Privacy Policy

Last updated: 9 April 2026

Overview

Cleanse Breeze is committed to protecting the privacy of individuals who interact with our services. This policy explains what personal information we collect, why we collect it, how we use it, and the choices available to you regarding your data.

We operate from the United Kingdom and our data practices comply with applicable data protection legislation, including the UK General Data Protection Regulation and the Data Protection Act 2018.

Who We Are

Cleanse Breeze is a fitness training provider operating from Unit 7, Riverside Business Park, 42 Wellington Road, Bristol BS8 2UB, United Kingdom. For data protection matters, you can contact us at [email protected].

Information We Collect

Information You Provide Directly

When you engage with our services, we collect information that you voluntarily provide:

  • Contact details including name, email address, and postal address
  • Health and fitness information relevant to providing training services
  • Medical history and injury information where necessary for safe training delivery
  • Payment information processed through our secure payment providers
  • Communication records from emails, messages, and consultation notes
  • Booking and attendance records for sessions and classes

Information Collected Automatically

When you visit our website, certain technical information is collected automatically:

  • Device and browser information
  • IP address and general location data
  • Pages visited and time spent on our website
  • Referring website if you arrived via a link

This information is collected through cookies and similar technologies. See our Cookies Policy for detailed information about how we use these tools.

How We Use Your Information

Service Delivery

The primary purpose of collecting your information is to deliver effective fitness services. This includes designing appropriate training programmes, monitoring your progress, ensuring your safety during training, and communicating about your sessions.

Communication

We use your contact details to respond to enquiries, confirm bookings, send appointment reminders, and share information relevant to your training. If you're an existing client, we may occasionally inform you about changes to our services or new offerings that might interest you based on your current programme.

Legal and Safety Obligations

Some information processing is necessary to meet legal requirements or protect vital interests. This includes maintaining records for insurance purposes, responding to legal requests, and taking action if we believe someone's safety is at risk.

Business Operations

We process information to manage bookings, process payments, handle customer service matters, and maintain the general operation of our business.

Website Improvement

Anonymous usage data helps us understand how people interact with our website, allowing us to improve navigation and content. This analysis uses aggregated data that doesn't identify individuals.

Legal Basis for Processing

Under data protection law, we must have a valid legal basis for processing your personal information. We rely on several bases depending on the context:

  • Contract performance: Processing necessary to deliver the services you've engaged us to provide
  • Legitimate interests: Processing that benefits our business while not overriding your privacy rights, such as fraud prevention or business analytics
  • Legal obligation: Processing required by law, such as tax record retention
  • Vital interests: Processing necessary to protect someone's life or safety
  • Consent: Where you've explicitly agreed to specific processing, such as receiving marketing communications

How We Share Information

Service Providers

We work with carefully selected third parties who help us operate our business. These include payment processors, email service providers, and booking system platforms. These providers only access information necessary to perform their specific function and are contractually obligated to protect your data.

Medical Professionals

With your explicit consent, we may share relevant health information with your GP, physiotherapist, or other healthcare providers when this coordination benefits your care and training outcomes.

Legal Requirements

We may disclose information if required by law, court order, or other legal process, or if we believe disclosure is necessary to protect rights, property, or safety.

Business Transfers

If our business is sold or merged with another company, your information may be transferred to the new owners so they can continue providing services to you. You would be notified of any such change.

We do not sell or rent personal information to third parties for their marketing purposes.

Data Security

We implement appropriate technical and organisational measures to protect personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of sensitive data during transmission
  • Secure storage systems with access controls
  • Regular security assessments and updates
  • Staff training on data protection practices
  • Secure physical premises with controlled access

While we take security seriously and implement robust protections, no system is completely secure. We cannot guarantee absolute security of information transmitted to or stored by us.

Data Retention

We retain personal information only as long as necessary for the purposes for which it was collected or as required by law.

For current clients, we maintain records throughout your relationship with us and for a reasonable period afterwards in case you return to our services. Health and safety records are retained for the periods required by insurance and legal obligations, typically seven years after your last session.

Financial records are kept for the minimum period required by tax law. Marketing consent records are maintained until you withdraw consent or we determine the information is no longer relevant.

When information is no longer needed, it is securely deleted or anonymised so it cannot identify individuals.

Your Rights

Data protection law provides you with several rights regarding your personal information:

Access

You can request a copy of the personal information we hold about you. We'll provide this within one month of your request in most cases.

Correction

If information we hold about you is inaccurate or incomplete, you can ask us to correct it.

Deletion

In certain circumstances, you can request deletion of your personal information. This right is not absolute - we may need to retain some information for legal reasons or legitimate business purposes.

Restriction

You can ask us to restrict processing of your information in specific situations, such as while we investigate an accuracy dispute.

Objection

Where we process information based on legitimate interests, you can object to this processing. We'll stop unless we have compelling legitimate grounds that override your interests.

Portability

For information you've provided to us that we process by automated means based on consent or contract, you can request a copy in a structured, commonly used format or ask us to transfer it to another organisation.

Withdraw Consent

Where processing is based on your consent, you can withdraw that consent at any time. This doesn't affect the lawfulness of processing before withdrawal.

To exercise any of these rights, contact us at [email protected]. We may need to verify your identity before fulfilling your request.

Marketing Communications

If you're an existing client, we may occasionally send information about our services that we think might interest you based on your current programme. You can opt out of these communications at any time by following the unsubscribe link in emails or contacting us directly.

We will not send marketing communications to people who are not current or recent clients unless they have specifically requested this information.

Children's Privacy

Our services are designed for adults. We do work with clients aged 16-17 with appropriate parental consent, and in these cases we ensure a parent or guardian is involved in any decisions about personal information.

We do not knowingly collect information from children under 16 without parental involvement. If you believe we have inadvertently collected such information, please contact us immediately.

International Transfers

We operate in the United Kingdom and primarily store data within the UK. Some of our service providers may process information outside the UK, but only where adequate safeguards are in place to protect your information in accordance with UK data protection standards.

Changes to This Policy

We review this privacy policy periodically and may update it to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify active clients by email. The "last updated" date at the top of this policy indicates when it was most recently revised.

We encourage you to review this policy occasionally to stay informed about how we protect your information.

Questions and Complaints

If you have questions about this policy or our data practices, please contact us at [email protected] or write to us at the address provided above.

If you're not satisfied with our response to a privacy concern, you have the right to lodge a complaint with the Information Commissioner's Office, the UK's data protection supervisory authority. Their website is ico.org.uk.