Privacy Policy for Seitou Ryu Karate
Effective Date 01/01/2025
Seitou Ryu Karate is committed to protecting the privacy and security of your personal data. This policy explains how we collect, use, store, and protect your information in compliance with GDPR, the UK Data Protection Act 2018, and other relevant laws. It also outlines your rights regarding your data.
1. Information We Collect
We collect and process the following types of personal information:
For Club Members:
Name and date of birth of the member
Email address and phone number
Address
Payment details
Emergency contact details
Medical information disclosed by the member or, for members under 18, by their parent/guardian
For Enquiries:
Name and, where relevant, the child’s name and age
Email address and phone number
Additional information disclosed, including medical information related to physical or mental health conditions
2. How We Collect Your Data
We collect your data through the following methods:
Online and paper forms
Email and SMS communication
Social media platforms (e.g., Facebook, Instagram, TikTok)
WhatsApp messages
Trial booking systems
3. Retention of Data
Member and enquiry data is kept until it is no longer required for the purposes for which it was collected, or unless consent is withdrawn, whichever occurs sooner. We periodically review and securely delete or anonymise data that is no longer necessary.
4. Lawful Basis for Processing Data
We process your personal data based on the following lawful grounds:
Consent: For marketing communications or the use of disclosed medical information.
Contractual Necessity: To manage memberships, bookings, and payments.
Legal Obligations: To maintain financial records and comply with health and safety requirements.
Legitimate Interests: To manage club operations, provide training updates, and organise events.
5. How We Use Your Data
Your data is used for:
Managing class bookings and schedules
Contacting you about training sessions, events, and relevant notifications
Processing payments and managing memberships
Internal record-keeping
Marketing (email updates, newsletters, promotional offers)
We do not use personal identifying information for targeted advertising campaigns. Demographic data (age, gender, location) may be used for generalised advertising but does not include any individual identifiers.
6. Sharing of Data
We may share your data with:
Payment providers (GoCardless, Stripe, PayPal) for payment processing
Martial Arts Great Britain (MAGB) for managing members’ direct debit payments
We do not sell, trade, or share your data with third parties for marketing purposes.
7. Data Storage
Physical records are securely stored in locked locations.
Digital data is encrypted, password-protected, and stored on cloud services, including Dropbox, Google Drive, and our Club Manager CRM.
Some data may be stored on secure servers outside the UK/EU. Where this occurs, we ensure compliance with GDPR through appropriate safeguards, such as Standard Contractual Clauses.
8. How We Protect Your Data
We take the following measures to ensure your data is secure:
Encryption of all digital records
Password-protected access to systems
Physical storage is locked and accessible only to authorised personnel
Limited access to sensitive data by staff
9. Members’ and Enquirers’ Rights
You have the following rights regarding your data:
Access: Request access to your data at any time.
Correction: Request corrections to inaccurate or incomplete data.
Deletion: Request that your data be deleted, subject to legal retention requirements.
Withdrawal of Consent: Withdraw consent for specific uses, such as marketing communications.
To exercise your rights, please contact us via email at [email protected] or [email protected].
10. Cookies
Our website uses standard cookies to enhance user experience. We do not use tracking technologies such as Facebook Pixel or Google Tag Manager.
11. Children’s Data
For members under 18 years old, we process personal data only with the consent of their parent or guardian. This includes health and emergency contact information to ensure the safety of the member during training. All children’s data is treated with the same level of security as adult data.
12. Photos and Videos
We may use photos or videos of training sessions or events for promotional purposes on our website, social media, or marketing materials. Consent is sought from members or, for minors, their parent/guardian before any identifiable images are used. You can withdraw consent for the use of images at any time by contacting us.
13. Data Breach Protocol
In the unlikely event of a data breach, we will:
Notify affected individuals within 72 hours where there is a risk to their rights and freedoms
Take immediate action to secure data and prevent further breaches
Report the breach to the Information Commissioner’s Office (ICO) if required
14. Legal Compliance
Seitou Ryu Karate complies with:
GDPR (General Data Protection Regulation)
UK Data Protection Act 2018
Platform-specific rules and codes of conduct for Facebook, Instagram, TikTok, Google Ads, YouTube, and other social media platforms.
15. Complaints
If you have concerns about our data practices, you can contact us directly. If unresolved, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):
Website: https://ico.org.uk
Phone: 0303 123 1113
16. Updates to This Policy
We may update this policy from time to time to reflect changes in regulations or our data practices. Any updates will be communicated via email and posted on our website.
Contact Information
For any privacy-related queries, please contact us:
Email: [email protected] or [email protected]
Phone: 07899 827 476 or 07921 066 153