Privacy Policy

Last Updated: 26 February 2026

PRIVACY POLICY Last Updated: 26 February 2026 ArtFitness (“we”, “our”, “us”) is committed to protecting your privacy. This Privacy Policy explains how personal information is collected, used, stored, and disclosed when you visit our website (www.artfitness.co.uk ), book sessions, complete forms, or otherwise interact with our services (collectively, the “Services”). By using our Services, you acknowledge that you have been informed of how your personal data is processed in accordance with this Privacy Policy.

1. Who We Are ArtFitness is operated by: Arturas Bingelis London, United Kingdom Email: hello@artfitness.co.uk Phone: 07943 525435 ArtFitness provides private and group fitness services, including outdoor sessions, personal training, structured walking sessions, and related health and exercise support. ArtFitness is the Data Controller for the purposes of UK data protection law. ArtFitness is registered with the Information Commissioner’s Office (ICO).

2. Definitions Personal Data means any information relating to an identified or identifiable individual. Special Category Data refers to sensitive personal data including health information. Service refers to the website and fitness services provided by ArtFitness. Third-Party Service Provider refers to external companies that provide services such as payment processing, booking systems, analytics, cloud storage, or communication platforms.

    3. What Personal Data We Collect We may collect and process the following categories of personal data, including but not limited to:

  • A. Identity & Contact Information Full name Date of birth Home address Postcode Email address Phone number Emergency contact details Occupation (where relevant to exercise planning)

  • B. Health & Fitness Information (Special Category Data) PAR-Q responses Medical conditions Injury history Medication information GP name and surgery details GP contact information Medical clearance letters NHS number (if visible on documentation) Fitness measurements (e.g. weight, body measurements, heart rate) Exercise history and progress notes We collect only information that is necessary and proportionate for the safe and effective delivery of fitness services. GP letters or medical documentation may contain additional personal data beyond what is required for exercise planning. Where such information is visible, it is processed only insofar as necessary for risk assessment, insurance compliance, legal obligations, or the establishment, exercise, or defence of legal claims.

  • C. Payment Information Transaction details Billing address We do not store full credit or debit card numbers. Payments are processed securely through third-party payment providers.

  • D. Technical Information (Automatically Collected) IP address Browser type Device type Usage data Website interaction data Cookies and similar technologies Additional Voluntarily Provided Information We may also process any additional information that you voluntarily provide to us, whether in writing, verbally, digitally, through third-party platforms, or during consultations, where such information is reasonably necessary for: Safe delivery of fitness services Risk assessment and duty of care Fraud prevention Insurance compliance Legal or regulatory obligations Establishment, exercise, or defence of legal claims Business administration This may include information not specifically listed above where it is relevant, proportionate, and directly connected to the provision of our services. Data Minimisation We do not intentionally collect excessive or irrelevant personal data and will only process personal data that is necessary and proportionate for the purposes outlined in this Policy.

    4. How We Collect Your Information We collect information when you: Visit our website Complete contact or booking forms Book sessions via scheduling platforms Complete health questionnaires (including PAR-Q) Submit GP or medical documentation Communicate via email, phone, or WhatsApp Make payments Subscribe to marketing communications Medical documents submitted physically are securely digitised and physical copies destroyed where appropriate.

    5. How We Use Your Information We use your personal data to: Assess suitability for exercise Deliver fitness services safely Fulfil our duty of care Comply with insurance requirements Prevent fraud or misuse of services Protect our business, clients, and legal rights Process bookings and payments Maintain accurate client records Respond to enquiries Send marketing communications (where consent is given) Improve our website and services Comply with legal and regulatory obligations We will not use your data for purposes incompatible with those listed above. We do not sell or rent your personal data to third parties.

    6. Legal Basis for Processing (UK GDPR) We rely on the following lawful bases: Consent – for health data and marketing communications Contract – to deliver booked services Legal obligation – insurance and regulatory compliance Legitimate interests – business administration, fraud prevention, legal protection, and service improvement Special category health data is processed under Article 9(2)(a) (explicit consent) and/or Article 9(2)(f) where processing is necessary for the establishment, exercise, or defence of legal claims. You may withdraw consent at any time where applicable.

    7. Special Category (Health) Data Health information is processed strictly for: Exercise safety Risk management Insurance compliance Legal protection Health data is never used for marketing purposes. Enhanced safeguards are applied to protect medical documentation. 8. Third-Party Service Providers We may use reputable third-party providers including: Booking platforms (e.g. Calendly) Cloud storage providers (e.g. Google services) Communication platforms (e.g. WhatsApp Business) Payment processors (e.g. Stripe, Square, SumUp) Analytics providers Communications via WhatsApp or other messaging platforms may involve data processing by those providers in accordance with their own privacy policies. These providers may process data on our behalf in accordance with applicable data protection laws.

    9. International Data Transfers Where personal data is transferred outside the United Kingdom, appropriate safeguards are implemented in accordance with UK GDPR, including reliance on adequacy regulations or approved contractual safeguards where applicable.

    10. Data Retention Client records, including health documentation and GP letters, are retained for: Up to 6 years after your last session, in accordance with industry standards and insurance requirements. We may retain data for longer where required by law, regulatory obligation, or where necessary for the establishment, exercise, or defence of legal claims.

    11. Data Security We implement appropriate technical and organisational security measures including: Secure cloud storage Password-protected systems Biometric-secured devices Restricted access to client information Secure destruction of physical documents While reasonable steps are taken to protect your personal data, no method of transmission over the internet or electronic storage can be guaranteed to be completely secure.

    12. Automated Decision-Making We do not carry out automated decision-making or profiling that produces legal or similarly significant effects on individuals.

    13. Your Rights Under UK GDPR You have the right to: Access your personal data Request correction Request erasure (where legally permissible) Restrict processing Object to processing Request data portability We may request verification of your identity before responding to data requests. You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters. We encourage you to contact us first to resolve any concerns. Requests can be made via: hello@artfitness.co.uk

    14. Business Transfers In the event that ArtFitness is reorganised, sold, or transferred, personal data may be transferred as part of that business transaction, subject to applicable data protection laws.

    15. Cookies We use cookies and similar technologies to: Operate and secure our website Analyse traffic Improve user experience You can control cookies through your browser settings.

    16. Children’s Privacy Our services are intended for adults. We do not knowingly collect personal data from individuals under the age of 16 without parental or guardian consent.

    17. Changes to This Privacy Policy We may update this Privacy Policy from time to time. Updates will be published on this page with a revised “Last Updated” date.

    18. Contact Us If you have any questions regarding this Privacy Policy or your personal data, please contact: Email: hello@artfitness.co.uk Phone: 07943 525435