Data Privacy Policy

Phoenix Freedom is a sole trader business registered with the Information Commissioner’s Office (ICO) in the UK.
We are committed to protecting your personal data in compliance with the UK General Data Protection Regulation (UK GDPR)
and the Data Protection Act 2018.

  1. Your Rights
    Under data protection law, you have rights including the right to access, correct, or erase your personal data.
    If you have any concerns about how your data is handled, you may lodge a complaint with the ICO: www.ico.org.uk.
  2. What Information We Collect
    We may collect and process the following types of personal data:
    – Personal data – e.g., your name, email address, phone number, address, payment details.
    – Sensitive data – e.g., health and clinical information related to services provided.
    – Technical data – e.g., cookies and usage data from your interaction with our website.

  3. How We Use Your Data
    We collect and use your data for the following purposes:
    – To provide and personalise our services to you
    – Internal record keeping and compliance with professional standards
    – To improve our products and services
    – To send promotional emails or updates (if you have opted in)
    – To request feedback or for market research (via email, phone, text, or post)
    – To comply with legal or regulatory obligations

We will only process sensitive health-related data with your explicit consent, or when required by law or to protect your vital interests.

  1. Data Sharing and Third Parties
    We may share your information with:
    – Healthcare professionals (only with your verbal or written consent unless legally required)
    – Technology and service providers used to operate our business
    – Regulatory or legal authorities, where required by law

We use the following third-party systems and services to manage operations and communications. These providers are GDPR-compliant and implement strong security measures:

– Pabau (diary and client record management): https://pabau.com/privacy-policy/
– Gymcatch (class booking system): https://gymcatch.com/privacypolicy/
– Stripe (payment processing): https://stripe.com/gb/privacy
– Google Workspace (email, document storage, calendar): https://policies.google.com/privacy
– Cloud & communication providers:
  – DigitalOcean
  – Amazon Web Services (AWS)
  – SendGrid
  – Txtlocal
  – Telynx

  1. Clinical Record Keeping
    Clinical records are retained for at least 8 years, as required by law and professional guidelines. After this period, your information will be securely deleted from our systems.

We will always seek your consent before sharing any health-related data with third-party healthcare providers unless disclosure is required by law or vital for your wellbeing.

  1. Data Security
    We are committed to keeping your information secure. Measures include:
    – SSL encryption (HTTPS) for secure website browsing
    – Access-controlled systems and secure data storage
    – Regular audits of our data security practices

  2. Cookies
    Our website uses cookies to enhance your experience and gather information about traffic and usage.
    You can choose to accept or decline cookies via your browser settings.

  3. External Links
    Our website may contain links to other websites. Please note that we do not control those sites and are not responsible for their privacy practices.
    You should consult the privacy policies of those websites separately.

  4. Marketing Preferences
    You can manage your preferences regarding marketing communications in the following ways:
    – When filling out forms on our website or through booking platforms, you can tick a box to opt in or opt out of receiving marketing emails.
    – All marketing emails we send will include an “unsubscribe” link at the bottom.
    – You can also contact us directly at: rachel@phoenixfreedom.co.uk

We will never sell or lease your personal information to third parties.

  1. Accessing and Updating Your Information
    You have the right to request a copy of the personal data we hold about you. Requests should be made in writing to:

Phoenix Freedom
Heathfield, Frog Lane, Cuddington
Aylesbury, HP18 0AU
Email: rachel@phoenixfreedom.co.uk

If you believe any information we hold is inaccurate or incomplete, please contact us and we will promptly correct it.

  1. Lawful Basis for Processing Data
    Under UK GDPR, we must have a lawful basis to process your personal data. We may rely on the following:
    – Consent: for marketing and health-related data (with explicit permission)
    – Contract: to provide booked services or respond to enquiries
    – Legal Obligation: to maintain records or comply with tax/legal rules
    – Vital Interests: to protect someone’s life in an emergency
    – Legitimate Interests: to improve services or request feedback

  2. Data Retention
    We retain personal data only for as long as necessary:
    – Clinical records: 8 years from your last session
    – Marketing data: until you opt out or after 24 months of inactivity
    – Booking/payment records: at least 6 years for tax purposes

After this time, data will be securely deleted or anonymised.

  1. Changes to This Policy
    We may update this policy to reflect legal or service changes. The most current version will always be on our website.

If significant changes are made, we will notify you via email or on our website.

Looking to Live Pain Free? Experienced Physiotherapy-Led Pilates in Cuddington amd surrounding villages!

ABOUT OUR STUDIO

Our Pilates studio is fully equipped with advanced Reformer machines and features a serene, spacious environment ideal for all fitness levels.

READ MORE

CLASSES

Our classes are personalised to your fitness goals and skill level, focusing on core strength, flexibility, and recovery.

READ MORE

TERMS

CONTACT US

OUR STUDIO

The Garden Studio,
Heathfield, Frog Lane,
Cuddington, HP18 0AU, UK

CALL US NOW

+ 44 7971 814077

Copyright by Phoenix Freedom Pilates. All rights reserved.