Data Protection & Privacy (Summary)

We process only what’s necessary, keep it secure, and respect your rights under UK GDPR.
What we process (examples): registration/contacts/medical (to deliver safe sessions); safeguarding records (legal obligation/vital interests); attendance and behaviour logs (legitimate interests); photos/media only with consent; CCTV for security at entrances.
Security & retention: role-based access, device security, backups, defined retention periods.
Rights: access, rectification, erasure, restriction, objection; complaints to the ICO.