Privacy Policy (UK GDPR-Compliant)
Last updated: July 2025
Back Harmony Pilates (“we”, “us”, “our”) is committed to protecting the personal data of our clients and site visitors under UK GDPR. This policy explains how we collect, use, and safeguard your data.
1. Personal Data We Collect
Directly from you: name, email, phone number, address, health/medical history (e.g., back pain levels) when you complete the starter quiz, register, or book classes.
Automatically: website usage data, cookies via Google Analytics.
2. Why We Collect It & Our Legal Basis
To manage bookings, deliver classes, and process payments (necessary for contract performance).
To communicate updates, offers, and respond to inquiries (legitimate interest).
With your consent, to send marketing emails (consent basis).
3. Data Sharing & Transfers
We do not sell your data. We may share:
Payment info with Stripe/PayPal for transactions.
Google Analytics for anonymised site stats.
Law enforcement if legally required.
4. Storage & Security
Data is stored securely in password‑protected systems and encrypted tools. Only necessary staff have limited access.
5. Data Retention
We retain your data for as long as you are an active client, plus 7 years for legal/accounting purposes. After that, it's safely deleted.
6. Your Rights
You have the right to:
Access, correct, or delete your data
Restrict or object to processing
Receive a portable copy
Withdraw consent at any time
Contact us at: info@backharmonypilates.co.uk
7. Cookies
Our site uses cookies (strictly necessary and analytical). You can manage cookie settings via your browser.
8. Policy Updates
Any changes will be posted here with the updated date.
© 2025 Back Harmony Pilates.
