PRIVACY POLICY

Effective Date: 20/7/2024

Introduction

Welcome to Thermal Wellness. Your privacy is crucial to us. This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website (the "Site") or use our services. By using our Site and services, you consent to the collection and use of information in accordance with this Privacy Policy.

**1. Information We Collect

We may collect and process the following types of personal data:

  • Personal Identification Information: Includes name, email address, phone number, and other contact details provided when you book our services, sign up for our newsletter, or contact us.

  • Booking Information: Details of appointments or sessions booked through our Site, including date, time, and type of service.

  • Payment Information: Payment details, such as credit/debit card information, processed securely by our payment gateway provider.

  • Usage Data: Information about how you use our Site, including IP address, browser type, pages visited, and time spent on our Site.

  • Technical Data: Data collected through cookies and similar tracking technologies to enhance user experience and analyse Site usage.

**2. How We Use Your Information

We use your personal data for the following purposes:

  • Service Delivery: To process bookings, manage appointments, and provide the services you request.

  • Communication: To send you confirmations, updates, promotional materials (if you have opted in), and respond to inquiries.

  • Payment Processing: To process payments and manage billing securely.

  • Improvement: To analyse Site usage and improve our services and user experience.

  • Compliance: To comply with legal obligations, enforce our Terms of Service, and protect our rights.

**3. Legal Basis for Processing

Under the GDPR, we process your personal data based on the following legal grounds:

  • Consent: Where you have given explicit consent for specific purposes, such as receiving marketing communications.

  • Contract: To fulfill our contractual obligations to you, including processing bookings and providing services.

  • Legitimate Interests: For purposes that are in our legitimate interests, such as improving our services and analyzing Site usage.

  • Legal Obligation: To comply with legal obligations, such as tax and accounting requirements.

**4. Data Sharing and Disclosure

We may share your personal data with:

  • Service Providers: Third-party vendors who assist us in operating our Site, processing payments, and delivering services. These providers are bound by confidentiality agreements and are only permitted to use your data for the purposes specified by us.

  • Legal Authorities: When required to comply with legal obligations, regulations, or in response to lawful requests from government authorities.

  • Business Transfers: In the event of a merger, acquisition, or other business transition, your data may be transferred to the acquiring entity.

**5. Data Security

We implement robust technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the Internet or electronic storage is entirely secure, and we cannot guarantee absolute security.

**6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Once your data is no longer needed, we will securely delete or anonymize it.

**7. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Access: The right to request a copy of the personal data we hold about you.

  • Rectification: The right to request that we correct any inaccurate or incomplete data.

  • Erasure: The right to request the deletion of your personal data under certain conditions.

  • Restriction: The right to request that we restrict the processing of your data under certain conditions.

  • Portability: The right to receive your data in a structured, commonly used format and to transfer it to another data controller.

  • Objection: The right to object to the processing of your data for specific purposes, including direct marketing.

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below.

**8. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies to enhance user experience and analyze Site usage. You can control cookies through your browser settings, but disabling cookies may affect the functionality of our Site. For more information, please refer to our Cookie Policy.

**9. Third-Party Links

Our Site may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

**10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Any changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Policy periodically for any changes.

**11. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at:

  • Email: info@thermal.healht

  • Phone: +44 (0)7564041148

  • Address: Thermal, Located within Everyday Athlete Gym, Unit 18, 100 Borron Street, Port Dundas, Glasgow, G4 9XG

**12. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection authority. You can contact the ICO at www.ico.org.uk.