Privacy policy.


Flo. Pilates Studio Limited (“we”, “us”, or “our”) is committed to protecting and respecting your privacy. This policy explains how we collect, use, and safeguard your personal information in compliance with the UK General Data Protection Regulation (UK GDPR).

1. Who We Are

  • Business Name: Flo. Pilates Studio Limited

  • Studio Address: Unit 8, The Corn Exchange, Belper, Derbyshire DE56 1FZ

  • Contact Email: hello@we-are-flo.com

2. What Personal Data We Collect

We may collect and process the following types of personal data:

  • Name

  • Email address

  • Phone number

  • Date of birth

  • Health-related information (where relevant for class participation)

  • Booking and payment history

  • Marketing preferences

3. How We Collect Your Data

We collect your information when you:

  • Book a class or service via our website or booking platform (e.g., Mindbody or equivalent)

  • Sign up to our newsletter or marketing list

  • Fill out a contact or waiver form in-studio or online

  • Communicate with us via email, phone, or social media

4. Why We Collect Your Data

We use your personal information for the following purposes:

  • To manage your bookings and payments

  • To send you class confirmations, reminders, and updates

  • To provide customer support

  • To deliver marketing emails (if you have opted in)

  • To comply with legal obligations (e.g., health and safety, insurance requirements)

5. Legal Bases for Processing

We process your data based on the following lawful grounds:

  • Contractual necessity – to manage your bookings and payments

  • Consent – for marketing communications

  • Legal obligation – for compliance with regulations

  • Legitimate interest – to improve our services and respond to your inquiries

6. Sharing Your Data

We only share your data with trusted third parties when necessary:

  • Our booking and payment provider (e.g., Mindbody or an equivalent system)

  • Email marketing platforms (e.g., Mailchimp or equivalent, if used)

  • Professional advisors, legal authorities, or regulatory bodies where legally required

We never sell your personal data.

7. Data Retention

We keep your personal data for as long as necessary:

  • Booking history and payment records: up to 6 years

  • Marketing contact details: until you unsubscribe

  • Health forms or waivers: as required for legal and insurance compliance

8. Your Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you

  • Request correction of any inaccurate data

  • Request erasure of your data (“right to be forgotten”)

  • Object to or restrict how we process your data

  • Withdraw consent for marketing at any time

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

9. Cookies

We may use cookies to improve your website experience. You’ll be informed and given the option to accept or reject cookies when visiting our site (a cookie policy will be provided if tools like Google Analytics or Meta Pixel are used).

10. Updates to This Policy

We may update this policy from time to time. Any changes will be posted on this page with an updated date.