Privacy Policy

Last updated: 22/05/2025

J B Pearce T/a The Treatment Studios ("we", "us", "our", or "The Treatment Studios") is committed to protecting your privacy and the personal information we collect. This privacy policy outlines our practices concerning the collection, use, and protection of your data when you use our website and services.

By using our website and services, you agree to the collection and use of information in accordance with this policy. We will not use or share your information with anyone except as described in this Privacy Policy.

We use your personal data to provide and improve our services. This Privacy Policy applies to all users of our website and services and forms part of our Terms of Use.

We collect various types of information to provide and improve our services to you. The information we collect includes:

1.1 Personal Information

• Full name
• Business name
• Contact number
• Email address
• Professional services you provide
• Professional biography
• Profile photo (if provided)
• Booking link (if provided)

1.2 Payment Information

When you make bookings through our platform, we collect payment information through our payment processor, Stripe. This includes:

• Stripe customer ID
• Default payment method ID
• Deposit payment information

We do not store your complete credit card details on our servers. This information is processed securely by our payment processor.

1.3 Booking Information

When you make a booking, we collect:

• Booking dates and times
• Session type
• Treatment room selected
• Payment status
• Discount codes used (if any)

1.4 Interest Form Information

If you submit an interest form, we collect:

• Full name
• Email address
• Business name
• Practice type
• Experience information
• Space requirements
• Facility needs
• Timeline preferences
• Any questions or comments you provide

1.5 Usage Data

We may also collect information on how you access and use our website, including:

• Your IP address
• Browser type and version
• Pages visited and time spent on those pages
• Time and date of your visit
• Other diagnostic data

We use the information we collect for various purposes, including:

2.1 Providing Our Services

• To process and manage your treatment room bookings
• To create and maintain your user account
• To process payments and handle deposits
• To provide access to our treatment rooms
• To apply discount codes to your bookings

2.2 Communication

• To send booking confirmations and access details
• To send payment receipts and invoices
• To send booking reminders
• To respond to your enquiries and support requests
• To notify you about changes to our services

2.3 Improving Our Services

• To analyse usage patterns and improve our website
• To develop new features and services
• To monitor the effectiveness of our booking system
• To troubleshoot technical issues

2.4 Legal Compliance

• To comply with legal obligations
• To enforce our Terms of Use
• To protect our rights, property, or safety, and that of our users
• For tax and accounting purposes

We will not use your personal information for marketing purposes without your explicit consent. We do not sell, rent, or lease your personal information to third parties.

We use Stripe, a secure third-party payment processor, to handle all financial transactions on our platform. When you make a booking, your payment information is processed as follows:

3.1 Payment Information

When you provide payment details:

• Your card details are securely transmitted directly to Stripe
• We do not store your complete card details on our servers
• We store only a reference to your payment method (payment method ID) provided by Stripe
• We store your Stripe customer ID to process future payments

3.2 Payment Processing

Our payment process works as follows:

• When you make a booking, you commit to the full payment
• Payment is processed automatically through our system on the day after the booking
• For new practitioners, a one-time £65 deposit is required
• All payments include VAT at the current rate (20%)
• Receipts and invoices are sent via email

3.3 Payment Security

To ensure the security of your payment information:

• All payment transactions are encrypted using industry-standard SSL technology
• Stripe maintains PCI DSS compliance for secure handling of card information
• Access to payment information is strictly limited to authorised personnel

By using our services, you agree to Stripe's Services Agreement and Privacy Policy, which can be found on their website.

We may share your personal information in the following circumstances:

4.1 Service Providers

We share your information with third-party service providers who help us operate our business and deliver services to you:

• Stripe for payment processing
• Clerk for authentication services
• Email service providers for sending transactional emails
• Database hosting providers

These service providers are only permitted to use your information as necessary to provide services to us and are required to maintain the confidentiality of your information.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

4.3 Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information.

4.4 With Your Consent

We may share your information with third parties when we have your consent to do so.

