about usofferingswork with us

Get exclusive offers and hear about our latest news | sign up here

menufind usbook now

book

book

Privacy Policy for Rooted in Burford

Rooted in Burford (“we”, “our”, “us”) is committed to protecting your privacy and treating your personal data with care. This policy explains what information we collect, how we use it, and the rights you have. We aim to communicate clearly and warmly, while meeting all requirements of the UK GDPR and the Data Protection Act 2018.

1. Who We Are
Rooted in Burford  
112A High Street
Burford
OX18 4QJ
Email: lillie@rootedinburford.com
We are the data controller responsible for your personal information.

2. The Information We Collect

We collect information so we can offer wellbeing services, classes, therapies, memberships, community events, and (in future) wellness‑aligned products. This includes:
Identity and contact details — name, email address, phone number.
Booking information — classes, therapies, events, memberships.
Enquiry information — messages sent through our website or email.
Newsletter sign‑ups — your name and email address.
Payment information — processed securely through third‑party providers (we do not store card details).
Technical and usage data — IP address, browser type, device information, pages visited, and interactions with our website.
Practitioner profile interactions — when you view or engage with practitioner information.
Future features — blog comments, product purchases, or other interactions once launched.

3. How We Collect Your Information

We collect data through:
Direct interactions — bookings, enquiries, membership sign‑ups, newsletter forms.
Third‑party platforms — Bsport (bookings/memberships), Stripe (payments), Google (analytics and website tools).
Automated technologies — cookies and analytics that help us understand how people use our website.

4. How We Use Your Information
We use your information to:
Provide and manage classes, therapies, events, and memberships.
Process bookings and payments.
Respond to enquiries and support you.
Share updates, newsletters, or community information (only if you opt in).
Improve our website, services, and user experience.
Maintain necessary business records and meet legal obligations.

We never sell your data.


5. Legal Bases for Processing

We process your data under the following lawful bases.
Contract — to deliver the services you book or purchase.
Consent — for newsletters or optional communications.
Legitimate interests — improving our website, understanding service demand, and ensuring smooth operation.
Legal obligation — financial record‑keeping and compliance.

6. Sharing Your Information

We only share your information with trusted partners who help us operate Rooted safely and smoothly:

Bsport — for bookings, memberships, and class management.
Stripe — for secure payment processing.
Google services — for analytics and website functionality.
Website hosting and IT providers — to keep our site running securely.

These providers must keep your data safe and use it only for the purposes we agree.

7. International Transfers

Some of our service providers (such as Google or Stripe) may store data outside the UK/EEA. When this happens, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent protections.

8. Data Retention

We keep your personal data only for as long as necessary:Booking and payment records — typically 6 years for legal and accounting purposes.
Enquiries — up to 12 months.
Newsletter data — until you unsubscribe.
Website analytics — retained according to our analytics provider’s standard policies.
We review retention regularly to ensure data is not kept longer than needed.

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

9. Cookies and Analytics

Our website uses cookies to:
Understand how visitors use the site.
Improve performance and user experience.
Support booking and membership functionality.

You can manage or disable cookies through your browser settings.

10. Your Rights

Under UK GDPR, you have the right to:

Access the personal data we hold about you.
Request corrections to inaccurate information.
Request deletion of your data (in certain circumstances).
Restrict or object to processing.
Withdraw consent at any time (for newsletters or optional communications).
Request data portability.
To exercise any of these rights, contact lillie@rootedinburford.com.

You also have the right to raise concerns with the Information Commissioner’s Office (ICO) at ico.org.uk..

11. Changes to This Policy

We may update this policy from time to time to reflect changes in our services or legal requirements. The latest version will always be available on our website.

12. Contact Us

For questions about this policy or your data, please contact:
lillie@rootedinburford.com

hire the space
hire the space
work with us
work with us
email us
email us
instagram
instagram

copyright @rootedinburford 2026

|

privacy