Privatlivspolitik

Nordisk Pilates Studio

Privacy Policy for Nordisk Pilates Studio

Effective date: 1 April 2026

1. Introduction and Company Information

This Privacy Policy explains how Nordisk Pilates Studio collects, uses, stores, shares, and protects personal data when you visit our studio, use our services, contact us, or otherwise interact with us.

Data controller: Nordisk Pilates Studio
Address: Bredgade 23, 1260 København K, Denmark
Email: [email protected]
Phone: +45 32 84 76 19

We provide Pilates-related services, including class bookings, memberships, private sessions, customer communication, and related studio operations.

2. Data Collection and Processing

We may collect and process the following categories of personal data:

  • Identification and contact data: name, email address, phone number, postal address, and emergency contact details where relevant.
  • Booking and account data: class reservations, attendance records, membership details, purchase history, and communication preferences.
  • Payment data: payment status, transaction references, and limited billing information. We generally do not store full card details if payments are processed by third-party payment providers.
  • Health-related information: information you voluntarily provide about injuries, physical limitations, pregnancy, medical conditions, or other matters relevant to safe participation in Pilates sessions.
  • Technical data: IP address, device information, browser type, and website usage data if you use our website or online booking tools.
  • Communication data: emails, messages, feedback, complaints, and other correspondence.

We collect personal data directly from you, through our booking systems, through payment providers, and from other sources where necessary and lawful.

3. Purpose of Data Processing

We process personal data for the following purposes:

  • To manage bookings, memberships, class attendance, and studio administration.
  • To provide Pilates instruction and related services safely and appropriately.
  • To communicate with you about appointments, schedule changes, payments, and customer support.
  • To process payments, invoices, refunds, and accounting records.
  • To assess suitability for participation where health information is relevant to safe training.
  • To improve our services, operations, and customer experience.
  • To comply with legal obligations, including accounting, tax, and record-keeping requirements.
  • To protect our rights, prevent fraud, and maintain the security of our systems and premises.
  • To send marketing communications where permitted and, where required, with your consent.

4. Legal Basis for Processing

We process personal data only where we have a lawful basis under applicable privacy law, including where relevant:

  • Performance of a contract: to provide classes, memberships, private sessions, and related services.
  • Legal obligation: to comply with accounting, tax, consumer, and other statutory requirements.
  • Legitimate interests: to operate and improve our business, communicate with customers, maintain security, and manage studio operations, provided these interests are not overridden by your rights and freedoms.
  • Consent: for certain marketing activities, optional health information, cookies where required, and other situations where consent is the appropriate legal basis.
  • Vital interests: in rare situations where processing is necessary to protect someone’s life or physical safety.

Where we process health-related information, we do so only when necessary for safe participation, and typically based on your explicit consent or another applicable lawful basis under relevant law.

5. Data Sharing and Third Parties

We may share personal data with trusted third parties only when necessary for the purposes described in this policy, including:

  • Booking and scheduling providers used to manage class reservations and memberships.
  • Payment processors used to handle transactions securely.
  • Accounting, bookkeeping, and tax advisors for financial administration and compliance.
  • IT, hosting, and software providers supporting our website, email, and business systems.
  • Professional advisors such as lawyers, auditors, and insurers where necessary.
  • Public authorities where disclosure is required by law or a lawful request is made.

We require third parties to handle personal data securely and in accordance with applicable data protection laws. We do not sell your personal data.

6. Data Transfer to Third Countries

Some of our service providers may process personal data outside Denmark, the European Economic Area (EEA), or the United Kingdom. If such transfers occur, we will ensure that appropriate safeguards are in place, such as:

  • an adequacy decision by the relevant authority;
  • standard contractual clauses or equivalent transfer mechanisms;
  • additional technical and organizational measures where necessary.

You may contact us for more information about international data transfers and the safeguards we use.

7. Storage Duration

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Retention periods may vary depending on the type of data and the reason for processing.

  • Booking and customer records: retained for the duration of the customer relationship and for a reasonable period thereafter.
  • Accounting and tax records: retained for the period required by applicable law.
  • Health-related information: retained only as long as necessary for safe service provision or until consent is withdrawn, unless another lawful basis applies.
  • Marketing data: retained until you unsubscribe, object, or withdraw consent.
  • Communication records: retained as long as needed to handle your inquiry or for legal and business record-keeping purposes.

When data is no longer needed, we delete, anonymize, or securely archive it in accordance with our retention practices.

8. User Rights

Subject to applicable law, you may have the following rights regarding your personal data:

  • Right of access: to obtain confirmation of whether we process your data and receive a copy of it.
  • Right to rectification: to request correction of inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to request that processing be limited in certain situations.
  • Right to data portability: to receive certain data in a structured, commonly used, machine-readable format and, where technically feasible, have it transmitted to another controller.
  • Right to object: to object to processing based on legitimate interests or to direct marketing at any time.

To exercise your rights, please contact us using the details in Section 12. We may need to verify your identity before responding. Some rights may be limited where processing is necessary for legal obligations, contractual performance, or other lawful reasons.

9. Withdrawal of Consent

Where we rely on your consent to process personal data, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

You can withdraw consent by contacting us at [email protected] or by using any unsubscribe or preference-management option we provide for marketing communications.

10. Right to Complain

If you have concerns about how we handle your personal data, we encourage you to contact us first so we can try to resolve the issue.

You also have the right to lodge a complaint with the relevant data protection supervisory authority. In Denmark, this is the Danish Data Protection Agency (Datatilsynet).

11. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure systems, staff confidentiality obligations, and regular review of our procedures.

While we take reasonable steps to protect your data, no system can be guaranteed to be completely secure. We encourage you to use caution when sharing personal information electronically.

12. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

Nordisk Pilates Studio
Bredgade 23, 1260 København K, Denmark
Email: [email protected]
Phone: +45 32 84 76 19

13. Changes to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updated version will be posted with a revised effective date.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

4/1/2026 Hjem