Privacy Policy

Last updated: 27/9/2025

This Privacy Policy explains how we collects, uses, and protects your information when you visit Our Website, create an account, book classes, or purchase packages.

Information we collect

  • Account & Contact Data: name, email, phone number, password (hashed), profile preferences.
  • Verification (OTP): your email to send one-time passcodes (“OTP”) during signup/checkout.
  • Booking & Purchase Data: packages purchased, bookings and attendance, credits used, payment status.
  • Payment Data: we use Stripe for card processing. We do not store full card numbers. Stripe collects and processes payment info (see “Third-party processing” below).
  • Device & Usage Data: IP address, browser type, pages visited, and actions on our site (for security and to improve the service).
  • Cookies & Similar Tech: session cookies, preferences, security cookies, and OTP verification cookies

Why we process your data

  • Provide our services (create your account, take bookings, deliver packages).
  • Process payments and prevent fraud.
  • Send OTP codes and service messages (booking updates, receipts).
  • Operate, protect, and improve our website.
  • Comply with legal and tax obligations.
  • With your consent (e.g., optional marketing emails—unsubscribe anytime).

Cookies

  • We use essential cookies for login sessions and OTP verification, plus functional and analytics cookies to improve performance. You can manage cookies in your browser, but essential cookies are required for core features (login, checkout).

Third-party processing

  • Stripe (Payments): card data is processed by Stripe. Stripe is PCI-DSS compliant and may use 3D Secure. See Stripe’s privacy policy for details.
  • Email & Communications: we use hostinger mail smtp to send OTP codes, receipts, and service notices.
  • Analytics / Anti-fraud: we may use basic analytics or security tools to protect accounts and monitor performance.

Data retention

  • Account and booking records: retained while your account is active and as required for legal/tax reasons.
  • OTP verification logs: short-term to prevent abuse (30 minutes).
  • Support communications: for as long as needed to resolve issues and maintain records.

Your rights

  • Access, correct, or delete your data.
  • Object to or restrict certain processing.
  • Withdraw consent for marketing at any time.
  • Request a copy of your data.

Security

  • We use industry-standard safeguards (encryption in transit, access controls, hashed passwords). No method is 100% secure; please use a strong, unique password and keep your account details safe.