Privacy Policy

1. Who we are and how to contact us

This Privacy Policy explains how All Dance Abilities collects, uses, shares, and protects personal information when you use the website alldanceabilities.co.uk and our related services (together, the “Services”). We are the data controller for personal data processed in connection with the Services.

Applicable laws: We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

Contact: To ask questions or exercise your data protection rights, please contact our privacy lead using the contact details published on our website (for example, the email address provided in the website footer or contact area). Please include “Privacy” in your message subject so we can route it promptly.

Data Protection Officer (DPO): We are not required to appoint a DPO. Our designated privacy lead can be contacted using the method described above.

2. The data we collect

We collect and process the following categories of personal data, depending on how you use our Services:

  • Identity and contact data: name, email address, telephone number, postal address, and similar identifiers.
  • Account and booking data: login credentials (hashed), class or event bookings, attendance, preferences, communications history.
  • Payment and transaction data: payment amount, date, method, partial card details tokenised by our payment provider, and billing information. We do not store full card numbers or security codes.
  • Communications: enquiries sent to us, feedback, support requests, and records of correspondence.
  • Marketing preferences: your choices about receiving updates and promotions.
  • Technical and usage data: IP address, device information, browser type and version, time zone setting, operating system, pages viewed, interactions, and referral sources. This may be collected via cookies and similar technologies.
  • Media you provide: photos, videos, testimonials or reviews that you submit or authorise us to use.
  • Special category data (processed only where relevant and with additional safeguards): information you choose to share about health, access needs, injuries, or disabilities to help us make reasonable adjustments and support safe participation.
  • Child data: limited information about children (for example, name, age, emergency contacts, health or access needs) when necessary for participation in relevant activities, collected from a parent or legal guardian.

3. How we use personal data and our legal bases

We use personal data for the purposes and on the legal bases set out below. Where legitimate interests are relied upon, we balance our interests against your rights and expectations.

  • Providing our Services: managing enquiries, accounts, bookings, attendance, communications, payments, and customer support.

    Legal bases: performance of a contract or steps taken at your request prior to entering a contract; legitimate interests (to operate and improve our Services).
  • Health, access, and safety: making reasonable adjustments, supporting safe participation, incident reporting, and safeguarding where required.

    Legal bases: explicit consent for special category data; vital interests in an emergency; legal obligations where applicable; legitimate interests (to provide safe services).
  • Payments and invoicing: processing transactions and maintaining financial records.

    Legal bases: performance of a contract; legal obligation (tax and accounting).
  • Communications: responding to enquiries and sending service messages (e.g., booking confirmations, schedule changes, policy updates).

    Legal bases: performance of a contract; legitimate interests (to keep you informed about your use of our Services); legal obligation (important notices where required).
  • Marketing: sending news, updates, and promotions by email or SMS, including soft opt-in for similar products or services to existing customers, and otherwise with your consent. You can opt out at any time.

    Legal bases: consent; legitimate interests (soft opt-in under PECR where applicable).
  • Analytics and site security: measuring performance, improving user experience, monitoring for fraud or misuse, and maintaining security.

    Legal bases: consent for non-essential cookies/analytics; legitimate interests (security and service improvement).
  • Media and testimonials: using photos, videos, or testimonials you provide or authorise for our promotional materials.

    Legal bases: consent; legitimate interests (showcasing our activities) where consent is not required by law and is consistent with your reasonable expectations.
  • Legal and compliance: complying with laws, responding to lawful requests, resolving disputes, and enforcing our terms.

    Legal bases: legal obligation; legitimate interests (to protect our rights); establishment, exercise, or defence of legal claims.

Where we rely on consent, you may withdraw it at any time, and this will not affect processing carried out before withdrawal.

4. Cookies and similar technologies

We use cookies and similar technologies to operate our website, remember your preferences, enhance performance, and measure engagement. We obtain your consent for non-essential cookies and analytics in accordance with PECR and UK GDPR.

Types of cookies we may use:

  • Strictly necessary cookies: required for core functionality such as security, network management, and accessibility (no consent required).
  • Performance and analytics cookies: help us understand how our website is used so we can improve it (consent required).
  • Functional cookies: remember choices and personalise your experience (consent may be required).
  • Advertising/marketing cookies: measure the effectiveness of campaigns and may tailor content (consent required).

Managing cookies: You can manage your preferences via our cookie controls (where provided) and through your browser settings (for example, blocking or deleting cookies). If you block certain cookies, some features may not work properly.

