Fraileach Privacy Policy
Effective Date: April 2026
Fraileach is committed to protecting and respecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
This policy explains how we collect, use, and protect your personal data in relation to the use of our sauna services.
1. Who We Are
Fraileach provides sauna services and collects certain personal data to ensure client safety and effective operation of our business.
Data Controller: Fraileach
Contact: Karen Catto & Carlie Campbell: fraileach@gmail.com
2. Information We Collect
We may collect and process the following personal data:
a. Sauna Waiver and Safety Information
Full name
Contact details
Emergency contact information
Relevant medical or health information (e.g. conditions affected by heat exposure)
Acknowledgement of risks associated with sauna use
b. General Business Communication
Name
Email address
Phone number
Booking and enquiry details
c. Photography and Media
Photographs and/or video recordings taken during sessions
3. How We Use Your Information
Waiver and Health Information
To assess suitability for sauna use
To help ensure your safety
To meet legal and insurance requirements
To maintain participation records
General Information
To manage bookings and enquiries
To communicate with you regarding services
Photography and Media
To promote Fraileach via social media, website, and marketing materials
We do not use your data for unrelated marketing without your explicit consent.
4. Lawful Basis for Processing
We rely on:
Legal obligation – safety and insurance compliance
Legitimate interests – running our business
Explicit consent – for:
Health-related data (special category data)
Photography and video use
5. Data Retention
Waiver and health records are retained securely for 7 years for insurance and legal purposes.
General communication data is retained only as long as necessary for business purposes.
Photography and media are retained until consent is withdrawn or the content is no longer required.
Data will be securely deleted or anonymised when no longer needed.
6, Data Sharing
We do not sell or trade your personal data.
Data may be shared only where necessary:
With insurers or legal authorities
With trusted service providers (under confidentiality obligations)
7. Data Security
We implement appropriate safeguards, including:
Secure storage (digital and/or paper)
Access limited to authorised personnel
Regular review of data protection practices
8. Your Rights
You have the right to:
Access your personal data
Correct inaccurate data
Request deletion (where applicable)
Restrict or object to processing
Withdraw consent at any time
Lodge a complaint with the UK Information Commissioner’s Office (ICO)
9. Contact Us
10. Updates to This Policy
This policy may be updated from time to time. The latest version will always be available upon request.

