Privacy Policy
✶ Draft — the wording needs to be completed and legally reviewed before launch.
1. Data controller
Add who the controller of personal data is (business name, registered office, company ID) and the contact for the responsible person.
2. What data we process
At registration and booking we process name, email and booking details. Add the full list of processed data.
3. Purpose and legal basis
Describe the purposes of processing (account creation, booking facilitation, communication) and their legal basis under GDPR.
4. Health questionnaire
Some sessions require a health questionnaire. This is a special category of data — add the purpose, legal basis (consent) and how this data is secured.
5. Retention period
Add how long each type of data is kept and when it is deleted.
6. Your rights
You have the right to access, rectification, erasure, restriction of processing, portability and objection. Add how to exercise them.
7. Contact
Add the email where rights can be exercised or questions about privacy can be raised.