1. General intro

We are committed to ensuring that we manage your personal data professionally and in compliance with all applicable data protection laws. Part of this commitment is to ensure that there is transparency about how we process personal data.

This policy includes an explanation of:

  • What data we are processing;
  • Why we are processing it and what we do with it;
  • Whether we will share it with anyone else;
  • Whether we will transfer it outside of the European Economic Area (EEA);
  • How we keep your data safe; and
  • Your rights.

If you have any questions regarding this Privacy document please don’t hesitate to contact us.


2. Who we are Isenhurst Health Clubs

a. We are Fawrona limited T/A Isenhurst Health Clubs. Our registered office is: Isenhurst Country Club, Mayfield Road, Cross in and, East Sussex, TN21 0UE. Our Company Registration number is 1066954 In this Privacy Policy Fawrona Limited T/A Isenhurst Health Clubs is referred to as we, us, our or Isenhurst Health Clubs.

b. Isenhurst Health Clubs is a “Data Controller “This means we are responsible for deciding how we hold and use personal information about you.


c. If you have any queries or concerns over your data please email Uckfield@isenhurst.co.uk, Crowborough@isenhurst.co.uk, Cross-in-hand@isenhurst.co.uk using GDPR as the subject.


3. Your personal data

a. We process your personal data if you are a member or Guest of an Isenhurst health club.
i. What data do we hold about you and how have we obtained this?

ii. We have obtained information about you when you have completed and application for membership. Typically, the information that we obtain will be your name, address, email address, phone number, a photograph of you and payment information.

iii. Isenhurst Health Clubs have CCTV in operation at each Isenhurst health club. This is for security as well as health and safety purposes. It is therefore possible that images of you will be recorded when visiting our sites.

iv. Your photograph will be used to identify you as the membership holder when you visit Isenhurst health clubs

v. For studio class bookings, you may choose to use an App called IScuba. This App is provided by a third party and you should read their terms and conditions before using the App, as it is not provided by us. It may also be subject to updates.

b. How do we use your personal data and what is the applicable lawful basis?

i. We many process your information to ensure that you are provided with all the benefits of your membership of an Isenhurst health club.

ii. We may process your information to comply with our legal obligations.

iii. Situations in which we will use your personal information including:

1. Analysing our performance and the performance of our health clubs in delivering services and products to you;
2. Market Research.
3. The prevention of fraud or other criminal acts.
4. General administration purposes
5. Enforcing our legal rights or to defend legal proceedings.
6. Complying with requests from you including if you exercise any of your rights noted in this Data Protection Policy;
7. Collecting payments

c. Will we share your personal data with any third parties?
i. We may share your personal data to collect payment via the Bacs Direct Debit service as per your instruction to the bank

ii. We may transfer your data to government or other official bodies for the purposes of complying with legal obligations, for enforcing our rights, or for the prevention or detection of a crime.

iii. We do not share your data with third parties for the purpose of advertising

iv. We use a trusted third party to encrypt and store your data securely. More details are available on request.

d. How long do we keep your data?
i. If you have purchased membership of an Isenhurst health club we will keep your data for 1 year from the termination date of the contract. Except in situations of financial dispute, where details will be kept until the dispute is resolved.

ii. If you sign in as a guest user on a 40-day basis we will keep your data for 1 year from the termination date of the membership


4. Cookies

a. We do not use Cookies on our website.


5. Data security

a. We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

b. We have put in place procedures to deal with any suspected data breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

c. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our booking system, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.


6. Links to other websites

a. Our website may contain links to and from other websites (e.g. social media sites such as Twitter, Flickr, YouTube and Facebook). Unless we own such websites, we accept no responsibility for the way in which they process your personal data. You are recommended to check the privacy policy of each website before you submit any personal data to it.


7. Your rights

a. Your duty to inform us of changes
i. It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

b. Your rights in connection with personal information. Under certain circumstances, by law you have the right to:
i. Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

ii. Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

iii. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

iv. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

v. Request the restriction of processing of you personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

vi. Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us at any site address in writing.

No fee is usually required

You will not have to pay a fee to access your personal information ( or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identityand ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw consent, please contact the club manager. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law

Data protection officer

If you have any questions about this privacy policy or how we handle your personal information, please contact the DPO in writing to any club or via email with the subject DPO.


8. Policy updates

This policy was last updated on 25 May 2018. We reserve the right to make changes to this policy at any time.