Privacy Policy.

For data protection purposes, The Coterie and Me Ltd is the data controller for the personal data described in this Privacy Policy.

We may collect and process the following types of personal data:

• name;
• email address;
• phone number;
• home address, billing address and postcode;
• date of birth;
• emergency contact details;
• account and login information;
• booking, attendance and membership information;
• payment and billing information;
• class package, credit and purchase history;
• health, injury, pregnancy, postnatal and fitness-related information where provided;
• incident, accident and safety records;
• communications with us;
• marketing preferences;
• photography, video or social media content where consent has been given;
• website, cookie and usage data;
• diversity or community monitoring data where voluntarily provided.

We only collect personal data that is necessary or relevant for the operation of our services, safety, legal obligations, customer experience, marketing or business administration.

We may collect personal data when you:

• create an account;
• book or attend a class, private session, event or private hire activity;
• purchase a class, class pack, membership, product or service;
• complete a health questionnaire, liability waiver or consent form;
• contact us by email, phone, website, social media or booking system;
• join our waitlist or mailing list;
• provide feedback or make a complaint;
• participate in photography, filming or marketing content;
• use our website or booking system;
• attend the studio or interact with our team.

We may also receive data through third-party systems that support our services, such as our booking platform, payment processor, email platform or analytics tools.

We use your personal data to:

• create and manage your account;
• provide memberships, classes, private sessions, studio hire, events and related services;
• process bookings, payments, refunds and credits;
• manage cancellations, no-shows, class packs and membership renewals;
• communicate with you about your bookings, account, purchases and studio updates;
• assess suitability for participation and support client safety;
• respond to injuries, illnesses, incidents, accidents or emergencies;
• maintain incident and safety records;
• manage complaints, feedback and customer service queries;
• improve our services, timetable, customer experience and studio operations;
• understand our customer base and support community engagement;
• send marketing communications where permitted;
• manage photography, video and promotional content where consent has been given;
• comply with legal, accounting, tax, insurance, health and safety, and regulatory obligations;
• protect our business, clients, instructors, systems and legal rights.

We process personal data under one or more of the following lawful bases:

Performance of a contract. To provide services you have booked or purchased, manage your account, process payments and deliver classes, memberships, private sessions or other services.

Legitimate interests. To operate and improve the business, manage customer relationships, respond to enquiries, prevent misuse, maintain safety records, manage complaints and protect our legal and commercial interests.

Legal obligation. To comply with legal, tax, accounting, health and safety, insurance and regulatory obligations.

Consent. Where we rely on your consent, such as for certain marketing communications, optional photography/video use, non-essential cookies, and some health or diversity data.

Vital interests. In rare cases, we may process personal data to protect someone's life or safety, for example in a medical emergency.

Some information we collect may be special category data under data protection law. This may include:

• health information;
• injury information;
• pregnancy or postnatal information;
• medical or fitness-related disclosures;
• diversity monitoring data, where voluntarily provided.

We process this type of data only where necessary and where a lawful basis and special category condition applies.

We may use health-related information to:

• assess suitability for participation;
• help instructors provide safe modifications;
• support client safety;
• manage incidents and emergencies;
• maintain appropriate health and safety records;
• respond to insurance, legal or safeguarding concerns where relevant.

Access to health-related information is restricted to authorised persons only. This may include the Director, authorised studio management and, where necessary for safe class delivery, the instructor leading the relevant session.

Freelance instructors are not permitted to use health information for their own purposes, store it outside approved Company systems or use it for independent marketing.

Where we rely on consent for special category data, you may withdraw your consent at any time. However, if we cannot process health information needed for safe participation, we may be unable to allow you to take part in certain classes or services.

We may collect diversity, demographic or community-related information where voluntarily provided.

This may be used to:

• understand who we are reaching;
• support community engagement;
• assess accessibility of our services;
• support funding, partnership or impact reporting where appropriate.

Where possible, this information will be anonymised or aggregated so that individuals are not identified.

Providing diversity or community information is optional.

We may use your contact details to send updates, offers, studio news, class information, events and other marketing communications where permitted by law.

We may rely on consent or, where applicable, the soft opt-in for existing customers who have purchased or shown interest in similar services and have been given a clear opportunity to opt out.

You can opt out of marketing at any time by:

• clicking the unsubscribe link in our emails;
• changing your preferences in the booking system, where available;
• contacting us at hello@keinastudios.com.

We will still send necessary service messages, such as booking confirmations, payment notices, safety updates, cancellation notices and account communications.

We may capture photographs or video content for marketing, social media, website, community or promotional purposes.

Where individuals are identifiable, consent will be obtained before we use the content.

You may withdraw consent at any time by contacting us. If content has already been published, we will take reasonable steps to remove or stop using it where practical, but we may not be able to remove content that has already been shared, reposted or stored by third parties.

For women-only sessions, filming and photography are restricted and require explicit prior approval from KEINA Studios and clear consent from affected participants.

