Pilates Attic Limited Company Number SC505944, registered at Companies House, Edinburgh, 14th May 2015 operates the website www.pilatesattic.co.uk
Any information you give us is used exclusively by Pilates Attic Limited for the purpose of ensuring the safe practice of Pilates by our instructors or guest instructors.
We do not share any personal information with any third parties, nor will we rent, sell, disclose or distribute your information to any outside parties unless required to do so by law.
Payments are processed by BACs transfer. You can find out more about them and their security at the following link https://www.bacs.co.uk/Access/UKInterbankPaymentSchemes/Pages/Security.aspx
The Pilates Attic do not store your credit card details. We use a third party, Stripe, to collect and process payments. Stripe are fully Payment Card Industry Data Security Standard (PCI DSS) compliant and specialise in handling your online payments securely.
Enrolment forms and medical information
We ask everyone who attends an induction class, group class, workshop, event or studio session to fill in an enrolment form. This asks you for your name, email address and phone-number and has a large health information section.
To be able to do our job as Pilates teachers, we need to ask you information about health conditions and injuries. It is very important you give accurate and current information to us, and keep us up-to-date with your state of health.
Enrolment forms are stored as paper copies in a secure location and certain elements transferred to a password protected database. Only Joanna Munro, the senior Pilates instructor and owner of Pilates Attic Limited, has access to the secure location and to the electronically stored copies.
We will not discuss teaching you or any details of your health with anyone outside of our group of Pilates teachers working with Pilates Attic Limited. We will only discuss your health between teachers when you are going to see another teacher at Pilates Attic Limited.
We may ask your permission to talk to, or email your physiotherapist, consultant, doctor, or other health professional if we think this will benefit your treatment or is required to teach you safely. You are entitled to see this correspondence if such permission has been requested.
From time to time, we will send you emails relating to the classes that you attend, new terms that are starting, workshops and events and guest instructors that will be available. We may also send you emails relating to payments that are due.
You can unsubscribe from any marketing emails at any time by using the link at the bottom of each email.
The cookies that we use allow us to:
Remember your preferences during and between visits to continuously improve our services, website, and marketing
Collect any personally identifiable information, collect any sensitive information, pass personally identifiable data on to third parties
Cookies on this site are set by Google Analytics and Pilates Attic Limited:
Turning Cookies Off / Opting Out
Almost all browsers and devices can be instructed not to accept cookies. Please consult the Help pages for your browser (usually available via the F1 key), or your device’s instruction manual for details. Please be aware that the functionality of the site may suffer as a result.
Here are some links for the more popular browsers
Internet Explorer: http://windows.microsoft.com/en-gb/windows7/block-enable-or-allow-cookies
We will disclose your personal information where required to do so by law or in accordance with an order of a court of competent jurisdiction, or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our service.
The security of your personal information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. As such we make no warranties as to the level of security afforded to your data, except that we will always act in accordance with the relevant UK and EU legislation.
Your information, including Personal Information, may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside the United Kingdom and choose to provide information to us, please note that we transfer the information, including personal information, to the United Kingdom and process it there.
In the event that a dispute arises with regards to the international transfer of data, you agree that the courts of Scotland shall have exclusive jurisdiction over the matter.
Links to other sites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
Our service does not address anyone under the age of 13 (“Children”).
We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from a child under age 13 without verification of parental consent, we will take steps to remove that information from our servers.
The Pilates Attic shall have no liability to you for any interruption or delay in access to this site irrespective of the cause.
This policy shall be governed and construed in accordance with the laws of Scotland, without regard to its conflict of law provisions.
Right of access, amendment and deletion of personal data
In accordance with the General Data Protection Regulation due to be released on 25th May 2018 you have the right to access, rectify, restrict and delete any information that we hold relating to you. Please make any such request via the contact us page. In accordance with the terms of the new regulation, we will respond to you within one month.
If you would like a copy of our data retention policy, please contact us.
The purpose of this policy is to detail the procedures for the retention and disposal of personal information records, to ensure that we carry this out consistently and that we fully document any actions taken. Unless otherwise specified the retention and disposal policy refers to both hard and soft copy records.
1.2 Review and Updates
This policy was created on 1st May 2018. Pilates Attic Limited will review this policy regularly to ensure it stays up to date. The last review of this policy was on 1st May 2018.
Detailed in section 1.7 is a Record Retention Schedule that is approved as the initial maintenance, retention and disposal schedule for both physical and electronic records belonging to Pilates Attic Limited. Joanna Munro (the “Administrator”) is the officer in charge of the administration of this policy and the implementation of processes and procedures to ensure that the Record Retention Schedule is followed. The Administrator is also authorised to make modifications to the Record Retention Schedule to ensure it is in compliance with local laws.
1.4 Suspension of Record Disposal in event of Legal Claims
In the event that Pilates Attic Limited is served with any legal requests for documents relating to a specific individual, any further disposal of documents shall be suspended until the Administrator deems otherwise. When record disposal resumes, all records that have passed their disposal date will be retrospectively handled.
1.5 Audit Trail
Disposal of records that have been listed on the Record Retention Schedule will not be recorded. Records disposed of outwith the schedule either by being disposed of earlier or kept for longer than listed will be recorded for audit purposes. This will provide an audit trail for any inspections conducted by the Information Commissioner and will aid in addressing Freedom of Information requests where Pilates Attic Limited no longer holds the material.
1.6 Disposal Method
When disposing of a physical record, pages will be shredded if all data on said page is required to be destroyed. If a page has both data that is required to be disposed of, as well as data that is required to be kept, the data to be disposed of will be either cut out of the page or obscured using some form of correctional fluid.
Disposing of electronic records will be done with standard deletion methods available on Windows operating systems.
1.7 Record Retention Schedule
The retention period for all data shown below will occur after the date of last lesson the individual has booked.
Personal Information 7 years
Medical Information 7 years
If you have any questions about this Retention Policy, please contact us.