline a service or sale


To respond to consumer inquiries, including gym membership interest, request for information, Customer Support online, phone calls, and in-store inquiries


To provide interest-based and targeted advertising


To improve user experience on our website


To understand the demographics of our website visitors


To detect security incidents


To debug, identify, and repair errors that impair existing intended functionality of our website


To protect against malicious or illegal activity and prosecute those responsible


To verify and respond to consumer requests


To verify qualification for corporate wellness program

The Gym may share your personal information with the following categories of service providers or third-party businesses depending on your transactions or interactions with the Gym:

  1. Financial Institutions
  2. Lead providers
  3. Government agencies
  4. Promotional or other fulfillment vendors
  5. Marketing support vendors
  6. Transaction support vendors (e.g., payment processors)
  7. Does insurance carriers and medical providers
  8. Your employer or school


Do we sell any of your personal information?

The Gym does NOT and will not sell your personal information in exchange for money. However, we may share information with third party websites and social media platforms about visitors to our Website for purposes of targeting advertisements of our products and services to you when you visit other websites. Other than this sole exception, we do not and will not disclose your personal information to any third party in exchange for monetary or other valuable consideration. We do not at any point or under any circumstance sell or otherwise trade the personal information of any minors.


Notice of Right to Opt-Out of Sale of Your Information

While the Gym does not sell your personal information in exchange for money, we may share your personal information for other valuable consideration as described above. This is the only circumstance where your personal information may be disclosed in exchange for valuable consideration. You have the right to tell the Gym NOT to sell your personal information. You have full and free right to opt-out of the Gym’s disclosure of your personal information to any third parties where the disclosure constitutes a “sale” as defined by the California Consumer Privacy Act. You may exercise your right to opt-out without fear of discrimination for doing so. To opt-out of the Gym’s selling of your information, meaning, the Gym will not disclose your information to third parties for any monetary or other valuable consideration, you can do any of the following:

  • Follow this url: to be taken to an online opt-out submission form.
  • Visit any Gym location to request a paper opt-out submission form.
  • If you are unable to submit an opt-out through any of the above methods, please call the Gym’s toll-free privacy line at 1-866-4CALFIT (1-866-422-5348) for assistance and a Gym representative will assist in meeting your needs.

You can have an Authorized Agent submit a request on your behalf if you both come into a California Gym location and provide proof of identity with a driver’s license or passport and provide your consent via mail-in form for the Authorized Agent to complete your verifiable consumer request.

To submit an opt-out through use of an authorized agent you must provide that agent with written permission to submit an opt-out on your behalf. The Gym maintains the right to deny any request from an authorized agent that does not submit sufficient proof that they have been authorized by you to act on your behalf.

In order to verify your identity and respond to your request, the Gym will need you to provide your name, address, email, phone number, and your date of birth. Additional information may be needed such as Member ID number.


Third-party vendors

The Gym may use other companies and individuals to perform certain functions on our behalf. Examples include administering e-mail services and running special promotions. Such parties only have access to the personal information needed to perform these functions and may not use or store the information for any other purpose. Subscribers or site visitors will never receive unsolicited e-mail messages from vendors working on our behalf.


Business transfers:

In the event the Gym sells or transfers a particular portion of its business assets, consumer information may be one of the business assets transferred as part of the transaction. If substantially all of the assets of the Gym are acquired, consumer information may be transferred as part of the acquisition.


Compliance with law/safety:

The Gym may disclose specific personal information based on a good faith belief that such disclosure is necessary to comply with or conform to the law or that such disclosure is necessary to protect the users of our Website, the site itself, or the public.


Use of cookies and other tracking technologies

Cookies are small files that a Website may transfer to a user’s computer that reside there for either the duration of the browsing session (session cookies) or on a permanent (until deleted) basis (persistent cookies) that may be used to identify a user, a user’s machine, or a user’s behavior. We make use of cookies under the following circumstances and for the following reasons:

  • Compile data about site traffic to offer a better Website experience
  • Understand and save visitor preferences for future visits

Do Not Track (DNT) is a privacy preference that users can set if they do not want web services to collect information about their online activity. However, there is currently no universal standard for sending and receiving DNT signals. Due to this lack of universal standard, it would be impossible for us to promise that we comply with all known and unknown DNT standards.

