Last updated: February, 2025

Gentle Yoga Studio (“Studio,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR)and Finnish data protection laws.

1. Data We Collect

We collect the following types of personal data:

• Identity Data: Name, email address, phone number, and other contact details.

• Payment Data: Payment information when you make a purchase (processed securely by third-party payment providers).

• Usage Data: Information about how you use our website, such as IP address, browser type, and browsing activity.

• Health Information (if applicable): Any health-related information you provide voluntarily for yoga class suitability (processed with your explicit consent).

2. How We Use Your Data

We use your data to:

• Provide and manage our services (e.g., class bookings, memberships, and purchases).

• Process payments securely.

• Send updates, promotions, or newsletters (you can opt out anytime).

• Improve our website and services.

• Comply with legal obligations.

3. Legal Basis for Processing

We process your data based on:

• Contractual necessity: When you purchase a service or sign up for a membership.

• Legitimate interest: For business improvements and customer support.

• Consent: For marketing communications or collecting health-related data.

• Legal compliance: When required by Finnish or EU law.

4. How We Share Your Data

We do not sell or rent your data. However, we may share it with:

• Service providers: Payment processors, booking systems, and marketing platforms.

• Legal authorities: If required by law or to protect our rights.

All third-party providers are GDPR-compliant and process data securely.

5. Data Storage & Security

• Your data is stored on secure servers within the EU.

• We implement technical and organizational measures to protect your data from unauthorized access or loss.

• We retain personal data only as long as necessary for its purpose.

6. Your Rights Under GDPR

You have the right to:

• Access your data.

• Correct inaccurate data.

• Request deletion (“right to be forgotten”).

• Restrict processing in certain cases.

• Object to data processing for marketing.

• Request data portability (transfer your data to another provider).

To exercise your rights, contact us at katietim@proton.me.

7. Cookies & Tracking

We use cookies to enhance your browsing experience. You can manage cookie preferences in your browser settings.

8. Contact Information

If you have any questions or concerns about this policy, please contact us:

📧 Email: katietim@proton.me

📍 Address: Merikasarminkatu 10 b