Clients must not film or photograph other clients without permission.

Payments are processed through third-party payment providers.

We do not store full payment card details.

We may process payment and billing information to:

• take payments;
• manage memberships;
• process refunds;
• manage failed payments;
• maintain financial records;
• respond to disputes, chargebacks or accounting queries.

Payment providers will process personal data in accordance with their own terms and privacy policies where they act as independent controllers or processors.

We use third-party providers to operate our business. These may include:

• booking and membership management platforms, such as bsport;
• payment processors;
• email and communication platforms;
• accounting software;
• website hosting providers;
• analytics and marketing tools;
• professional advisers;
• insurers;
• IT and cloud storage providers.

Where third parties process personal data on our behalf, we take reasonable steps to ensure they provide appropriate data protection safeguards and process data in accordance with applicable data protection laws.

We may share personal data with:

• booking and software platforms;
• payment providers;
• email and communication providers;
• professional advisers, such as accountants or legal advisers;
• insurers, where required in connection with an incident, claim or policy;
• emergency services, where necessary;
• instructors, where necessary for safe service delivery;
• building management, where necessary for health, safety, security or incident management;
• regulators, authorities or courts, where legally required.

We do not sell personal data.

Some third-party systems or providers may process personal data outside the United Kingdom.

Where personal data is transferred outside the UK, we will ensure appropriate safeguards are in place where required, such as adequacy regulations, approved contractual mechanisms or other safeguards recognised under data protection law.

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, tax, insurance, health and safety, dispute resolution and business administration purposes.

Indicative retention periods include:

• account and booking records: for as long as your account remains active and for a reasonable period afterwards;
• financial and transaction records: up to 6 years;
• incident, accident and safety records: at least 3 years, and longer where required for legal, insurance or safeguarding reasons;
• health questionnaire and waiver records: for as long as required for safe service delivery, legal, insurance and risk management purposes;
• marketing data: until you unsubscribe, withdraw consent or your data is no longer required;
• enquiry records: for a reasonable period after the enquiry has been resolved.

When personal data is no longer required, it will be securely deleted, anonymised or archived where appropriate.

We use appropriate technical and organisational measures to protect personal data.

These may include:

• restricted access to authorised persons only;
• password-protected systems;
• use of approved third-party platforms;
• secure cloud-based storage;
• limiting access to health and incident data;
• confidentiality obligations for instructors and service providers;
• staff and instructor guidance on data protection.

No system can be guaranteed to be completely secure, but we take reasonable steps to protect the personal data we hold.

Authorised staff, studio management and approved freelance instructors may access personal data only where necessary for the delivery of services, safety, administration or business operations.

Freelance instructors may access limited client information where required for safe class delivery, such as relevant health notes or booking information.

Freelance instructors must not:

• use client data for their own independent marketing;
• contact clients outside approved Company purposes;
• retain or store client data outside approved Company systems;
• copy, photograph, download or share client information;
• use client data for any unauthorised purpose.

Where an accident, injury, illness, near miss, safeguarding concern or safety issue occurs, we may record relevant personal data.

This may include:

• name and contact details;
• booking/session information;
• injury or medical information;
• incident details;
• witness information;
• first aid response;
• emergency contact use;
• follow-up action.

This data is used for health and safety, incident management, insurance, legal, training and risk management purposes.

Access is restricted to authorised persons only.

Our website may use cookies and similar technologies.

Cookies may be used to:

• make the website work properly;
• remember preferences;
• analyse website usage;
• improve functionality and user experience;
• support marketing or advertising activities.

Where required, we will obtain consent before placing non-essential cookies.

You can manage or withdraw cookie consent through our cookie banner, cookie settings or your browser settings.

Further information is available in our Cookie Policy.

The building in which KEINA Studios is located may operate CCTV, access control or building security systems.

These systems are managed by the building operator and not by KEINA Studios.

Any personal data collected through those systems is subject to the building operator's own privacy notices and procedures.

Under data protection law, you may have rights including the right to:

• access your personal data;
• request correction of inaccurate or incomplete data;
• request deletion of your data;
• request restriction of processing;
• object to processing;
• withdraw consent where we rely on consent;
• request data portability;
• complain to the Information Commissioner's Office.

Some rights may not apply in all circumstances, depending on the lawful basis for processing and any legal or business reason for retaining the data.

To exercise your rights, please contact us at hello@keinastudios.com.

We may need to verify your identity before responding.

If you have any concerns about how we handle your personal data, please contact us first so we can try to resolve the issue.

Contact email: hello@keinastudios.com

You also have the right to complain to the Information Commissioner's Office, the UK regulator for data protection matters. The ICO expects privacy notices to explain how people can complain if they have concerns about how their information is being used.

We may update this Privacy Policy from time to time.

The latest version will be made available through our website, booking system or other appropriate client communication method.

Where changes are material, we may take reasonable steps to notify affected clients.

Continued use of our services after an updated Privacy Policy is published indicates that you have read the updated version.