Therefore, we do not respond to DNT signals or other mechanisms that provide a choice regarding the collection of personal information about activities over time and across different Web sites or online services. If a universal standard for DNT becomes available, we may revisit our DNT Policy.


External links:

Our website contain links to other sites. The Gym is not responsible for the privacy practices or the content of such websites. To help ensure the protection of your privacy, we recommend that you review the privacy policy of any site you visit via a link from our website.


Children under the age of 16

Our Website is not intended for children under 16 years of age. No one under age 16 may provide any personal information on the Website. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on our Website. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at the email address below.


Your Rights as a California Consumer:

If you are a California resident, you have the following rights:

  1. Right to Know. The right to request, up to 2 times in a 12-month period, that we identify to you (1) the categories of personal information we have collected, disclosed or sold about you in the last 12 months, (2) the categories of sources from which the personal information was collected, (3) the business purpose for which we use this information, and (4) the categories of third parties with whom we share or have shared your personal information in the last 12 months;
  2. Right to Access. The right to request, up to 2 times in a 12-month period, that we provide you access to or disclose to you, free of charge, the specific pieces of personal information we have collected about you in the last 12 months;
  3. Right to Delete. The right to request, up to 2 times in a 12-month period, that we delete personal information that we collected from you, subject to certain exceptions;
  4. Right to Opt-Out. The right to opt-out of the sale of your personal information to third parties;
  5. The right to designate an authorized agent to submit one of the above requests on your behalf. See below for how you can designate an authorized agent; and
  6. The right to not be discriminated against in receiving different or less favorable pricing, service or financial incentive for exercising any of the above rights.


You can submit any of the above 4 types of consumer requests by any of the 2 options below:

  1. Submit an online request on our website at
  2. Call our privacy toll-free line at 1-866-4CALFIT (1-866-422-5348).


How we will verify that it is really you submitting the request:

When you submit a Right to Know, Right to Access, or Right to Delete consumer request through one of the methods provided above, we will ask you to provide some information in order to verify your identity and respond to your request. Specifically, we will ask you to verify information that can be used to link your identity to particular records in our possession, which depends on the nature of your relationship and interaction with us. For example, we may need you to provide your name, address, email, phone number, Member ID number, and your date of birth. If your sole interaction with us was as a website visitor, then in order to verify your identify, we will need to ask you to provide your name, email, phone number, IP address, device ID, browser ID, and/or cookie ID.


Responding to your Right to Know, Right to Access, and Right to Delete requests

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 45 days or 90 days total from the date we receive your request), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding our receipt of your verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.


Responding to your consumer request to opt-out of the sale of your personal information

We will act upon a verifiable consumer request to opt-out within fifteen (15) days of its receipt. We will notify all third parties to whom we have sold personal information within 90 days of our receipt of your request that you have exercised your right to opt-out and instruct them not to further sell the information. We will notify you when this has been completed by mail or electronically, at your option.

A request to opt-out need not be a verifiable consumer request. However, we may deny a request to opt-out if we have a good faith, reasonable, and documented belief that a request to opt-out is fraudulent. If we deny your request to opt-out, we shall inform you of our decision not to comply and provide an explanation as to why we believe the request is fraudulent.


If You Have an Authorized Agent:

You can have an Authorized Agent submit a request on your behalf if you both come into a California Gym location and provide proof of identity with a driver’s license or passport and provide your consent via mail-in form for the Authorized Agent to complete your verifiable consumer request.


Questions About the Policy

If you have any questions about this privacy policy, go to or call 1-866-4CALFIT (1-866-422-5348).

**This policy was last updated January 15th, 2020.