HomePrivacy Policy

Privacy Policy

Privacy Policy

Core Connect Pilates

Effective date: 1/4/2026

1. Who We Are

Core Connect Pilates is a Pilates studio based in Surbiton, UK. We are the data controller responsible for your personal data.

Contact details:
Core Connect Pilates
Nuffield Health Surbiton, Simpson Way, Surbiton, KT6 4ER
Email: coreconnectpilates@gmail.com
Phone: 07850 699899

2. What Data We Collect

We may collect and process the following personal data:

a) Information you provide directly:

  • Name
  • Email address
  • Phone number
  • Address (if required)
  • Health information relevant to participation (e.g. injuries, medical conditions)
  • Emergency contact details

b) Booking & payment data:

When you book classes via our system, we may receive:

  • Booking history
  • Attendance records
  • Payment status (we do not store full card details)

c) Website usage data:

  • IP address (anonymised where possible)
  • Browser type and device
  • Pages visited and interactions

3. How We Collect Your Data

We collect data when you:

  • Visit our website
  • Submit forms or enquiries
  • Book classes
  • Communicate with us
  • Use our booking platform

4. How We Use Your Data

We use your data to:

  • Manage bookings and appointments
  • Communicate with you about classes or updates
  • Ensure your safety during sessions (health-related data)
  • Process payments
  • Respond to enquiries
  • Improve our website and services
  • Send marketing communications (only where you have opted in)

5. Legal Basis for Processing

Under UK GDPR, we rely on:

  • Contractual necessity – to deliver booked services
  • Legitimate interests – to operate and improve our business
  • Consent – for marketing and analytics cookies
  • Legal obligations – for financial and record-keeping requirements

Special category data (health information) is processed based on your explicit consent.

6. Third-Party Services

We use trusted third parties to operate our business:

Booking platform

We use WellnessLiving to manage bookings and payments.
When you use this system, your data is processed according to their policies.

Analytics provider

We use Google Analytics to understand how visitors use our website.
This helps us improve user experience and site performance.

Google Analytics:

  • Collects anonymised usage data
  • May use cookies (see Section 9)
  • Does not identify you personally

Other providers may include:

  • Website hosting providers
  • Payment processors
  • Email communication tools

We only share data necessary to deliver our services.

7. Data Storage & Security

We take appropriate measures to protect your data, including:

  • Secure systems and password protection
  • Restricted access to personal data
  • Use of reputable third-party platforms

8. Data Retention

We retain personal data only as long as necessary:

  • Client and booking records: up to 6 years
  • Financial records: up to 6 years
  • Marketing data: until you withdraw consent

9. Cookies & Tracking Technologies

What are cookies?

Cookies are small text files placed on your device when you visit our website.

How we use cookies

We use cookies to:

  • Ensure the website functions correctly
  • Analyse website traffic
  • Improve user experience

Types of cookies we use

a) Strictly necessary cookies

Essential for website functionality (no consent required)

b) Analytics cookies

Used by Google Analytics to:

  • Understand visitor behaviour
  • Measure performance
  • Improve the website

These cookies are only set with your consent.

Google Analytics may collect:

  • Pages visited
  • Time spent on site
  • General location (not precise)
  • Device and browser information

We have configured Google Analytics to:

  • Anonymise IP addresses
  • Limit data retention
  • Avoid unnecessary data sharing

c) Third-party cookies

When you use our booking system via WellnessLiving, cookies may be placed by that platform.

These are governed by their own policies.

Managing cookies

You can:

  • Accept or reject non-essential cookies via our banner
  • Change preferences at any time
  • Disable cookies in your browser settings

Common browsers:

  • Google Chrome
  • Safari
  • Microsoft Edge

Disabling cookies may affect site functionality.

10. Your Rights

Under UK GDPR, you have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to processing
  • Withdraw consent at any time
  • Lodge a complaint with the UK Information Commissioner’s Office (ICO)

11. Data Transfers

Some third-party providers may process data outside the UK.
Where this occurs, appropriate safeguards are in place.

12. External Links

Our website may contain links to external websites.
We are not responsible for their privacy practices.

13. Changes to This Policy

We may update this Privacy Policy from time to time.
Please review it periodically.

14. Contact Us

If you have any questions about this policy:

Email: coreconnectpilates@gmail.com