Privacy policy statement

The Studio N20 is the Data Controller responsible for your personal data.If you have any questions about this Privacy Policy or how your data is handled, please contact:The Studio N20Email: info@thestudion20.com

We may collect and process the following categories of personal data:
Identity & Contact Information
Name, email address, phone number, postal address, and emergency contact details.
Booking & Membership Information
Classes attended, packages purchased, attendance history, and membership details.
Payment Information
Payments are processed securely via third-party payment providers. We do not store full card details.
Health Information (Where Provided)
Information relating to injuries, pregnancy, or medical conditions disclosed for safe participation in classes.
Marketing Preferences
Your communication preferences and subscription choices.
Technical Information
IP address, browser type, device information, and website usage data collected via cookies.

We process your personal data under the following lawful bases:
Contractual necessity – to manage bookings, memberships, and payments.
Legal obligation – for tax, accounting, and regulatory compliance.
Legitimate interests – to operate and improve our studio services and maintain safety.
Consent – for marketing communications and health-related disclosures.
You may withdraw consent at any time.

We use your personal data to:
Manage bookings and memberships
Process payments
Send service-related communications
Provide customer support
Send marketing communications (where you have opted in)
Improve our services and client experience
Maintain a safe studio environment
We do not sell your personal data.

We may share your data with trusted third-party providers who help operate our business, including:
Booking and membership software providers (e.g. Momence)
Payment processors
Email marketing platforms
Professional advisers such as accountants
All third parties are required to process your data securely and in accordance with UK GDPR.
Where data is transferred outside the UK, appropriate safeguards are implemented.

Where you provide health-related information for safe participation in classes, this is treated as special category data and processed only with your explicit consent.

The Studio N20 operates CCTV in certain public areas of the premises for the purposes of:
Ensuring the safety and security of clients, staff, and visitors
Protecting property
Preventing and detecting crime
CCTV footage is processed under our legitimate interests in maintaining a safe environment.
Cameras are positioned in public areas only and are not installed in private areas such as toilets or changing facilities.
Footage is stored securely and typically retained for up to 30 days, unless required for investigation or legal proceedings.
You may request access to CCTV footage in which you appear, subject to identity verification and applicable legal limitations.
Clear signage is displayed on the premises to inform visitors of CCTV in operation.

We retain personal data only for as long as necessary to:
Provide our services
Comply with legal and accounting obligations
Resolve disputes and insurance matters
Client records may be retained for up to 6 years for legal and insurance purposes.

Under UK data protection law, you have the right to:
Access your personal data
Correct inaccurate information
Request deletion of your data
Restrict or object to processing
Withdraw consent at any time
Request data portability
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
https://www.ico.org.uk
We encourage you to contact us first to resolve any concerns.

We implement appropriate technical and organisational measures to protect your personal data, including secure systems and restricted access.
While we take reasonable steps to safeguard information, no system can guarantee complete security.

Our website may use cookies to improve functionality and analyse website usage. You can manage cookie preferences through your browser settings.

Our services are intended for individuals aged 16 and over. We do not knowingly collect personal data from children without parental consent.

We may update this Privacy Policy from time to time. The latest version will always be available on our website.