BRAVE SPACE YOGA 

WHO WE ARE?
We are Brave Space Yoga and our registered address is Newark, NG23 6AG. If you have any questions about this Policy, or about how we look after your data generally, please contact brave.yogaspace@gmail.com

INTRODUCTION
Brave Space Yoga (‘we’ or ‘us’ etc), are ‘controllers’ of data. This means that, under the Data Protection Act 2018 (the Act) and the EU General Data Protection Regulation (GDPR), we may control and process your personal data. We take privacy very seriously. We are committed to keeping your data secure and processing it fairly and lawfully. We ask that you read this policy very carefully because it contains important information about how we process your personal data.

Personal data

We collect personal data directly from you via our websites or via other communications between us when you make enquiries with us, or when we provide services to you. The data we collect from you is limited to what we need to collect for these purposes and usually includes:

• Your name, address and contact details (usually email address(es), postal address and phone number(s)

• Your communication preferences

• Details of your health to inform the service provided 

• In addition, we may monitor your use of our website through the use of cookies and similar tracking devices. For example, we may monitor how many times you visit, which pages you go to, traffic data, location data and the originating domain name of a user’s internet service provider.

• This information helps us to build a profile of our users. Some (but not all) of this data will be aggregated or statistical, which means that we will not be able to identify you individually. Please see further the section on Use of cookies below.

HOW WE USE YOUR PERSONAL DATA

We are required to have a legal basis for processing your personal information. These are most commonly; to perform or take steps to enter into a contract with you for the purposes of providing you with our services to comply with a legal obligation where we have your explicit consent, freely given where it is necessary for our legitimate interests and these are not overridden by your rights and interests, or the rights and interests of others.
 

When you make an enquiry with us, we may use the personal information for the following reasons:

Follow up your enquiry and provide further information,
To add you to our marketing database, subject to your consent,
To tailor our services, understand how you heard about us, improve our website and adapt our marketing channels.

When you enter into a contract with us, we may use the personal information for the following additional reasons:

To perform the contract,
To communicate with you about the service,
We may use your information to tailor our marketing activity based on your interests and preferences, subject to your consent. We will not use your information to carry out any automated profiling that could have a legal effect on you.

​

We may share your personal information with:

Third parties who provide services to us, such as our solicitors and professional advisors (ordinarily, the lawful basis for doing so is our legitimate interests – GDPR Art. 6(1)(f))

​

Marketing and Opting Out

We will not contact you for the purposes of direct marketing unless you have asked us to do so. However, if you have asked us to do so and later your change your mind, you can opt-out at any time with no hassle. To do this, just let us know. 

​

Keeping your Data Secure

We will use technical and organisational measures to safeguard your personal data, for example:
Access to our systems is controlled by password and username which are unique to the user,
We store your electronic personal data on secure servers backed up on the cloud,
We store your paper records in locked storage cabinets.
Non-sensitive details (your contact details and preferences for example) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.

​

Information About Other Individuals

If you provide information on behalf of someone else, you confirm that you have a lawful basis for doing so and that, where the information includes the personal data of third parties, such as your staff, clients or customers, you have in place appropriate technical and organisational measures to ensure that you are fully compliant with the Act and the GDPR.

​

How Long Do We Keep Your Data For?

As a general rule, we will not keep your data for any longer than is necessary to complete tasks or provide you with services. Generally, we keep your personal information for six years after the end of our involvement with your project. You also have the right to ask us to delete your data, which is set out below (sometimes known as ‘the right to be forgotten’.)

​