Last updated: 02 November 2025
This Privacy Policy explains how Align Lifestyle and Academy of Wellness collect, use, disclose, and protect your personal data when you use our website (alignlifestyle.co.uk), purchase our services, or access our content on third-party platforms (including Circle). It is written for English law and is intended to meet
the requirements of the UK GDPR and the Data Protection Act 2018.
1. Who we are and how to contact us
Align Lifestyle and Academy of Wellness are the data controller for your personal data when we determine how and why it is processed.
Postal address: Limedale Road, Mossley Hill, Liverpool L18 5JF, United Kingdom.
Email: [email protected]
2. Scope of this Policy
This Policy applies to our website and to services delivered on third-party platforms we use - including the Circle community platform - as well as retreats, courses,
classes, memberships, certifications, and events.
If platform-specific terms apply, those sit alongside this Policy.
3. The data we collect
We may collect and process the following categories of personal data:- Identity data - name, title, date of birth where provided.- Contact data - email address, telephone number, billing and shipping addresses.- Account data - login details, profile information, communications and preferences.- Transaction data - purchases, bookings, membership status, payments and refunds (we do not store full card details).- Usage and technical data - log files, IP address, device information, browser type, time zone, approximate location, pages viewed, and interactions.- Marketing data - your preferences for marketing communications and community notifications.- Retreat and event data - dietary requirements, accessibility needs, travel details where provided.- Health data - limited information you choose to provide so we can tailor activities safely (for example injuries, allergies or relevant medical notes).
This is special category data and we only process it with your explicit consent or where another lawful basis applies.
4. How we collect your data Direct interactions - forms, checkout, bookings, email, community posts and messages.- Automated technologies - cookies and similar technologies on our website and platforms we use.- Third parties - payment providers, analytics providers, platform providers and partners.
5. How and why we use your data - lawful bases
We only use your data where we have a lawful basis under the UK GDPR:- Contract - to create your account, take and manage bookings, deliver courses, memberships and retreats, and provide customer service.- Consent - for email marketing, non-essential cookies, and processing special category data such as health information you choose to provide. You can withdraw consent at any time.
- Legitimate interests - to improve our services, maintain security, prevent fraud and abuse, send community or service updates that are relevant to you, and coordinate retreat travel and communications (including creating a retreat WhatsApp group). We balance these interests against your rights.- Legal obligations - to comply with tax, accounting and regulatory duties.- Vital interests - very rarely, to protect you or others in an emergency (for example, using WhatsApp or phone to issue urgent safety notices).
6. Special category data (health)
If you provide health information so we can tailor activities, we process it with your
explicit consent and on a need-to-know basis.
You do not have to share health information, but if you choose not to we may be unable to tailor activities for your needs.
You can withdraw consent at any time, although we may retain relevant information where required for legal claims or safety.
7. Sharing your data
We do not sell your personal data. We may share it with trusted service providers who act on our instructions only, such as:- Payment processors and payment methods - Stripe, PayPal, Apple Pay, Google Pay and card payment gateways. We do not store full card numbers; our processors handle card data securely.- Community and course platforms - Circle.- Community or messaging providers for retreat coordination - WhatsApp groups used for
travel, communication and emergencies during retreats. Participation is limited to attendees and staff.- Website and hosting providers, security and maintenance providers.- Analytics providers - Google Analytics.- Email and messaging providers - ActiveCampaign.
We may also share data:- To comply with law, court orders or regulators.- To protect our users, systems and rights, including fraud prevention.- In connection with a business transaction such as a merger or transfer of assets.
8. International transfers
Some providers - including payment processors, ActiveCampaign, Google and WhatsApp may process data outside the UK. Where a transfer is a restricted transfer under the UK GDPR, we use appropriate safeguards such as the UK International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses, and carry out transfer risk assessments where required.
9. Retention - how long we keep data
We keep personal data only for as long as needed for the purposes set out in this Policy:- Account data - for the life of your account and up to 24 months after closure.- Transaction and booking records - for 6 years to meet tax and accounting rules.- Marketing records - until you opt out or for 24 months after your last meaningful interaction, whichever is sooner.- Retreat health information - for the duration of the retreat and up to 3 years after the event to address safety queries and legal claims.- Analytics data - typically up to 26 months, or as configured in our tools. We may keep data longer where needed to establish, exercise or defend legal claims or to comply with law.
10. Cookies and similar technologies
We use cookies and similar technologies to run our website, remember preferences and understand how people use our pages.
Non-essential cookies will only be set with your consent via our cookie banner where required by law. You can change your choices at any time in your browser or device settings.
Analytics: we use Google Analytics only. You can learn more in Google's Privacy Policy and install their opt-out browser add-on if you prefer not to be tracked.
11. Marketing choices
You can opt out of marketing emails at any time by clicking unsubscribe in our emails or by emailing [email protected].
If you opt out, we may still send important service messages about your account,
bookings or safety.
12. Security
We use reasonable administrative, technical and physical measures to protect personal data.
No system is perfectly secure, so we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for using unique, strong passwords.
13. Your rights
Under the UK GDPR you have rights which may include:- The right to be informed about our use of your data.- The right of access to your personal data.- The right to rectification of inaccurate data.- The right to erasure in certain circumstances.- The right to restrict processing.- The right to data portability.- The right to object to processing, including direct marketing.- Rights in relation to automated decision making and profiling.
To exercise your rights, email [email protected]. We may ask you to verify your identity. You can also complain to the UK Information Commissioner's Office if you are unhappy with how we handle your data.
14. Children
Our services are designed for adults.
We do not direct retreats, memberships or courses to individuals under 18 years of
age.
Events and classes may permit participants aged 16-17 only when accompanied by a full paying adult who will be responsible for them at all times.
15. Third-party links
Our website and communities may contain links to third-party sites. Those sites have their own privacy notices and we are not responsible for their content or practices.
16. Changes to this Policy
We may update this Policy from time to time. We will post the new version on our website and update the 'Last updated' date.
If changes are significant we may notify you by email or prominent notice in your account area.
17. Contact and complaints
Questions or requests: [email protected]
You can also raise concerns with the UK Information Commissioner's Office (ICO): www.ico.org.uk, helpline 0303 123 1113, or by post at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
You can access our Website Terns and Conditions here.