Make an enquiry
Make an enquiry

Privacy & Data Protection

How I collect, use and protect your data

Your privacy matters to me. This policy explains what personal information I collect, why I collect it, how I use it, and how I keep it safe. I am committed to handling your data with care and in full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1.  Who is the Data Controller?

Claire Willis, trading as Claire Willis PT, is the data controller responsible for your personal information. If you have any questions about this policy or how your data is used, please contact me via the contact page.

2.  What Data I Collect

I may collect and hold the following types of personal information: your name, date of birth, contact details and address; GP details and emergency contact information; health and medical history, including injuries, medications and conditions; body measurements and fitness assessment data; training notes and session records; payment and invoicing information; and any other information you voluntarily share with me.

3.  Why I Collect Your Data

I collect your information in order to: provide a safe, personalised fitness service; design and adapt your training programme; communicate with you about sessions and progress; comply with legal and professional obligations; and maintain appropriate records as required by my insurance provider and professional body.

4.  Legal Basis for Processing

I process your data on the following grounds: contractual necessity (to deliver the service you have engaged me for); legitimate interests (to manage my business and communicate with you effectively); legal obligation (to comply with applicable laws); and your explicit consent (for health and special category data). You may withdraw consent at any time — please note this will not affect any processing carried out prior to withdrawal.

5.  Special Category Data

Information about your health, medical history and physical condition is classified as 'special category data' under UK GDPR. I only collect this information with your explicit consent, and it is used solely for the purpose of providing you with a safe and effective fitness programme.

6.  Who I Share Your Data With

I do not sell, rent, or share your personal data with third parties for marketing purposes. Your data may be shared only in the following limited circumstances: with my insurance provider if required; with medical or emergency services in the event of a health emergency; or where required by law or a regulatory authority.

7.  How Long I Keep Your Data

I retain your personal data for 7 years following the end of your programme, in line with my professional insurance requirements. Data will be securely deleted after this period. You may request deletion of your data at any time, subject to any legal obligations I must comply with.

8.  How I Store and Protect Your Data

Your data is stored securely in [e.g. encrypted digital files / password-protected cloud storage / locked physical files]. I take appropriate technical and organisational measures to prevent unauthorised access, loss, or disclosure of your personal information.

9.  Your Rights

Under UK GDPR, you have the right to: access the personal data I hold about you; request correction of any inaccurate data; request deletion of your data (subject to legal retention requirements); object to or restrict processing; withdraw consent at any time; and lodge a complaint with the Information Commissioner's Office (ICO) at www.ico.org.uk or by calling 0303 123 1113.

10.  ICO Registration

Claire Willis is registered with the Information Commissioner's Office. Registration number: ZB890366. If you have any concerns about how your data is handled, you have the right to contact the ICO directly.

11.  Changes to This Policy

I may update this privacy policy from time to time. The most current version will always be available on request. Any significant changes will be communicated to you directly.