Privacy Policy

Introduction

Frosthavens Ltd ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws. Our registered address is 153 Capel Street, Waterford, X98 9443, Ireland. Registration Number: 739281. VAT Number: IE4D93827K.

Data We Collect

The data we collect depends on how you interact with our services. We may collect the following types of personal information:

• Contact Information: Name, email address, phone number, postal address
• Account Information: Username, password, preferences, and account settings
• Health and Fitness Information: Fitness goals, health conditions, physical assessments, progress data
• Payment Information: Billing address, payment method details (processed securely by third-party providers)
• Technical Information: IP address, browser type, device information, usage data
• Communication Data: Records of your communications with us, feedback, and survey responses

We collect this information when you register for our services, book appointments, fill out forms, communicate with us, or use our website and facilities.

How We Use Your Information

We use your personal information for the following purposes, based on legitimate interests, contractual necessity, or your consent:

• Service Provision: To provide fitness services, personal training, and health programmes
• Account Management: To create and manage your account, process bookings, and handle payments
• Communication: To respond to inquiries, send appointment confirmations, and provide customer support
• Health and Safety: To ensure appropriate exercise programmes and maintain safety standards
• Marketing: To send promotional materials and updates about our services (with your consent)
• Legal Compliance: To comply with legal obligations and protect our rights
• Service Improvement: To analyse usage patterns and improve our services

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

• Service Providers: With trusted third parties who assist in operating our business (payment processors, booking systems, email services)
• Health Professionals: With healthcare providers when necessary for your safety and with your explicit consent
• Legal Requirements: When required by law, court order, or to protect our rights and safety
• Business Transfers: In connection with a merger, acquisition, or sale of assets

All third parties are required to maintain appropriate security measures and use your information only for specified purposes.

Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations:

• Account Information: Retained whilst your account is active and for 3 years after closure
• Health Records: Retained for 7 years after your last visit for safety and liability purposes
• Financial Records: Retained for 7 years as required by Irish law
• Marketing Data: Retained until you withdraw consent or for 2 years of inactivity

After the retention period expires, we securely delete or anonymise your personal information.

Your Rights

Under GDPR and Irish data protection law, you have the following rights regarding your personal information:

• Right of Access: Request copies of your personal information
• Right to Rectification: Request correction of inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal information in certain circumstances
• Right to Restrict Processing: Request limitation of how we use your information
• Right to Data Portability: Receive your information in a portable format
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis

To exercise these rights, please contact us using the information provided below. We will respond within one month of receiving your request.

Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data in transit and at rest
• Regular security assessments and updates
• Access controls and staff training
• Secure backup and recovery procedures

However, no method of transmission over the internet or electronic storage is completely secure. Whilst we strive to protect your information, we cannot guarantee absolute security.

International Data Transfers

Your personal information is primarily processed within the European Economic Area (EEA). If we transfer information outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal information, please contact us:

You also have the right to lodge a complaint with the Data Protection Commission of Ireland if you believe we have not handled your personal information appropriately. Contact details are available at www.dataprotection.ie.