Last updated April 2020
This policy lets you know what happens to any personal information you give to me, or any I may collect.
Who I am, and how to contact us about data protection
Claire Hindley Pilates is a data controller of your personal data. Please contact me if you have any questions or if you do not wish me to process your data anymore; please contact me at firstname.lastname@example.org.
When you book a class or private session, you will need to complete a Par-Q form, the information collected will be:
Personal and contact details including history such as first name, surname, email, address and phone number
Your date of birth, gender and age
Family members (if they also use my services and products)
Emergency contact information
Information about your health – only when relevant to the provision of my services to you
Purchase information – including products you currently hold with us and/or have purchased in the past
Visit information – including past and future appointment and class attendance dates
Marketing information including history of communications with you by email, and whether you open them or click on links
Due to COVID-19 classes are now streamed online via ZOOM. You will need to provide this information and I will do a verbal disclaimer as the start of the class to ensure that you are responsible for any other member of your family to participate.
My Personal Data Philosophy
I follow industry agreed best practice data collection, processing and storage for any data I collect from you and I only collect it if it is necessary to provide you with one of my services or if I think it will help improve my service to you.
Other than the disclosures referred to in this policy, I will not disclose any personal information without your permission unless I am legally entitled or obliged to do so (for example, if required to do so by court order or for the purposes of prevention of fraud or other crime).
My policy is not to share data unless necessary to manage your bookings with me. I never have, and never will, sell your data.
What I use your personal information for and the legal grounds for doing do
Where it is needed to provide you with my products or services, such as:
Administer and manage the product or service you have with me
To process new bookings you make and the management of your client account
All stages and activities relevant to managing the product or service you have with me
To monitor and keep records of interactions with you and staff
To improve the quality of the service provision to you
Where it is in our legitimate interests to do so, such as:
For management and auditing of business operations
For market research and analysis
To develop new products and services and review/improve current products and services
To comply with our legal obligations
To understand any injuries, illnesses or medical conditions you may have to ensure your health and safety in the use of our services and products
Although I do not make it compulsory to give every item of information I ask for and will always make it clear what information is and is not optional, the more information you volunteer (and the more accurate it is), the better I can tailor your experience.
What to do if your personal information changes
I aim to keep our information about you as accurate as possible. If you would like to review or change the details you have supplied, you may do so at any time, simply by contacting me.
How long I retain your personal information for
I will ask for an update on your personal information every 6-12months. I will retain your information for as long as I have reasonable business needs and in line with legal and regulatory requirements or guidance. My insurance requires me to hold medical information for 7 years.
You have the right to object to certain purposes for processing, in particular to data processed for direct marketing purposes and to data processed based on our legitimate interests.
You have the right to request access to personal information we store about you and to obtain information about how we process it.
You also have the right to request that we erase all personal data about you (“right to be forgotten”) To do any of the above please contact me.
I collect Cookies from you when you visit my website. These are small text files that are downloaded onto a computer, tablet or mobile device when someone visits a website. They allow the website to recognise that visitor's device and store some information about the visitor’s preferences or past actions on our site. I collect cookies so I can analyse how you and others use the site so I can improve it for you and understand my business. You can switch off cookies in your browser.
Third parties I share personal data with and why – and links to their Privacy Policies and Security Policies (where relevant)
My company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows me to sell my services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.