Skip to content
Pilates Studios UKUK pilates specialist directory

Legal

Privacy Policy

Last updated: 11 May 2026 · UK GDPR + DPA 2018 compliant

Pilates Studios UK ("we", "us", "our") is committed to protecting and respecting your privacy. This policy explains what personal data we collect, how we use it, your rights under UK GDPR, and how to exercise them.

1. Who we are

Pilates Studios UK is an independent UK pilates studio directory. For the purposes of UK GDPR, we are the data controller. You can contact us via our contact form.

2. What data we collect

When you submit our recommendation form

  • · Name and phone number (required)
  • · Email address (optional)
  • · Location (city/area)
  • · Pilates goal and budget range
  • · Free-text notes you provide
  • · Page URL where the form was submitted
  • · IP address and timestamp

Automatic data when you use our site

  • · Cookies (see our Cookie Policy)
  • · Browser type, device type, screen resolution
  • · Pages visited, time on page, scroll depth
  • · Referrer URL (which site sent you to us)
  • · Approximate location (country/city level via IP)

3. Lawful basis for processing

We process your data under the following UK GDPR lawful bases:

  • · Consent (Article 6(1)(a)) — when you submit our recommendation form, you consent to us using your contact details to match you with pilates studios
  • · Legitimate interests (Article 6(1)(f)) — for analytics, improving our directory, and security monitoring
  • · Legal obligation (Article 6(1)(c)) — when we must comply with UK law (e.g. responding to ICO enquiries)

4. How we use your data

  • · To match you with relevant UK pilates studios based on your stated preferences
  • · To send you those studio recommendations via phone or email
  • · To improve our directory based on which studios users prefer
  • · To detect and prevent fraud, spam, or misuse of our service
  • · To comply with legal obligations

We will never sell your personal data to third parties.

5. Who we share data with

We share limited data with the following processors, all under appropriate UK GDPR-compliant data processing agreements:

  • · Resend (transactional email delivery — US/EU servers)
  • · Vercel (website hosting — US/EU/UK edge network)
  • · Google Analytics 4 (anonymised analytics — see Cookie Policy)
  • · Google Search Console (search performance data)
  • · Anthropic (AI brief generation — only if API key is configured)

When we recommend studios to you, we share your name, phone, email and stated preferences with the matched studios so they can contact you. You can opt out at any time by emailing us.

6. International data transfers

Some of our processors are based outside the UK. Where data is transferred outside the UK, we rely on the UK adequacy decisions or Standard Contractual Clauses (UK SCCs) to ensure appropriate safeguards.

7. How long we keep your data

  • · Recommendation form submissions: 12 months from submission, then anonymised
  • · Email correspondence: 24 months
  • · Analytics data: 26 months (Google Analytics default)
  • · Cookies: See our Cookie Policy

8. Your rights under UK GDPR

You have the following rights regarding your personal data:

  • · Right to be informed — what we collect and why (this policy)
  • · Right of access — request a copy of your data
  • · Right to rectification — correct inaccurate data
  • · Right to erasure ("right to be forgotten") — request deletion
  • · Right to restrict processing — limit how we use your data
  • · Right to data portability — receive your data in a structured format
  • · Right to object — to processing based on legitimate interests
  • · Rights related to automated decision-making — we don't make automated decisions with legal effect on you

To exercise any of these rights, submit your request via our contact form. We will respond within one calendar month, free of charge.

9. Right to complain

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

  • · Website: ico.org.uk
  • · Helpline: 0303 123 1113
  • · Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

We'd appreciate the opportunity to address your concerns first — please contact us before lodging a formal complaint.

10. Security

We use industry-standard security measures to protect your data: HTTPS encryption, secure hosting (Vercel), encrypted email (Resend), and access controls on our systems. No method of internet transmission is 100% secure, but we take reasonable steps to protect your information.

11. Children's data

Our service is not intended for users under 16. We do not knowingly collect data from children. If you believe a child has submitted data to us, contact us immediately and we will delete it.

12. Changes to this policy

We review this policy regularly and may update it. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated via a notice on our home page.

13. Contact us

For any privacy-related questions or to exercise your UK GDPR rights, please use our contact form.

See also: Cookie Policy · Terms of Use