Privacy Policy

The Fit Lab

Last updated: 27th May 2026

The Fit Lab respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store and protect your personal data when you visit our website, contact us, book classes, attend sessions, use our services, sign up to our mailing list, or interact with us online.

This Privacy Policy applies to The Fit Lab, including our fitness studio services, group classes, personal training, 1:1 coaching, website enquiries, email communications, bookings and related customer support.

1. Who we are

The Fit Lab is a fitness and wellness studio based in Blackpool, offering group fitness classes, personal training, 1:1 coaching and related wellness services.

Business name: The Fit Lab

Legal entity: Sarah Palmer trading as The Fit Lab
Address: Spen Business Park, 1 Ashworth Road, Blackpool FY4 5LP
Email: hello@thefitlab.uk


Telephone: 07810 312100
Website: https://www.thefitlab.uk/

For the purposes of UK data protection law, The Fit Lab is the data controller for the personal information we collect and use.

2. The personal information we collect

We may collect and process the following types of personal information:

Contact details

This may include:

  • Your name

  • Email address

  • Telephone number

  • Postal address, where needed

  • Emergency contact details, where relevant

Booking and account information

This may include:

  • Class bookings

  • Personal training bookings

  • Membership or package details

  • Attendance history

  • App or booking system account information

  • Payment status and transaction references

We may use third-party booking, payment or studio management systems to manage bookings and payments.

Health, fitness and safety information

Because we provide fitness and wellness services, we may collect information that helps us deliver sessions safely and appropriately. This may include:

  • Fitness goals

  • Previous injuries

  • Relevant health conditions

  • Pregnancy or postnatal information, where disclosed

  • Medication or medical considerations, where relevant

  • Access needs or adjustments

  • PAR-Q or health screening information

  • Incident or accident records

Health information is classed as special category data under UK GDPR and receives extra protection. The ICO explains that special category data requires both a lawful basis under Article 6 and an additional Article 9 condition.

Payment information

We may collect limited payment-related information, such as:

  • Payment confirmation

  • Transaction records

  • Purchase history

  • Invoice details

We do not store full debit or credit card details ourselves. Payments may be processed securely by third-party payment providers.

Website and technical information

When you use our website, we may collect:

  • IP address

  • Device type

  • Browser type

  • Pages visited

  • Date and time of visit

  • How you interact with the website

  • Cookie preferences

Please see section 12 for more information about cookies.

Marketing preferences

If you sign up to our mailing list or choose to receive updates from us, we may collect:

  • Your email address

  • Your consent preferences

  • Email engagement information, such as opens or clicks

  • Your interest in specific services, classes or programmes

3. How we collect your information

We collect personal information when you:

  • Contact us through the website

  • Email, call or message us

  • Complete an enquiry form

  • Sign up to our mailing list

  • Book a class, course, personal training session or membership

  • Create an account through our booking system or app

  • Attend a class, personal training session or wellness service

  • Complete health screening, waiver or consultation forms

  • Make a payment

  • Interact with us on social media

  • Take part in a survey, promotion, challenge or event

  • Use our website

We may also receive personal information from third-party service providers, such as booking platforms, payment processors, email marketing platforms and website analytics tools.

4. Why we use your personal information

We use your personal information for the following purposes:

To provide our services

We use your information to:

  • Manage class bookings

  • Deliver personal training and coaching

  • Administer memberships, packages and payments

  • Communicate with you about bookings, cancellations or timetable changes

  • Support your fitness journey

  • Keep attendance records

  • Provide customer service

To keep you safe

We may use relevant health, injury or access information to:

  • Assess whether a class or session is suitable

  • Make reasonable adjustments

  • Support safe participation

  • Respond to accidents, incidents or emergencies

  • Keep appropriate records for insurance and legal purposes

To manage our business

We use personal information to:

  • Keep business records

  • Manage payments, invoices and accounts

  • Monitor attendance and service usage

  • Improve our services

  • Handle complaints or disputes

  • Meet legal, tax, insurance and regulatory obligations

To send marketing communications

Where you have opted in, or where we are otherwise permitted by law, we may send you updates about:

  • Classes

  • Personal training

  • Offers

  • Events

  • Wellness services

  • Timetable updates

  • Studio news

You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in our emails or contacting us directly.

To improve our website and online presence

We may use technical and analytics data to:

  • Understand how visitors use our website

  • Improve website performance

  • Monitor security

  • Understand which pages and services are most useful

  • Improve our marketing and communications

5. Our lawful bases for using your information

Under UK GDPR, we must have a lawful basis for using your personal information. The lawful bases we rely on may include:

Contract

We use your personal information where it is necessary to provide services you have requested or purchased, such as classes, memberships, personal training or coaching.

Consent

We may rely on consent when you:

  • Sign up to receive marketing emails

  • Choose to provide certain health information

  • Agree to the use of certain cookies

  • Give permission for photos, videos or testimonials to be used

Where we rely on consent, you can withdraw it at any time.

Legitimate interests

We may use your information where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. This may include:

  • Responding to enquiries

  • Improving services

  • Managing customer relationships

  • Sending relevant service updates

  • Preventing fraud

  • Protecting business security

  • Understanding how our website is used

Legal obligation

We may process your information where required by law, including for tax, accounting, insurance, safeguarding, health and safety, or legal compliance purposes.

