WHAT INFORMATION DO WE COLLECT?
We collect your name, email address, geographical address and other financial information (such as payment card details). This information is collected when you register on our third party booking site, Mind Body, for the reason of your consent and legitimate interest in your signing up to attend yoga classes. If you wish to remove your consent to hold personal data, then you have a right to request that this be removed from our own systems by writing to us at The Hot Yoga Studio, 120 Babylon Lane, Adlington, Lancashire, PR6 9NP.
We may also collect information on your physical condition or health issues (if provided to us by you in written form), which constitutes sensitive data.
From time to time we may ask you for further information, for example if you make a purchase.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visitwww.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
HOW WE MAY CONTACT YOU
We may contact you from time to time with any issues related to your account, to respond to any queries you may have, or to bring you offers and other notifications. The form of contact may be via voice calls, emails, or text messages (SMS) using the contact information that you have provided to us. You can at any time opt out of marketing communications by clicking on the opt-out link embedded within the communication.
HOW WILL WE USE THE INFORMATION WE COLLECT FROM YOU?
Personal information that we collect from you is used to manage your account and in respect of considering your physical suitability to practice hot yoga. Additionally, images and sounds that we collect, including photographs and/or video of you may be used for security purposes and/or journalistic or promotional / marketing purposes. We may also use your information to email you about other products or services that we believe may be of interest to you.
In managing your account we may send your information to fraud prevention agencies.
HOW MIGHT WE SHARE PERSONAL INFORMATION WITH THIRD PARTIES
We will never sell or rent any of your personal information to any third parties for their marketing purposes without your express consent.
The parties with whom we may share your personal information are:
(I) Our contracted service providers who provide services related to the management of your account.
(II) Banking partners including but not limited to credit card issuers and banks processing your orders and transactions.
(III) Credit bureaus and collection agencies to the degree the law allows.
(IV) Business entities with whom we intend to merge or who are seeking to acquire us.
(V) The government, law enforcement, or other third parties if we need to do so in order to meet the requirements set by law or court order; or if we reasonably believe that the sharing of your personal information is necessary to report suspected unlawful activity or to investigate potential or existing breaches of our Terms & Conditions.
ACCESS TO YOUR INFORMATION
You have a right to request a copy of the information we hold on you at any time. Please email us at firstname.lastname@example.org if you would like to receive a free copy of this information, and we will respond in a timely manner, and in any event within one month of the request.
The Company shall ensure that personal data is relevant and limited to what is necessary in relation to the purposes for which they are processed.
The Company shall take reasonable steps to ensure personal data is accurate and where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data is kept up to date.
To ensure that personal data is kept for no longer than necessary, the Company shall put in place an archiving policy for personal data is processed and review this process annually. The archiving policy shall consider what data should/must be retained, for how long, and why.
The Company shall ensure that personal data is stored securely using modern software that is kept-up-to-date.
Access to personal data shall be limited to personnel who need access and appropriate security will be in place to avoid unauthorised sharing of information.
When personal data is deleted this will be done safely such that the data is irrecoverable.
In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, the Company shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the ICO (more information on the ICO website).
In the unlikely event that you think your data has been misused or that the Company has not kept it secure, please contact us and tell them.
If you’re unhappy with our response to that complaint, or if you need any advice, you should contact the Information Commissioner’s Office (ICO).
Telephone: 0303 123 1113
Textphone: 01625 545860
Monday to Friday, 9am to 4:30pm
Information Commissioner’s Office
Wycliffe House Water Lane