Here at Cherry Dance – Academy of Burlesque & Pole Fitness, we are committed to maintaining the trust and confidence of the visitors to Our Websites, Our clients and Our members. In particular, we want you to know that Cherry Dance Academy will not sell, rent or trade Personal Information with other companies/businesses. We just don’t do that sort of thing; after all we hate spam just as much as you do.
We respect and value the privacy of everyone who visits Our Websites and who trains with Us, therefore we will only collect and use Personal Information in ways that are useful to you and in a manner consistent with your rights and Our obligations in accordance with the relevant legislation.
We know this isn’t the most interesting of subjects but if you wish to find out more we’ve provided lots of detailed information in Our Privacy Policy, including when and why We collect your Personal Information, how We use it, the limited conditions under which we may disclose it to others and how We keep it secure.
Your acceptance of Our Privacy Policy is deemed to occur upon your first use of Our Websites. If you do not accept and agree with this Privacy Policy, you must stop using Our Websites immediately.
So grab a cuppa and read on…
- Definitions and Interpretations
In this privacy policy, the following definitions are used:
“Account” means any account(s) required to access and/or use certain areas and features of Our Websites.
“Cookie” means a small text file placed on your computer or device by Our Websites when you visit certain parts of Our Websites and/or when you use certain features of Our Websites. Details of the Cookies used by Our Websites are set out in section 10, below.
“GDPR” means EU Regulation 2016/679 – the General Data Protection Regulation.
“Our Websites” means Our Websites: cherrydancefitness.co.uk and hot-flex.com, and any sub-domains of these sites, unless expressly excluded by their own terms and conditions.
“Personal Information” means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to Us via Our Websites and from attendance at Our classes and sessions. This definition shall, where applicable, incorporate the definitions provided in the GDPR.
“UK and EU Cookie Law” means the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended in 2011 and 2015.
“We/Us/Our” means Cherry Dance – Academy of Burlesque & Pole Fitness of Cherry Towers, First Floor, Abbey House, 7-9 Bigg Market, Newcastle-Upon-Tyne. NE1 1UN.
- What Does This Policy Cover?
2.1 This Privacy Policy applies only to your use of Our Websites. It does not extend to any websites that may be linked to, or can be accessed from, Our Websites. As We have no control regarding how your Personal Information is collected, stored or used by any other website We advise you to check the privacy policies of any such websites before providing Personal Information to them.
- What Personal Information Do We Collect?
3.1 Depending upon your use of Our Websites, some Personal Information may be collected automatically (please see section 10 relating to Our use of Cookies). Any additional Personal Information will only be collected if you voluntarily submit it to Us and consent to Us using it for the purposes outlined in section 5.
3.1.1 Name
3.1.2 Contact information, such as email address and telephone number(s)
3.1.3 Postal address
3.1.4 Date of birth
3.1.5 IP Address (automatically collected)
3.1.6 Web browser type and version (automatically collected)
3.1.7 Operating system (automatically collected)
3.2 We may also be required to collect Personal Information under the “special category data” conditions as listed in Article 9(2) of the GDPR, for example, when applying to train with us. This Personal Information could include:
3.2.1 Previous and current health and medical issues
3.2.2 Details of prescribed and non-prescribed medication currently being taken
3.2.3 Details of any current and/or previous injuries
3.2.4 Details of any specific dietary requirements
Please Note: Any financial information, such as credit and debit card numbers used to purchase any of Our goods and/or services are collected via a payment gateway service, either Stripe or PayPal, depending upon your choice at checkout. We do not receive this data.
- Your Individual Rights
4.1 Under the GDPR you have the following rights:
4.1.1 the right to be informed
4.1.2 the right of access
4.1.3 the right to rectification
4.1.4 the right to erasure
4.1.5 the right to restrict processing
4.1.6 the right to data portability
4.1.7 the right to object to the processing of your Personal Information
4.1.8 rights in relation to automated decision making and profiling
4.2 If you wish to exercise any of your rights under the GDPR, or if have any questions relating to Our Privacy Policy or Our use of your Personal Information, please, in the first instance, contact Us using the details provided in section 11.
