The General Data Protection Regulation (GDPR) came into force on 25th May 2018, replacing the 1998 Data Protection Act.  This regulation requires us to provide information on:

  • how we use your data
  • how you can control the way in which we use that data and
  • what actions you can take if you would like to change the way in which your data is being used

How we gather Data

Data is provided by you electronically via our website and enrolment form. All data provided by you enables us to provide you with our services at your request.

Specific Data from this form which includes name, email address and telephone contact details is then entered onto our client database and contacts list in order that Winchester Pilates Ltd, which includes those teachers working directly with us, can continue to keep in touch with you about scheduling appointments, attendance in class, cancellations and future events and related services.

Ongoing note taking takes place during your appointments with us so that we can review progress and plan future sessions in accordance with those goals you have identified on your enrolment form. These notes are kept as hard copies in a lockable filing cabinet (see below)

All electronic Data is held in both Winchester Pilates Ltd electronic devices as well as those of our teachers and this information is password protected.

All hard copies of this Data is held within Winchester Pilates Ltd in a locked filing cabinet and our building is fitted with an intruder alarm.

On your enrolment form you have provided the name, telephone number and email address for your emergency contact. We assume that by giving us this information you have sought permission from that person and have their permission for us to hold their details and be contacted by us. They will only be contacted in the event of an emergency.

What we do with your Data

All Data held will only be used by Winchester Pilates Ltd and those teachers working with us to provide you with our services, and to send you selected information in periodic Newsletters about our services.

Protecting your Data

We will not share your data with any third party unless required to do so by law.

How long do we keep your Data?

We will only keep your data on our client database and contact list until you no longer employ our services. Your personal Data will continue to be kept in accordance with the requirements of our Insurers in the event of a future claim.

Our Responsibilities

The law requires us to tell you the legal basis upon which we process your data.

The law allows us to process your data if it is in our legitimate interest to do so.  We may only do so if we can demonstrate a business need and so long as your “interests or your fundamental rights and freedoms are not over ridden”.  In essence, this means that we carry out an exercise to check that we will not cause you harm by processing your data, that the processing is not overly intrusive and that we will only do so in a way which is described in the Privacy Policy.

Your Rights

You have a variety of rights about the way in which we process your data.  These are as follows:

  • Where we rely on our legitimate interest to process data, you may ask us to stop doing so.
  • You may request a copy of the data that we hold about you.
  • You may ask us to cease sending you information.
  • You may change or stop the way in which we communicate with you or process data about you and if it is not required for the purpose for which you provided it, then we will do so for you.
  • If you are not satisfied with the way we have processed your data, then you can complain to the Office of the Information Commissioner.

You may request details of personal information, which we hold about you. A small fee will be payable. If you would like a copy of the information held on you please write to Winchester Pilates Ltd, 4B Middle Brook Street, Winchester, SO23 8AQ.

If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible at the above address. We will promptly correct any information found to be incorrect.

Our website and links to other websites and apps

Our website does not use Cookies and any information you share with us through your enrolment form is encrypted by our chosen service provider who operates the website.

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide whilst visiting such sites and such sites are not governed by this Privacy Policy. You should therefore exercise caution and look at the privacy statement applicable to the website in question.

In addition to the website we do also use Facebook and Instagram as a tool for communicating information relating to our products and services and you should be aware that we cannot be responsible for the protection and privacy of any information that you provide whilst visiting such apps and such apps are not governed by this Privacy Policy. You should therefore exercise caution and look at the privacy statement applicable to the website in question.


We use Mailchimp for group emails and newsletters, and to enable us to do this Mailchimp holds a record of your name and email address. For more information on Mailchimps Privacy Policy:


We use ClassSwap for online management of class and studio attendance. For more information on ClassSwap Privacy Policy:

Contacting us

If you have any questions about the Privacy Policy, about the way we process your data, or if you wish to change the way we use your data, including how we communicate with you, then please contact Louisa Bond on


Date: 1st June 2018

Review: 1st May 2019