Calmababy is fully compliant with the General Data Protection Regulations (GDPR). We process personal client data to facilitate the booking of our classes and courses. We do not share any data we hold with third parties.
We collect very little information from the viewers’ visits to our website. Absolutely no personal information is collected from our visitors. The website statistics gathered by our web hosting company records server requests only, e.g. the IP address and date of visit. This is similar to every other server on the web.
Our booking software
- Your name
- Your Address
- Telephone numbers (normally you’re mobile)
- Email addresses
- Your children’s names and dates of birth
- Medical history for you and your children (if applicable)
Our mailing lists
Our mailing lists are stored via secure third-party cloud email clients whose privacy policies are available upon request. Data stored in these applications contains the following information only:
- First name
- Last name
- Email address
We keep the number of communications we send to a minimum, and will only send you information related to the following:
- Booking confirmations and reminders
- Payment receipts
- Calmababy Newsletters
- Offers and promotions
Data relating to children
We will not collect data relating to children without the express permission of a parent or legal guardian. In practice, we only collect and retain the following information relating to children:
- Childs name
- Date of birth
- Medical history (if appropriate)
Card payments and purchases
Calmababy is PCI compliant, in accordance with these regulations we do not store debit or credit card details on site. If you have given us consent to retain your debit or credit card, your details are stored via secure third-party merchant providers on their systems. They are encrypted, with the exception of the last four digits of the card number and its expiry date, and cannot be viewed by any member of the Calmababy team.
Our lawful basis for processing your data
When you visit our Centre, become a member or contact us via email or social media we may ask permission to store your details in our booking software and mailing lists.
For existing customers who are attending classes and courses, we store, retain and use your data in order to provide the services agreed in your contract with us.
For new customers, all our systems require a positive opt-in before we can send you communications. We will undertake this process with you for each system during your initial registration.
For lapsed customers, we may from time to time, send you communications about our products and services which we believe you have a legitimate interest in receiving. You can opt-out of these communications at any time.
Protecting your data
We do not hold your data any longer than is necessary to provide you with our services or to comply with applicable law. We would expect to retain, store and use your data for the lifespan of your children’s swim journey with us, or for the duration of any classes and courses you attend. Whilst we do not place a specific timeframe on the retention of our personal data, we periodically review our records and remove, edit, archive or delete data we deem surplus to requirements. Calmababy Ltd is also required, by law, to retain financial information relating to its business practices for up to 7 years.
In accordance with the GDPR you have the following rights:
- to be provided with access to your personal data held by us;
- to request the rectification or erasure of your personal data held by us;
- to object to the collection of your data and request that we cease processing your data;
- to request that we restrict the processing of your personal data while we investigate your concerns with this information;
- to object to solely automated processing; and
- to request that your data be transferred to a third party (data portability).
We will not use any personal information obtained via this website, our booking software or mailing lists for any purpose other than that stated when the information is gathered. We adhere to the terms of the GDPR and take the security and value of any information you supply us very seriously. We will not share your information with any third party unless required to do so by legal requirement.