Privacy Policy

Last updated: 3 January 2026

This Privacy Policy explains how The Stirland Approach ("we", "us", "our") collects, uses, stores, and shares personal information when you visit our website, enquire, book a session, join a membership, or take part in our classes.

We are committed to handling your information responsibly and in line with UK data protection law (including the UK GDPR and the Data Protection Act 2018).

1. Who we are

Business name: The Stirland Approach
Contact email: thestirlandapproach@gmail.com
Business address: The Old Stables, Unit 7 Bow Street Centre, Guisborough TS14 6PR

If you have questions about this policy or your data, email us at: thestirlandapproach@gmail.com

2. What information we collect

We may collect the following types of personal information:

Information you provide

  • Name, email address, phone number

  • Booking details (session type, date, time)

  • Membership details

  • Information you share through enquiry forms

  • Information you share during onboarding or intake (for example, goals, injury history, movement background)

Information collected automatically

  • Device and browser information

  • Pages you visit and how you use the site

  • Approximate location (based on IP address)

  • Cookies and similar tracking data (see Cookies section)

Payment information
We do not typically store full card details on our own systems. Payments are handled by our payment and booking providers (see “Third-party services”).

3. How we use your information

We use your information to:

  • Respond to enquiries and communicate with you

  • Provide services you book or purchase

  • Manage bookings, memberships, and attendance

  • Send important service updates (for example, timetable changes)

  • Improve our website and user experience

  • Maintain records for admin, accounting, and legal purposes

  • With your permission, send marketing emails (you can opt out at any time)

4. Our lawful bases for processing

Under UK GDPR, we rely on these lawful bases:

  • Contract: to deliver sessions, classes, and memberships you book

  • Legitimate interests: to run and improve our services, prevent misuse, and maintain admin records

  • Consent: for marketing emails and certain cookies, where required

  • Legal obligation: for tax, accounting, and regulatory requirements

5. Health and special category data

Some information you share with us may relate to health (for example, injury history). This is treated as special category data.

We only collect and use this information where it is necessary to provide coaching safely and appropriately, and we handle it carefully with restricted access.

6. Cookies and analytics

Our website may use cookies and similar technologies to:

  • Make the site work properly

  • Remember preferences

  • Understand how people use the site (analytics)

  • Support marketing or advertising (only if enabled and where required)

You can control cookies through your browser settings and, where available, the cookie banner/manager on the site.

7. Third-party services we use

We may use trusted providers to run the website and deliver services. Depending on how your site is set up, these can include:

  • Squarespace (website hosting, forms, memberships)

  • Acuity Scheduling (bookings, class scheduling)

  • Payment providers such as Stripe and/or PayPal (payments)

  • Email marketing such as Mailchimp (if used for newsletters)

  • Analytics such as Google Analytics (if enabled)

These providers may process personal data on our behalf. They are responsible for their own compliance and security measures, and we only use reputable services.

8. How we share your information

We do not sell your personal information.

We may share information:

  • With the service providers listed above to operate the business

  • If required by law, regulation, or legal process

  • If needed to protect our rights, safety, or property (or the safety of others)

9. How long we keep your information

We keep personal data only for as long as necessary, including:

  • For the duration of your relationship with us (bookings or membership)

  • For a reasonable period afterwards for admin and support

  • For longer where required by law (for example, financial records)

If you want more detail on retention for a specific type of data, contact us.

10. Your rights

You have rights under UK GDPR, including:

  • Access to your personal data

  • Correction of inaccurate data

  • Deletion of your data (in certain situations)

  • Restriction or objection to processing (in certain situations)

  • Data portability (in certain situations)

  • Withdrawal of consent (where processing is based on consent)

To exercise your rights, email [insert email address].

11. International transfers

Some of our providers may store or process data outside the UK. Where this happens, appropriate safeguards should be in place (for example, recognised transfer mechanisms).

12. Security

We take reasonable steps to protect your personal data. No system is fully risk-free, but we work to keep data secure and limit access to those who need it.

13. Complaints

If you are unhappy with how we handle your data, please contact us first. You can also complain to the UK Information Commissioner’s Office (ICO).

14. Changes to this policy

We may update this policy occasionally. The “Last updated” date will always show the newest version.