Information about data for the new GDPR legislation.

25th May 2018.

If you have attended or enquired about a class / workshop / teacher training, redkiteyoga holds information about you in a maximum of four areas. 

1. On paper, stored securely.  Your name, email address, phone number and details of any injuries or health conditions. Your next of kin + their phone number and where you heard about us. This is the paper form you will have filled in when you attended your first class.  If you attended pregnancy yoga, this form also contains details about your pregnancy and health in more depth. Legally, this information needs to be stored securely for 7 years and then will be destroyed. The contact data is used to get in touch with you in case of important service matters e.g. class cancellation or changes to redkiteyoga.  The health data is used to ensure the class you are attending is appropriate / safe for you and to support the teacher in modifying poses where necessary in case of injury or condition. The next of kin would only be used in an emergency relating to your health whilst attending class. IF you ticked YES to be added to the newsletter when you filled in this new student form, please also see redkiteyoga newsletter paragraph directly below.

2. If you have signed up to the redkiteyoga newsletter (via paper form when you attended your first class, website enquiry form or telling us verbally or via email you wish to be added) some data is held about you in Mailchimp (marketing tool for small businesses). This includes email address and possible first and last name. If you filled in an enquiry form, there is also the text from your original enquiry.  This is digital information, password protected to owner + 1 administrator.  The only data used by redkiteyoga here is the email address to send newsletters (1 a month or less) with either important general information or to advertise and share upcoming workshops and events. Your name is only used to search and find you in the list within mailchimp. I never share or sell any email addresses.

For mailchimp's privacy policy please see section 3, privacy for contacts, on their website at https://mailchimp.com/legal/privacy/

3. MomoYoga booking system. This applies if you have booked and paid for a class, workshop or event online.  We hold a minimum of name, email address and class credits purchased plus classes you have attended/ not attended. If you chose to include other information such as age, picture and phone number these are stored too.  This is digital information, password protected to owner + 2 administrators. Here’s momoyoga’s privacy info https://www.momoyoga.com/en/privacy

4. Card payments to Momo are processed by Stripe.com, Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.  and you can read more here https://stripe.com/docs/security/stripe When you make a payment via Stripe / Momo, Stripe collects the following transaction information (from Stripe website at https://stripe.com/gb/privacy) : credit or debit card number (displays only last 4 digits), purchase amount, date/time of purchase, and payment method plus email address.

Kate Theodoulou

Founder, redkiteyoga

If you would like more information on any of the above, please email me at kate@redkiteyoga.co.uk