Vital interests

In an emergency, we may use or share your information where necessary to protect your life or someone else’s life.

6. Special category health information

Because fitness and wellness services can involve physical activity, we may ask for relevant health, injury, pregnancy, postnatal, mobility or medical information so that we can support you safely.

We only ask for information that is relevant to the service being provided.

Where we process health information, we may rely on:

  • Your explicit consent

  • The need to protect your vital interests in an emergency

  • The establishment, exercise or defence of legal claims, for example in relation to insurance or incident records

Explicit consent may be needed when processing special category data, unless another Article 9 condition applies.

7. Who we share your information with

We may share your personal information with trusted third parties where necessary to run our business and provide our services. These may include:

  • Booking and studio management platforms

  • Payment processors

  • Email marketing platforms

  • Website hosting providers

  • Analytics providers

  • Accountants and professional advisers

  • Insurance providers

  • IT support providers

  • Legal advisers

  • Emergency services, where necessary

  • Regulators or authorities, where required by law

We only share information where necessary and we expect third-party providers to handle personal data securely and lawfully.

We do not sell your personal information.

8. International transfers

Some of the service providers we use may process personal data outside the UK. Where this happens, we will take steps to ensure appropriate safeguards are in place, such as adequacy regulations or standard contractual clauses where required.

9. How long we keep your information

We only keep your personal information for as long as necessary for the purposes described in this Privacy Policy.

Typical retention periods may include:

  • Enquiry information: up to 12 months after your last contact, unless you become a client or member

  • Booking and attendance records: up to 6 years for business, tax, legal and insurance purposes

  • Payment and invoice records: generally 6 years, in line with UK accounting requirements

  • Health screening forms: for as long as you are an active client or member, then for a reasonable period afterwards where needed for insurance or legal purposes

  • Accident or incident records: for as long as required for legal, insurance or safeguarding reasons

  • Marketing data: until you unsubscribe or ask us to remove you

  • Website analytics data: according to the settings of the analytics provider

We may keep some information for longer if required by law, if there is an ongoing dispute, or if it is needed for insurance, safeguarding or legal purposes.

10. How we protect your information

We take appropriate steps to protect your personal information from loss, misuse, unauthorised access, disclosure, alteration or destruction.

These steps may include:

  • Secure systems and passwords

  • Limited access to personal information

  • Use of trusted third-party platforms

  • Staff awareness and confidentiality expectations

  • Secure payment processing

  • Regular review of the information we hold

No system is completely secure, but we take reasonable and proportionate measures to protect your data.

11. Marketing communications

If you sign up to receive emails or updates from The Fit Lab, we may use your contact details to send you marketing communications.

You can opt out at any time by:

  • Clicking the unsubscribe link in our emails

  • Contacting us at hello@thefitlab.uk

We may still send you service-related messages, such as booking confirmations, cancellation notices, timetable changes, payment updates or important studio information.

12. Cookies and website analytics

Our website may use cookies and similar technologies to improve your browsing experience, understand how the website is used and support website functionality.

Cookies may be used for:

  • Essential website functions

  • Website performance

  • Analytics

  • Remembering preferences

  • Marketing or social media features, where applicable

You can usually manage cookies through your browser settings. Where required, we will ask for your consent before placing non-essential cookies.

You may wish to create a separate Cookie Policy if the website uses analytics, advertising pixels, embedded social media feeds, booking widgets or third-party tracking tools.

13. Social media

If you interact with us on social media, the platform may process your personal information according to its own privacy policy. This may include when you follow us, comment on posts, send messages, tag us, or engage with our content.

We may process your social media interactions to respond to messages, manage our online presence and improve our services.

14. Photos, videos and testimonials

We may occasionally take or use photos, videos, testimonials or success stories for marketing, social media, website content or promotional purposes.

We will ask for your permission before using identifiable images, videos or testimonials for marketing purposes.

You can withdraw consent for future use by contacting us. Please note that if materials have already been printed, published or shared, it may not always be possible to remove every existing copy, but we will take reasonable steps where possible.

15. Children’s information

Our services are primarily intended for adults. If we offer services to children or young people, we may collect information from a parent or guardian, including contact details, emergency details and relevant health or safety information.

Where required, we will seek appropriate parental or guardian consent.

16. Your data protection rights

Under UK data protection law, you have rights over your personal information. These may include the right to:

  • Access the personal information we hold about you

  • Ask us to correct inaccurate information

  • Ask us to delete your information in certain circumstances

  • Ask us to restrict how we use your information

  • Object to certain types of processing

  • Ask for your information to be transferred to another provider, where applicable

  • Withdraw consent where we rely on consent

  • Complain to the Information Commissioner’s Office

The ICO confirms that privacy notices should tell people about their information rights, including the right to withdraw consent where consent is the lawful basis, and how to complain if they have concerns.

To exercise your rights, please contact us at:

hello@thefitlab.uk

We may need to verify your identity before responding.

17. Complaints

If you have concerns about how we use your personal information, please contact us first so we can try to resolve the issue.

You also have the right to complain to the UK data protection regulator:

Information Commissioner’s Office
Website: https://ico.org.uk/
Telephone: 0303 123 1113

18. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business, services, website, systems or legal obligations.

The latest version will be published on our website with the updated date shown at the top.