Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Zenrez is a US based marketing platform for fitness and wellness studios. It markets unsold class spots, drives bookings through paid channels and uses a JavaScript pixel on partner studio sites to track funnel performance. For European studios using Zenrez, the platform raises GDPR and ePrivacy obligations on cookies, consent, profiling of class attendees and transfer of personal data to the United States.
Zenrez is a US marketing platform dedicated to fitness, yoga, pilates, hiit and wellness studios. It fills empty class spots through paid acquisition on Meta, Google and TikTok, runs retargeting on past attendees, and powers landing pages and offers. Its JavaScript pixel sits on partner studio websites and captures booking funnel events that are matched with Zenrez''s marketplace and ad inventory.
IP address, user agent, click identifiers, UTM parameters, attendee email and phone provided at booking, hashed identifiers for advertising matching, class identifier, studio identifier, time slot, attendance status and conversion value. Behavioural cookies persist across visits to follow the booking journey.
The Zenrez pixel sets non strictly necessary cookies and shares data with a third party for advertising. Article 5(3) ePrivacy requires prior consent. Class attendance data can imply health context (prenatal yoga, rehabilitation pilates), which raises the sensitivity bar and reinforces the need for transparent information and minimisation.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Capture explicit consent for the Zenrez pixel as advertising tracking. Do not combine it with other purposes. Allow the user to reject as easily as accept. Process attendance data only on a clear lawful basis (performance of contract for the booking itself, consent for marketing).
Zenrez infrastructure is in the United States. EU attendee data is transferred to the US. Transfers must rely on SCCs, on the EU US Data Privacy Framework where Zenrez is certified, and on supplementary measures such as encryption and minimisation.
Sign a DPA, document the US transfer, gate the Zenrez pixel behind consent, separate marketing from booking purposes in the privacy notice, set short retention on attendance data, run a DPIA where wellness data implies health context, and audit the data fields actually shared with Zenrez.
Websites using Zenrez must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is recommended when Zenrez processes EU attendee data at scale. Wellness data, while not strictly health data, often hints at health context (yoga vs hiit, prenatal classes). Document this sensitivity, retention, US transfers and the consent flow.
Sample consent text
We use Zenrez to fill open class spots through paid marketing. Zenrez stores cookies on your device and transfers booking data to the United States under Standard Contractual Clauses. We will only activate the Zenrez pixel if you accept.
Third-party domains contacted
zenrez.comcdn.zenrez.comtrack.zenrez.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| zenrez_vid | persistent | 1 year | First party Zenrez visitor identifier used to track returning visitors and attribute conversions. Requires consent. |
| zenrez_sid | session | session | Session identifier used by Zenrez to group booking funnel events into one session. Requires consent. |
Zenrez places tracking cookies for advertising — comply with GDPR using FlowConsent.
Zenrez sets a first party visitor identifier cookie and a session cookie on the studio website. It may also write localStorage entries to remember campaign and class context across the booking funnel. These cookies are advertising and analytics related and require prior consent.
Yes. The Zenrez pixel writes cookies and shares identifiers with a third party for advertising. Article 5(3) ePrivacy requires prior consent. Booking attendance for a class can imply health context, which reinforces the consent and transparency requirements.
Marketing pixel: consent under article 6(1)(a) GDPR and article 5(3) ePrivacy. Booking processing itself: performance of contract under article 6(1)(b) GDPR. Profiling for retargeting: consent. Sensitive class types: never use as advertising segment without explicit consent.
Yes. Zenrez is a US company with US infrastructure. Attendee data is transferred to the US. Transfers rely on SCCs, the EU US Data Privacy Framework if Zenrez is certified, and supplementary measures such as encryption and access controls.
A DPIA is recommended where Zenrez processes EU attendee data at scale, especially because class types can hint at health context. Document the purpose, retention, US transfer, sensitivity assessment and the consent flow.
Sign a DPA, gate the Zenrez pixel behind a Consent Management Platform, minimise the personal data sent (do not include sensitive class types in marketing segments), short retention, document everything, restrict access and review the integration regularly.
Alternatives include Mindbody Marketing Suite (US), Glofox (Ireland, EU friendly), bsport (France, EU hosting), TeamUp (UK), Cituro (Germany), Wellhub (formerly Gympass) for marketplace exposure, and self managed paid marketing on Meta and Google with consented first party data.
List Zenrez visitor and session cookies with vendor, purposes (advertising attribution, retargeting), retention and legal basis (consent). State the transfer to the United States. Update the cookie policy whenever Zenrez updates its pixel or adds sub processors.