privacy policy

Introduction

Arise Breathwork is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how your personal information is collected, used, stored and protected when you engage with my services, including 1:1 breathwork sessions, group workshops, retreats, events and online offerings.

This policy applies to clients based in the UK and internationally.

Arise Breathwork is the data controller for the purposes of UK GDPR and the Data Protection Act 2018.

Personal data I collect

I may collect and process the following types of personal data:

  • Contact information such as your name, email address and phone number

  • Booking and payment information relating to sessions, events or services you book

  • Intake form and waiver information, which may include health and wellbeing details relevant to providing breathwork sessions safely

  • Communication records such as emails or messages you send to me

  • Email marketing preferences if you choose to join my mailing list

I only collect information that is necessary to provide my services and to meet legal, insurance and administrative obligations.

How your data is collected

Your data may be collected through:

  • My website and contact forms

  • Acuity Scheduling booking, intake and waiver forms

  • Payment processing through Stripe

  • Email sign up forms via MailerLite

  • Direct communication such as email or social media messages

  • Paper forms completed in person at workshops, retreats, festivals or sessions held at external venues

Lawful basis for processing

Under UK GDPR, I process your personal data on the following lawful bases:

  • Contract where processing is necessary to deliver a session, event or service you have booked

  • Consent where you provide explicit consent, particularly for intake forms, health related information and email marketing

  • Legitimate interest for administration, record keeping and to protect against potential legal claims

  • Legal obligation where required for tax, accounting or insurance purposes

How your data is used

Your personal data is used to:

  • Manage bookings and deliver breathwork sessions and events

  • Communicate with you about sessions, scheduling and relevant information

  • Provide breathwork sessions safely and appropriately

  • Meet legal, insurance and professional obligations

  • Send email marketing communications where you have given explicit consent

Email marketing

If you choose to join my mailing list, your data is stored and managed via MailerLite. You can unsubscribe at any time using the link in any email or by contacting me directly.

Booking a session or event does not automatically subscribe you to marketing emails.

Data sharing and third party services

Your data is stored securely using trusted third party service providers, including:

  • Acuity Scheduling for bookings, intake forms and waivers

  • Stripe for payment processing

  • MailerLite for email marketing

These providers are GDPR compliant and only process your data in accordance with their own privacy policies and data protection obligations.

Your personal data is never sold or shared for marketing purposes.

International clients

I work with clients based outside the UK. Where data is transferred internationally, appropriate safeguards are in place through the use of GDPR compliant service providers.

Data retention

I retain personal data only for as long as necessary for the purpose it was collected.

This includes:

  • Booking and contact information retained for a reasonable period for client support and administration

  • Intake form information retained for a limited period following your last session or series of sessions. If you return after a longer break, you may be asked to complete a new intake form to ensure information is current. Older intake information is securely deleted when no longer necessary

  • Signed waivers and records relating to your participation retained for as long as necessary to meet legal, insurance and safeguarding obligations and to protect against potential claims

  • When data is no longer required, it is securely deleted.

Your rights

Under UK GDPR, you have the right to:

  • Request access to the personal data I hold about you

  • Request correction of inaccurate or incomplete data

  • Request deletion of your data where appropriate

  • Request restriction or object to processing in certain circumstances

  • Request a copy of your data for portability

Please note that some data may need to be retained for legal or insurance reasons even if a deletion request is made.

To exercise any of these rights, please contact me using the details below.

Data security

I take reasonable steps to protect your personal data, including the use of secure systems and trusted third party platforms. Access to client data is limited to what is necessary to deliver my services.

Contact details

If you have any questions about this Privacy Policy or how your data is handled, please contact

Brenna Duncan, Arise Breathwork
Brenna@arisebreathwork.com

Updates to this policy

This Privacy Policy may be updated from time to time to reflect changes in legal requirements or how I operate my business. The most recent version will always be available on my website.