Skip to main content

Privacy Policy

Last Updated: 19th November 2025

The Private Spa (“we”, “us”, “our”) is committed to protecting your personal data. This policy explains what we collect, why we collect it, and how we keep it safe. It applies to all visitors to our website and anyone who books or makes an enquiry with us.

1. The information we collect

We collect information in the following ways:

a. Information you give us

When you interact with us on our website or by email, you may provide:

  • Name
  • Email address
  • Phone number
  • Booking details
  • Payment information (processed securely by our payment provider)
  • Any notes or requests you include when booking
b. Information we collect automatically

Like most websites, we use cookies and similar tools to understand how people use our site. This may include:

  • Device information
  • IP address
  • Pages visited
  • Time spent on the site
  • Booking behaviour

We do not use this information to identify you personally.

c. Information from third parties

If you book through a partner platform or arrive via a social media advertisement, we may receive data needed to complete your booking or track the performance of our campaigns.

2. How we use your information

We use your personal data to:

  • Manage bookings and provide the services you requested
  • Contact you about your session or respond to enquiries
  • Process payments
  • Improve our website and customer experience
  • Send occasional updates or offers (only if you choose to receive them)
  • Meet legal or regulatory requirements

3. Legal bases for processing

Under UK GDPR we rely on the following legal bases:

  • Contract: to provide the service you’ve booked
  • Consent: for marketing emails or non-essential cookies
  • Legitimate interests: to improve our services and maintain site security
  • Legal obligation: for accounting or regulatory compliance

4. Sharing your data

We only share your data with trusted service providers when necessary. These may include:

  • Payment processors
  • Booking software providers
  • Email or SMS platforms
  • Analytics tools

All partners must protect your data and may not use it for their own purposes.
We do not sell or trade your personal information.

5. Keeping your data safe

We use technical and organisational measures to protect your data, including:

  • Secure servers
  • Encrypted connections
  • Access control for staff
  • Regular monitoring of our systems

If we ever experience a data breach that impacts your rights, we will notify you and the relevant authority as required by law.

6. How long we keep your information

We keep your data only for as long as needed:

  • Booking and account information: up to 6 years for legal and accounting reasons
  • Marketing preferences: until you unsubscribe
  • Cookies: according to their expiry period

You can ask us to delete your data at any time unless we are legally required to keep it.

7. Your rights

You have the right to:

  • Access the data we hold about you
  • Correct inaccurate information
  • Ask us to delete your data
  • Withdraw consent at any time
  • Object to certain types of processing
  • Request a copy of your data

To exercise your rights, contact us using the details below.

8. Cookies

We use essential and optional cookies.

  • Essential cookies help the site function and cannot be switched off.
  • Analytics and performance cookies help us understand how visitors use the site. These require your consent.

You can manage or refuse cookies through your browser settings or through our cookie banner.

9. Children

Our services are not intended for children under 16 and we do not knowingly collect data from minors.

10. Contact us

If you have any questions about this policy or want to exercise your rights, contact us at:

The Private Spa
Email: info@theprivatespa.co.uk
Address: 169 The Vale, London W3 7RD

11. Updates to this policy

We may update this policy from time to time. Any changes will be posted on this page with the updated date.