top of page

Privacy Statement

 

This Privacy Statement explains how Rhys | Fitness and Nutrition (referred to as "we," "us," or "our") collects, uses, and protects your personal information. We are committed to protecting your privacy and handling your data in an open and transparent manner.

 

1. Who We Are

 

Rhys | Fitness and Nutrition is a sole proprietorship. For the purpose of data protection laws, Rhys is the Data Controller responsible for your personal data.

 

2. What Information We Collect

 

We collect and process the following types of personal data:

  • Contact Information: Name, email address, phone number, and physical address.

  • Booking and Payment Data: Details of the services you book, payment information (processed securely through our third-party payment provider), and transaction history. We do not store your full card details.

  • Health and Fitness Data: Information provided by you through our Physical Activity Readiness Questionnaire (PAR-Q), including your medical history, health conditions, injuries, and fitness goals. This is considered "special category" data under UK GDPR, and we handle it with the utmost care.

  • Correspondence Data: Information you provide when communicating with us via email, phone, or our website's contact form.

  • Website Usage Data: Information about how you use our website, collected through cookies and analytics tools (e.g., your IP address, browser type, and pages visited).

 

3. How We Use Your Information

 

We use your personal data for the following purposes and on the following legal bases:

  • To Provide Our Services: To manage your bookings, conduct sessions, and provide personalized training and massage therapy.

    • Legal Basis: Performance of a contract with you.

  • To Communicate with You: To send booking confirmations, session reminders, and respond to your inquiries.

    • Legal Basis: Performance of a contract with you and our legitimate interests in providing good customer service.

  • For Health and Safety: To assess your physical readiness for our services and to ensure your safety during training and massage sessions.

    • Legal Basis: Your explicit consent for "special category" data, and to protect your vital interests.

  • For Business Management: To process payments, maintain accurate records, and analyze website usage to improve our services.

    • Legal Basis: Our legitimate interests in running our business effectively.

  • For Marketing: To send you information about new services, promotions, and updates, but only if you have given us your explicit consent.

    • Legal Basis: Your explicit consent. You can withdraw your consent at any time.

 

4. How We Share Your Information

 

We will not share your personal data with any third parties without your explicit consent, except in the following circumstances:

  • Service Providers: We use third-party services to operate our business, such as our online booking system and payment processor. These providers are bound by their own privacy policies and are required to keep your data secure.

  • Legal Obligations: We may disclose your information if required to do so by law (e.g., to a government authority or court).

 

5. How We Store and Protect Your Information

 

We take the security of your data seriously. We have implemented technical and organizational measures to protect your personal information from unauthorized access, use, or disclosure. All personal data is stored securely and is only accessible by authorized personnel.

 

6. Your Rights

 

Under UK data protection law, you have the following rights:

  • The Right to Be Informed: To be informed about how we collect and use your data. This Privacy Statement serves that purpose.

  • The Right of Access: To request a copy of the personal data we hold about you.

  • The Right to Rectification: To have inaccurate or incomplete data corrected.

  • The Right to Erasure (the "right to be forgotten"): To request the deletion of your personal data where there is no good reason for us to continue processing it.

  • The Right to Restrict Processing: To ask us to suspend the processing of your personal data in certain circumstances.

  • The Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format.

  • The Right to Object: To object to the processing of your data in certain circumstances, including for direct marketing.

If you wish to exercise any of these rights, please contact us using the details below.

 

7. How to Contact Us

 

If you have any questions about this Privacy Statement or our data practices, please contact us at:

info@rhys-fn.com

07855055449

8. Changes to This Privacy Statement

 

We may update this Privacy Statement from time to time. The updated version will be posted on this page, and we will notify you of any significant changes.

Last Updated: 19 September 2025

bottom of page