4.3 You will not have to pay a fee to access your Personal Information (or to exercise any of your other rights). However, We may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or We may refuse to comply with your request in these circumstances.
4.4 We may need to request specific information from you to help Us confirm your identity and ensure your right to access your Personal Information (or to exercise any of your other rights). This is a security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up Our response.
4.5 We try to respond to all legitimate requests within thirty (30) calendar days. Occasionally it may take Us longer than this if your request is particularly complex or you have made a number of requests. In this case, We will notify you.
4.6 We handle subject access requests in accordance with the GDPR. If you have any concerns with the way We are handling your Personal Information, or Our response to your application of rights under GDPR, you also have the right to complain to the Information Commissioners Office [www.ico.org.uk].
5. How Do We Use Your Personal Information?
5.1 We will only process your Personal Information lawfully, fairly and transparently and where at least one of the following conditions, specified under Article 6 of the GDPR, apply;
5.1.1 you have given Us consent to the processing of your Personal Information for one or more specific purposes
5.1.2 the processing is necessary for a contract you have with Us, or because you have asked Us to take specific steps prior to entering into a contract
5.1.3 the processing is necessary for Us to comply with Our legal obligations
5.1.4 the processing is necessary to protect someone’s life
5.1.5 the processing is necessary for Us to perform a task in the public interest or for Our official functions, and the task or function has a clear basis in law
5.1.6 the processing is necessary for Our legitimate interests or the legitimate interests of a third party, unless there is a valid reason to protect the individual’s Personal Information which overrides those legitimate interests
5.2 In some cases, Our collection of Personal Information may be a statutory or contractual requirement; this may include Personal Information designated “special category data” as listed in Article 9(2) of the GDPR. Without your consent for Us to collect and process such Personal Information, We will be restricted in the products and services which We can provide you with. For example, when applying to join one of Our programmes.
5.3 We store and process all Personal Information securely and in line with the reason(s) for which it was originally collected. Specifically, We may use your Personal Information for the following purposes:
5.3.1 Supplying Our products and services you
5.3.2 Providing and managing your access to Our Websites
5.3.3 Personalising and tailoring Our products and services for you
5.3.4 Responding to communications from you
5.3.5 Analysing your use of Our Website to enable Us to continually improve both Our Website and your user experience
5.3.6 Supplying you with email communications relating to the product or service that you have requested information about and/or attended/purchased. You can opt-out of receiving any of these email communications at any time by following the ‘unsubscribe’ instructions contained in each of these email communications.
- Do We Share Your Personal Information?
6.1 We’re serious when We say we’re committed to protecting your privacy – we want to earn and maintain your trust, so We do not, and will not, sell any of your Personal Information to any third party for any purpose.
6.2 As an essential part of being able to provide Our products and services to you, We may contract and work with key partners to assist Us in the delivery and support of these products and services and allow Us to run Our business effectively and safely. In some cases, they may require access to some of your Personal Information. These may include:
6.2.1 Payment processers who action your payments on Our behalf, for example Stripe or Paypal. Please Note: We do not receive or directly process any financial information, such as credit and debit card numbers.
6.2.2 Our professional advisers acting as processors or joint controllers including lawyers, accountants and insurers, who provide consultancy, legal, insurance and accounting services to Us.
6.3 We require all third parties with whom We contract to respect the security of your Personal Information and to treat it in accordance with relevant legislation. We do not allow our third party service providers to use your Personal Information for their own purposes and We only permit them to process your Personal Information for specified purposes and in accordance with Our instructions. We only contract with third party service providers who can demonstrate compliance with GDPR.
6.4 Where We use a third party to process your payments on Our behalf, We only use payment processors who comply with the Payment Card Industry Data Security Standard (PCI DSS) service provider level 1 standard – the most stringent level of certification available in the payment industry. All web browsers interact with Our payment processor securely using Transport Layer Security (TLS) so that they make use of an HTTPS connection.
6.5 In certain circumstances We may be legally required to share certain Personal Information held by Us, for example, to comply with any legal obligation, or in order to enforce or apply Our terms of use and other agreements; or to protect the rights, property, or safety of Us, Our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction. Under these circumstances, We do not require any further consent from you to share this and We will comply with any legally binding request that is made of Us.
- Where Do We Store Your Personal Information?
