Happydemic Pilates (or “we”) has a legal duty to protect the personal information that is collected and used. If we are found to have not complied with the requirements of data protection law we could be fined and prosecuted by the ICO. This would damage our reputation and we could face a fine of up to €20m.
Why we process personal information
Happydemic Pilates records and processes personal information in order to:
- Provide people with the services, products or information that they ask for .
- Manage payments and other financial transactions, including rentals.
- Keep a record of our relationships with service users, subscirbers and social media contacts.
- Keep records relating to any feedback or complaints.
- Manage users and clients’ communication and marketing preferences.
- Provide people with information about the Pilates method and Happydemic Pilates work, including classes, events, courses and promotional offers, when they have consented to this.
- Tailor online advertising according to someone’s interests, preferences and other characteristics.
- Direct advertisements and other communications to people who might have similar interests or other characteristics to our clients and supporters.
- Invite people to participate in surveys and research.
How Happydemic Pilates complies with data protection legislation
Happydemic Pilates is committed to complying with privacy and data protection laws and being transparent about what it is doing. We have a legal responsibility to ensure that personal information that we collect and process is:
- used fairly and lawfully
- used for limited, specifically stated purposes
- used in a way that is adequate, relevant and not excessive
- kept accurate and up to date
- kept for no longer than is absolutely necessary
- handled according to people’s data protection rights
- kept safe and secure
- not transferred outside the EEA without adequate protection
There are a number of data protection rights that are provided to clients, supporters, service users and social media contacts. These include the right to:
- request a copy of or more detail about the personal information that Happydemic Pilates hold and how we use it
- change the ways in which we communicate with them
- take away their consent for how we use their information
- ask us to stop using their personal information
- ask us to delete their personal information where there is no compelling reason for us having their information
- object to us processing their personal information
Responsibilities of staff and authorised third parties
Happydemic Pilates Data Controller
Happydemic Pilates is a Controller. The named Controller is Flavia Di Tomassi. She has the responsibility to ensure that:
- Staff and authorised third parties comply with the data protection principles, as set out in the legislation
Data subject rights
Happydemic Pilates respects the right of its clients and service users to access personal data about them which is being held by Happydemic Pilates either electronically or in a relevant filing system, to check that it has been fairly obtained, that it is accurate, and to have such data corrected where necessary. It also recognises the right of a data subject to withdraw consent to the processing of personal data where such processing could cause them significant damage or distress.
Personal information, whether held electronically or manually, is kept securely and not disclosed unlawfully.
Anyone who considers that this policy has not been followed in respect of personal information about themselves should email firstname.lastname@example.org
 Personal information includes personal and sensitive personal data. It is information, facts or opinion, which identifies a living individual.
 Data subjects are the people whose personal information we hold and use.
 Also regulated by the ICO under its Guide to Privacy and Electronic Communications Regulations
 The European Economic Area covers the EU states plus Lichtenstein, Iceland and Norway.