5. Special category and children’s data

Special category data: If you choose to share information about your health, access needs, injuries, or disabilities so that we can make reasonable adjustments and support safe participation, we will process it with additional safeguards and only:

  • with your explicit consent;
  • to protect vital interests in an emergency where you are unable to consent; or
  • for the establishment, exercise, or defence of legal claims.

Children’s data: We do not knowingly collect children’s personal data without the involvement of a parent or legal guardian. For online services that rely on consent, the UK age of digital consent is 13. Where lawful consent is required, we obtain it from a parent or legal guardian for children under 13. We apply appropriate protections tailored to children’s data and do not use it for profiling or targeted advertising.

6. Disclosing data to others

We share personal data only as necessary, subject to confidentiality and security obligations, with the following categories of recipients:

  • Service providers (processors): website hosting and maintenance, IT support, analytics, email and SMS communications, customer relationship tools, booking and scheduling platforms, payment processors, and security monitoring.
  • Professional advisers: accountants, auditors, legal advisers, and insurers.
  • Event partners and venues: limited data needed to administer classes, workshops, or events you have booked.
  • Social media platforms: if you interact with our official pages or consent to the use of your media.
  • Authorities and regulators: where required by law or to protect rights, safety, or property.
  • Business transfers: in the context of a reorganisation, merger, or transfer of services, in which case appropriate safeguards will apply.

We do not sell your personal data.

7. International data transfers

Some recipients and service providers may be located outside the UK. Where we transfer personal data internationally, we ensure appropriate safeguards are in place, such as:

  • a UK adequacy regulation for the destination country;
  • the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses; and/or
  • other safeguards permitted by UK GDPR, together with supplementary measures where necessary.

You can request more information about international transfers and safeguards by contacting us.

8. Data retention

We keep personal data only for as long as necessary for the purposes described in this policy, including to satisfy legal, accounting, or reporting requirements. Typical retention periods are:

  • Enquiries and correspondence: up to 24 months after last contact.
  • Account and booking records: up to 6 years after your last activity or the end of our relationship.
  • Payment and financial records: 6 years to comply with tax and accounting obligations.
  • Marketing preferences and subscription records: kept while you remain opted in and for up to 24 months after opt-out to maintain suppression lists.
  • Health, access, and incident records: for the duration necessary to ensure safety and compliance, and in line with legal requirements and limitation periods.
  • Media and testimonials: until consent is withdrawn or the content is retired, whichever comes first, unless required longer for legal reasons.

Where data is kept beyond routine periods for legal claims or investigations, it will be securely restricted and deleted when no longer needed.

9. Your rights

You have the following rights under UK GDPR, subject to conditions and exemptions:

  • Right of access: to obtain a copy of your personal data and information about how it is processed.
  • Right to rectification: to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data where there is no longer a legal basis to keep it.
  • Right to restriction: to request we limit how we use your data in certain circumstances.
  • Right to data portability: to receive your data in a structured, commonly used, machine-readable format and to transmit it to another controller where technically feasible.
  • Right to object: to object to processing based on legitimate interests or for direct marketing (including profiling). We will stop direct marketing immediately upon objection.
  • Rights related to consent: to withdraw consent at any time, without affecting prior processing.
  • Rights in relation to automated decision-making: to not be subject to decisions based solely on automated processing that produce legal or similarly significant effects, unless lawfully permitted and with appropriate safeguards. We do not carry out such processing.

To exercise your rights, contact us using the details published on our website. We may need to verify your identity before responding. We aim to respond within one month, or inform you if more time is required for complex requests.

10. Data security

We implement appropriate technical and organisational measures to protect personal data, including access controls, encryption in transit where appropriate, secure configuration, regular updates and backups, staff awareness, and retention and deletion controls. No online system is completely secure; you can help protect your data by using strong, unique passwords and keeping them confidential.

11. Third-party sites and services

Our website may include features or content from third parties. If you follow links or use embedded features that take you to third-party sites or services, their privacy notices and cookie practices will apply, and we encourage you to review them.

12. Complaints

If you have concerns about how we handle your personal data, please contact us first so we can try to resolve the issue. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Helpline: 0303 123 1113. Website: ico.org.uk

13. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes to our practices, technologies, or legal requirements. We will post the revised policy here and update the “Last updated” date below. For significant changes, we may provide additional notice where appropriate.

14. Effective date

Last updated: 8 February 2026

Version: 1.0

About The Editorial Team Terms of Service Legal Notice Privacy Policy Sitemap Contact
© 2026 All Dance Abilities