7.1 Sometimes We may need to store or transfer some or all of your Personal Information to third party service providers outside of the European Economic Area (EEA) – for example, this may be required where the service provider uses a “cloud based” service. We will take all reasonable steps to ensure there are appropriate safeguards in place to make certain that your Personal Information receives the same protection as it would if it was being processed inside the EEA and under the GDPR. Where Our service providers require us to transfer your Personal Information outside of the EEA we will ensure that at least one of the following safeguards are in place:
7.1.1 Where possible, obtaining a Data Processing Agreement (DPA) with the service provider
7.1.2 For US service providers, that they are part of the EU-US Privacy Shield certification scheme for the protection of Personal Information transferred from within the EU to the United States
7.1.3 Use the EU approached Standard Contractual Clauses (EU Model Clauses)
7.2 We are committed to keeping your Personal Information secure and We have put in place physical, electronic and procedural systems to safeguard the Personal Information collected through Our Websites and in person at Our facility.
7.3 It is important to remember that the transmission of information via the internet is not completely secure. Although We will do Our best to protect your Personal Information, We cannot guarantee the security of your Personal Information transmitted to Our Websites; any transmission is at your own risk. We therefore advise you to take suitable precautions when transmitting to Us via the internet.
- How Long Will We Store Your Personal Information For?
8.1 We will only retain your Personal Information for as long as necessary to fulfil the purposes We collected it for, as described in section 5, including for the purposes of satisfying any legal, accounting, or reporting requirements that We may have.
8.2 Details of retention periods for different aspects of your Personal Information are available in Our data retention policy which, is available on request, by contacting Us using the information in section 11.
- What happens If Our Business Changes Hands?
9.1 In the event that We sell or buy any business or assets We may be required to disclose some or all of your Personal Information to the prospective seller or buyer of such business or assets.
9.2 If We or Our assets are acquired by a third party, all Personal Information held by Us about Our clients will be one of the transferred assets. The new owner or new controlling party will, under the terms of this privacy policy, be permitted to use the Personal Information originally collected by Us for the reasons in which it was initially obtained.
- How We Use Cookies
10.1 A cookie is a small file of letters and numbers that We store on your browser or the hard drive of your computer following your agreement. Cookies contain information that is transferred to your computer’s hard drive. Our Websites use cookies to distinguish you from other users. This helps Us to provide you with a good experience when you browse Our Websites and also allows Us to improve Our Websites.
10.2 We use the following cookies:
10.2.1 Strictly necessary cookies: These are cookies that are required for the operation of Our Websites. They include, for example, cookies that enable you to login to secure areas of Our Websites, use a shopping cart or make use of payment services.
10.2.2 Analytical/performance cookies: They allow Us to recognise and count the number of visitors and to see how visitors move around Our Website(s) when they are using it. This helps Us to improve the way Our Websites work, for example, by ensuring that users find what they are looking for easily. For example, Google Analytics.
10.2.3 Functionality cookies: These are used to recognise you when you return to Our Websites. This enables Us to personalise Our content for you, greet you by name and remember your preferences (for example your choice of language or region).
10.2.4 Targeting cookies: These cookies record your visit to Our Websites, the pages you have accessed and the links you have followed. We will use this information to make Our Websites, and any advertising displayed on them, more relevant to you. For example, the Facebook Tracking Pixel.
10.3 You may block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of Our Website.
10.4 Except for essential cookies, all cookies will expire after 180 days.
- Contacting Us
11.1 Questions, comments or requests regarding Our Websites or this privacy policy are welcomed and should be addressed by email to office@cherrydancefitness.co.uk, or by post to Cherry Dance – Academy of Burlesque & Pole Fitness of Cherry Towers, First Floor, Abbey House, 7-9 Bigg Market, Newcastle-Upon-Tyne. NE1 1UN.
11.2 If you are contacting Us regarding the Personal Information We hold about you, please ensure your query is as clear and detailed as possible to assist Us in responding.
- Changes
12.1 We may amend this privacy policy from time to time as we deem necessary or as required by changes in legislation. Any changes We may make to Our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. We recommend that you check back frequently to see any updates or changes to Our privacy policy.
Date: 25th May 2018