ISO27001 Certificare Thumbnail

Click here for our ISO 27001 Certificate


Information Security Video

Image of Paul Simpson
Quality Management Cert Med

Click here for our ISO 9001 Certificate


Dont take our word for it, see below what our clients think of our security....

"We know our data is in safe hands."

"ISO 9001 accredited Legend has a great robust system and good processes in place to support us."

"Legend gives us peace of mind"


Incidents, such as the WannaCry Ransomware attack, and the Pay as U Gym incident have placed an increased industry focus on Information Security. Expert advice indicates that this trend is not going to improve. In addition to this threat, all operators are about to be required to address a number of changes associated with compliance with the new General Data Protection Regulations (GDPR), due to come into force in May 2018. Legend has sought to help customers get ready for the fast approaching GDPR changes through a variety of different programmes which will enable them to better prepare for their GDPR responsibilities.

Documentation Provided for GDPR

Legend GDPR FAQ's
Legend GDPR Toolkit
Legend GDPR Information Document
Legend Personal Data Summary
Legend Register of Processing Activities (ROPA)
Legend Privacy Impact Assessment
Legend Redaction Process
Clear Desk Audit Template
Device Audit Template

Documentation has been sent to key contacts and is available on the Legend Releases Portal.

Information Security/GDPR Briefing Events

Legend have hosted free of charge Information Security/GDPR Briefing Events in London, Manchester, Ireland and Scotland.  Events were provided as a service to Legend customers with an interest and a responsibility for Information Security.  Slides are available on request.

The events aimed to give guidance as to how leisure industry operators can ensure that they meet the new GDPR requirements and also take sensible measures to protect their business from potential cyber attacks. 

Paul Simpson, Legend's Chief Operating Officer and Manager of the ISO 27001 Certified Legend Information Security Management System (ISMS) oversees GDPR for Legend.

Topics Covered

GDPR an Overview
GDPR what are the Threats
Information Security a Culture Change
GDPR Documentation
GDPR an Action Plan

Hayley Richards - Gymbox

"I have now been on 3 talks/events on GDPR and this was by far the most engaging, informative, clear and helpful to us.  We will definitely be using the slides/advice provided in our preparation for May 25, 2018.  Good luck for the remaining events and thanks again for yesterday." 

London July 13, 2017


"I have been to several GDPR/ Information Security events and this one was by far the most relevant and comprehensive - indeed the best I have attended." 

London July 13, 2017

Jon Layton - Halo Leisure

“It was great to see such an unwieldy topic approached from a pragmatic viewpoint with lots of good advice about what we need to be thinking about.” 

Manchester July 20, 2017

Susan Mc Entegart - Corner Shop Gym

 "I was delighted to be a guest of Legend Club Management Systems for their GDPR/Information Security Briefing in Athlone Regional Sports Centre today.  I learnt lots of great info about the impending regulations and how to prepare your business in advance." 

Ireland July 26, 2017

Brian Hogan -Coral Leisure

"Thanks for the event in Athlone last week, I found it extremely useful and the quality and expertise of your presenter really helped get the important messages across and also made the day pass much more quickly than anticipated- it was definitely a very worthwhile experience."  

Ireland July 26, 2017

Ian Dyer – Inverclyde Leisure

“We were happy to host the Legend GDPR Scotland Briefing. The presentation of what is a complex subject was delivered in a highly professional but relaxed manner. I believe that the delegates who attended the event all left with an improved understanding of the major impact this new legislation will have on us all next May.”

Scotland August 23, 2017

Consultancy Services

Paul Simpson is available for consultancy advice on GDPR and related issues please contact to discuss your individual requirements.  All advice is tailored to customer needs. 

Click here to contact Paul

Legend Publications

Paul Simpson has published a number of articles on GDPR with the aim of guiding customers through the murky waters of the new legislation.

HCM Briefing- Preparing for the GDPR

HCM Briefing- Data Matters

Preparing for the GDPR – How to store & secure member data
By Paul Simpson Nov/ Dec HCM, Page 92 and online

IT Pro Portal Data Security Article

Health & fitness industry: Time to take action on data security risks
By Paul Simpson September 15, 2017

Gym Owner Monthly

Time to take action on data security risks  Oct 2017, page 53

HCM - Handle with Care

Handle with care, Oct 2017, page 62

External Help

Advice with GDPR can be taken from the Information Commissioners office and from GDPR specialist members of the legal profession.

Information Commissioners Office

Documents of note are:

Information Commissioners Office Guide to the General GDPR

ICO Guide to the GDPR

Preparing for the GDPR 12 Steps

12 Steps to take now

Data Protection Self Assessment Toolkit

Data Protection Self Assessment Toolkit

Wikipedia GDPR information

Wikipedia GDPR Information

Technical Support

Support Portal
Phone Support:+44 (0)1904 529 575

General Enquiries

Email us: us: 0800 031 7009
Request a Demo
Request a Callback