Terms & Conditions
Who we are
We are a community sauna business based in Hove, East Sussex, United Kingdom. We are the data controller for the personal information we collect.
What Data We Collect
We may collect and process the following types of personal data:
* Identity and Contact Data: Name, email address, phone number
* Booking Details: Date, time, location of your booking, number of guests
* Payment Data: Billing details (processed securely via third-party payment processors – we do not store card details)
* Communications: Emails, messages, or other contact you make with us
* Website Usage Data: IP address, browser type, pages visited (via cookies or analytics, if used)
How We Use Your Data
We use your data to:
* Process and manage bookings
* Communicate with you about appointments or service updates
* Collect payments and issue invoices
* Send marketing communications (if you’ve opted in)
* Improve our services and operations
* Comply with legal obligations (e.g. tax or accounting)
Lawful Basis for Processing
We only process your personal data when we have a lawful basis to do so. This includes:
* Contract: To fulfil your booking and provide our services
* Consent: For marketing communications or website cookies (where applicable)
* Legal Obligation: For financial records and compliance
* Legitimate Interests: To manage and grow our business, and communicate with customers (where your rights do not override our interests)
Sharing Your Data
We do not sell or rent your personal information.
We may share your data with:
* Payment processors (e.g. Stripe, Square) to securely handle transactions
* Booking or scheduling platforms (e.g. Calendly, SimplyBook.me)
* Professional service providers (e.g. accountants)
* Legal authorities where required by law
All third parties are required to handle your data securely and in compliance with UK data protection laws.
Data Retention
We only keep your data as long as necessary for the purpose it was collected. For example:
* Booking and financial records: Retained for up to 6 years (for tax and accounting)
* Marketing contacts: Kept until you unsubscribe or ask for deletion
* General enquiries: Retained for up to 12 months
When data is no longer required, it will be securely deleted or anonymised.
Your Rights
Under UK GDPR, you have the right to:
* Access your personal data
* Correct inaccurate or incomplete data
* Request deletion of your data
* Restrict or object to certain types of processing
* Withdraw consent (for marketing, cookies, etc.)
* Receive your data in a portable format (in some cases)
To exercise any of these rights, please contact us at sosaunahove@gmail.com
Cookies and Website Tracking
If our website uses cookies or analytics, we will:
* Inform you on your first visit
* Request your consent for non-essential cookies
* Provide instructions on how to opt out
* You can control or disable cookies via your browser settings. For more details, see our Cookie Policy
Data Security
We take appropriate technical and organisational measures to protect your personal data, including:
* Secure, password-protected systems
* Restricted access to data
* Secure payment processing
* Regular updates and monitoring of systems
While we take reasonable precautions, no system is 100% secure.
Data Breaches
In the unlikely event of a personal data breach that risks your rights or freedoms, we will:
* Notify the Information Commissioner’s Office (ICO) within 72 hours
* Inform you without undue delay (if your data is affected)
Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the Effective Date at the top of this page and notify you if the changes are significant.
Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please contact us:
sosaunahove@gmail.com