At Ascend Wellness Co we are committed to protecting and respecting your privacy. This policy explains how we collect, use, and protect the personal information you provide when you visit our website or use our services.
We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Information We Collect
We may collect the following types of personal information from you:
- Identity and contact details: name, address, email address, phone number
- Health information: medical history, treatment records, consultation notes (relevant to aesthetics, personal training, sports massage, gait analysis, and wellness services)
- Payment information: necessary for processing payments for services
- Website usage data: collected through cookies (see Cookie Policy), including IP address, browser type, and pages visited
- Communication data: emails, contact forms, social media messages
2. How We Use Your Information
We use your personal information to:
- Provide our services (personal training, aesthetics, sports massage, gait & biomechanics analysis, IV therapy, longevity blood testing)
- Manage your appointments and treatment plans
- Personalise your client experience
- Respond to your enquiries and provide customer support
- Process payments and manage invoices
- Maintain necessary records for legal and insurance purposes
- Send you relevant updates about our services (with your consent)
3. Legal Basis for Processing
We process your personal data under the following legal bases:
- Consent: when you give us permission to contact you or process sensitive data (health-related information)
- Contract: to fulfil the services you have booked with us
- Legal obligation: to comply with applicable laws and regulations (such as maintaining treatment records)
- Legitimate interests: to operate and improve our business
4. Data Sharing
We do not sell your data.
We may share your information with:
- Our secure payment processing providers
- Our booking and client management systems (secure and GDPR-compliant)
- Medical professionals where necessary and with your consent (e.g. if treatment suitability requires referral)
- Legal or regulatory authorities where required by law
5. Data Retention
We retain your personal data for as long as necessary to:
- Provide services to you
- Meet legal and insurance requirements (typically 7 years for treatment records)
- Fulfil our business obligations
6. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including secure systems, password protection, and encrypted storage where required.
7. Your Rights
You have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request erasure of your data where appropriate
- Object to or restrict certain types of processing
- Withdraw your consent at any time (where processing is based on consent)
- Lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has not been handled correctly
8. Cookies
Our website uses cookies to improve user experience. Please see our separate Cookie Policy for more information.
9. Third-Party Links
Our website may include links to third-party websites. We are not responsible for their privacy practices or content. We encourage you to read their privacy policies.