We do not sell, rent, or lease your personal information to third parties. We do not share your information with third parties for marketing purposes.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

5.1 Security Measures

Our security measures include:

• Encryption of data in transit and at rest
• Secure authentication through Clerk
• Regular security assessments and updates
• Restricted access to personal data on a need-to-know basis
• Regular backups to prevent data loss

5.2 Data Protection Compliance

We comply with applicable data protection laws and regulations, including:

• The UK Data Protection Act 2018
• The UK General Data Protection Regulation (UK GDPR)

5.3 Data Breach Procedures

In the event of a data breach that affects your personal information:

• We will notify you promptly if there is a high risk to your rights and freedoms
• We will notify the relevant supervisory authority within 72 hours, where feasible
• We will provide information about the breach and steps we are taking to address it

While we implement safeguards to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

We retain your personal information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

6.1 Retention Periods

We retain different types of data for different periods:

• Account information: For as long as your account is active
• Booking information: For at least 7 years for tax and accounting purposes
• Payment information: For as long as needed to process payments and handle disputes
• Interest form submissions: For up to 2 years
• Usage data: For up to 2 years

6.2 Account Closure

When you close your account:

• We will delete or anonymise your personal information within 30 days
• We may retain certain information as required for legal or legitimate business purposes
• Information shared with third-party services may be retained according to their policies

If you wish to request deletion of your data before these retention periods expire, please contact us using the details provided in the "Contact Us" section.

Under data protection laws, you have several rights regarding your personal information:

7.1 Right to Access

You have the right to request copies of your personal information. We may charge a small fee for this service if the request is clearly unfounded, repetitive, or excessive.

7.2 Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

7.3 Right to Erasure

You have the right to request that we erase your personal information, under certain conditions. This may be subject to legal retention requirements.

7.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal information, under certain conditions.

7.5 Right to Data Portability

You have the right to request that we transfer the data we have collected to another organisation, or directly to you, under certain conditions.

7.6 Right to Object

You have the right to object to our processing of your personal information, under certain conditions.

7.7 How to Exercise Your Rights

To exercise any of these rights, please contact us using the details provided in the "Contact Us" section. We will respond to your request within one month.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.

Cookies are small files that are placed on your device when you visit our website. They help us provide you with a better experience and enable certain features of our website to function properly.

8.1 Types of Cookies We Use

We use the following types of cookies:

• Essential cookies: These are necessary for the website to function properly and cannot be switched off in our systems.
• Functional cookies: These enable enhanced functionality and personalisation, such as remembering your preferences.
• Analytics cookies: These help us understand how visitors interact with our website by collecting and reporting information anonymously.
• Authentication cookies: These help us identify you when you log in to our website.

8.2 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can usually find these settings in the "Options" or "Preferences" menu of your browser. You can also set your browser to reject all cookies, but this may affect the functionality of our website.

For more information about cookies and how to control them, visit www.allaboutcookies.org.

Our website and services integrate with third-party services to provide specific functionalities. These third parties may collect and process your personal information according to their own privacy policies.

9.1 Authentication Services

We use Clerk for authentication and user management. When you sign up or log in to our website, Clerk collects and processes your information according to their privacy policy.

9.2 Payment Processing

As mentioned in Section 3, we use Stripe for payment processing. Stripe collects and processes your payment information according to their privacy policy.

9.3 Email Services

We use email service providers to send transactional emails, such as booking confirmations and payment receipts. These providers process your email address and related information according to their privacy policies.

We recommend reviewing the privacy policies of these third-party services to understand how they collect, use, and protect your information.

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.

We will notify you of any significant changes by:

• Posting a notice on our website
• Sending an email to the address associated with your account
• Updating the "Last updated" date at the top of this Privacy Policy

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

• By email: contact@treatmentstudios.co.uk
• By post: Elton Farm, Wells Road, Bristol, BS41 8LR

For data protection matters, you can also contact our Data Protection Officer at the same address.