Data Protection
& Privacy Policy

At Mudra we are committed to complying with the General Data Protection Regulation (GDPR) 2018. Looking after the personal information you share with us is very important, and we want you to be confident that your personal data is kept safely and securely and to understand how we use it to offer you a better and more personalised experience.

What data do we collect and how do we use it?

If you book yoga classes, courses or workshops online through our ScheduleBliss booking platform then a small amount of personal data, namely your name and email address, will be stored online on a secure server. If you book yoga classes through Move GB or Go Sweat we will also have access to your name and email address. We need this information as a minimum in order to process your bookings and keep in touch with you about important updates.

In addition to the above, a certain amount of personal data is collected by us through our Registration Form & Health Questionnaire which you complete before your first yoga class at Mudra. Here, we ask for personal contact information such as name, address, email address, and contact telephone number. We also ask for emergency contact details. Additionally, we ask for some personal data that assists us in providing an efficient and safe service (such as date of birth and relevant health & medical information). All of this information is provided to us by yourselves. By electronically signing and submitting this form you are agreeing that we may hold and use such personal data in these ways.

We do not hold any financial information about you, but you are named on our computerised accounts files solely for accounting purposes. The only details that we hold on our records are your name, the date that you paid, and the amount you paid. Any financial data you provide when you book on to a yoga class, course or workshop through our ScheduleBliss booking platform is collected and processed solely by our payment processer Stripe. Alternatively, if you book via Move GB or Go Sweat these companies will use their own payment processor and you are advised to directly consult their GDPR policies if you have any concerns.

Any data we hold about you is held in a secure manner and for a time period that is considered appropriate for our business needs; typically this will be 7 years unless you specifically request otherwise, see the section on ‘Your Rights’ below.

Who has access to my data?

The teachers employed by Mudra have access to your Registration Forms & Health Questionnaires in order to carry out their day-to-day duties, ensure the services we are providing to you are appropriate and to maintain the needs of the business.

We do not share, sell or exchange your information with any external parties for the purposes of marketing nor profiling.

How is my personal data protected?

We take all reasonable precautions to maintain your personal data in a secure environment. This includes, but is not limited to; the use of password protection for access to applications, computer files and mobile phones; and the secure storage of paper records. Data is held for a time period that is considered appropriate for our business needs; typically this will be 7 years unless you specifically request otherwise, see the section on ‘Your Rights’ below.

We ensure, on an on-going basis, that all teachers who work for us are made aware of their responsibilities in relation to the use, protection and breaches of personal information.

In addition to the classes, courses and workshops run by Yoga Nature and Sheffield Centre for Massage Training, other teachers may occasionally hire the space to run workshops and other events. We will ensure that all such teachers are made aware of and agree to observe our Data Protection & Privacy Policy, however the responsibility to keep your information safe remains that of the person hiring the space and you are advised to consult their GCPR policy if you have any concerns.

Finally, whilst we will strive to protect all of your personal information that we hold to the best of our ability, we cannot guarantee the security of any information that you transmit and so you do so at your own risk.

Email and phone communication

Direct marketing emails informing you of new or future services we are providing are sent through a secure permission-based email system called MailChimp. When you purchase a service from us you will be invited by email to join our MailChimp email list. You have the option to “opt-in” at this point, and subsequently subscription preferences may be changed by you at any time. You also have the option of “opting-out” at any time by clicking on “unsubscribe” at the bottom of any Mailchimp email we send.

In addition to our Mailchimp mailing list we may sometimes want to send you emails via other email clients such as Outlook. Again, these emails will contain important information about the services we provide. If you want to opt-out of these emails at any time just reply with ‘unsubscribe’ in the title. However, please note that if you do this you may miss out on important information about changes to classes and courses etc.

We may, from time to time, use your phone number to contact you about urgent class or course changes or cancellations or to inform you if a waiting list place has become available, for example. If you do not wish for us to contact you in this way, please inform us in writing. Again, please note that if you do this you may miss out on important information.

If you engage with us on Social Media, for example, liking our Facebook page, then you are agreeing to receive notifications via that media platform about news and events etc. If you wish to turn off such notifications please consult the Help section of that particular platform or ask us for help. The only personal information that we might ask from you over Social Media is your email address (and only through private message, never publicly) and this is simply so that we can communicate with you more effectively and efficiently.

Our cookie policy

Like most other websites, our website stores limited information about you in the form of cookies (files which are sent by us to your computer or other access device) which we can access when you visit our site in future. We may also collect your device’s IP address as part of the basic functioning of this website. We do this to allow the website to function properly and to collect anonymous information about how this website is used through Google Analytics, in order to improve our services.

If you wish to stop or control the use of cookies on your browser, please refer to your browser’s settings for cookies. More information on how to do that can be found on the website All About Cookies and on the Information Commissioner’s website.

Links to other websites

We cannot be held responsible for the practices employed by websites linked to or from the Mudra website, nor the information or content contained in them. Please remember that when you use a link to go from the Mudra website to another website, our Privacy Notice is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our website, is subject to that website’s own rules and policies. Please read over those rules and policies before proceeding.

Your Rights

Legislation deems us to be the ‘controllers’ of the personal data that we hold. Therefore, we are responsible for how it is used by us. As a ‘data subject’ you have a number of rights in relation to your personal information under data protection law. If we receive a request from you to disclose the personal data that we hold on you, we will respond to you within 30 days, at no charge to you. Our contact details, and how to contact us, can be found at the end of this policy statement.

Under the GDPR you have the following rights as an individual regarding your data:

  • The right to be informed

  • The right of access

  • The right to rectification

  • The right to erasure

  • The right to restrict processing

  • The right to data portability

  • The right to object

  • Rights in relation to automated decision making and profiling.

If you would like to find out more about these rights, or if you would like to report a breach of them then you can contact the ICO (Information Commissioners Office) at ico.org.uk or call their helpline on 0303 123 1113.

Updates to this Policy

We may review this policy at any time and changes will be notified to you by us posting an updated version here on our website and/or by contacting you by email. We recommend that you regularly check for changes and review this policy when you visit our website. If you do not agree with any aspect of the updated policy you should promptly notify us and cease using our services.

Last updated: February 2019