Master Hutton Fitness Privacy Policy

1.0 Our Commitment
Master Hutton Fitness takes data protection and user privacy very seriously. We aim to meet the requirements of the Data Protection Act 1998 (DPA), the General Data Protection Regulation 2018 (GDPR) and the guidelines on the Information Commissioner’s website (ICO) in our business, internal computer systems and website.

At MHF we believe that:

  • User privacy and data protection are human rights
  • We have a duty of care to the people within our data
  • Data is a liability and it should only be collected and processed when necessary
  • We will never sell, rent or otherwise distribute or make public your personal information

2.0 Personal Information (Data) We Process
We process Personal data when a customer:
Makes a general enquiry. This data includes name and email address.
Requests adding to our mailing list for future marketing, notifications or newsletters. This data includes name and email address.
Enrols on one of our programs. This data includes name, postal address and email address along with other relevant information specific to the course.
Apart from securely passing the relevant information to our insurance provider, billing company and student data management system we never pass your personal data to a third party and will keep it confidential.
All Personal data is securely stored in the UK whether in digital or hard copy format.

You have the following personal data rights:

The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to object
If you are a client of Master Hutton Fitness you have the right to withdraw consent for important notifications, newsletters or marketing. You can inform us to correct errors in your personal details or withdraw consent from communication methods such as telephone, email or text. You have the right to obtain a free copy of your records within 1 month.
If you are not a client of Master Hutton Fitness you have the right to withdraw consent for processing personal data, to have a free copy of it within 1 month, to correct errors in it or to ask us to delete it. You can also withdraw consent from communication methods such as telephone, email or text.

3.0 Specific Data Collected Via This Website

This website collects and uses personal information for the following reasons:

3.1 Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor (see section 6.0 below).
GA makes use of cookies, details of which can be found on Google’s developer guides. FYI our website uses the analytics.js implementation of GA.
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.

3.2 Contact forms and email links
Should you choose to contact us using the contact form on our Contact us page or via an email link, none of the data that you supply will be stored by this website or passed to any third party data processors. Instead the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). We would suggest that you always consider email as an insecure medium and not include personal, confidential or otherwise sensitive information within an email or through the contact form.

4.0 Our Third Party Data Processors
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them should comply with the legislation set out in section 1.0.
Google (Analytics)
Gocardless (Billing company)
Martialytics (Student data management system)
IMASA (Martial art insurance provider)

5.0 Data Breaches
We will report any unlawful data breach to the ICO and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

6.0 Data Controller
The data controller of this website is:-
Master Hutton Fitness
12 Albion Way
East Kilbride
Glasgow
G75 0YN

7.0 Data Protection Officer
Mr Mark Hutton
Centre Manager, MHF.
12 Albion Way
Telephone: 07881 510547
Email: masterhfitness@gmail.com

8.0 Changes to Our Privacy Policy
This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes.