Privacy Policy.

Updated February 2026.

This privacy policy explains how Sojourn Pilates collects, uses, stores and shares personal information about you, and your rights under UK data protection law including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who we are

Sojourn Pilates (“we”, “us”, “our”) operates www.sojournpilates.com and studio services. Our contact email is support@sojournpilates.com. We are the data controller for personal information we collect.

What personal information we collect

We collect information that you provide directly, such as your name, email address, phone number, billing address, date of birth or other contact details. We collect booking, payment and membership information when you sign up, book classes or make purchases, including records of the classes you attend and any health or consent information you supply through our booking platform. We also collect technical data such as IP address and website usage through cookies. Our security system (Verisure) records internal and external video footage of people entering or on our premises; this footage is also personal data.

How we collect data

We collect data when you complete forms, make bookings or payments, communicate with us directly, use our website, or enter our studio. Website data may be collected automatically through cookies and similar technologies.

How we use your personal information

We use your information to deliver our services, process bookings and payments, manage memberships, communicate important service information to you, improve our services and comply with legal obligations. We use CCTV footage to ensure the safety and security of our premises, staff, clients and visitors.

Legal basis for processing

We process your personal information where we have a lawful basis under UK GDPR, which may include:

  • Contract – to provide and administer services you have purchased.

  • Legitimate interests – to operate the business, maintain security and improve services.

  • Consent – where you have opted in for marketing.

  • Legal obligation – to comply with laws or regulatory requirements.

Use of Verisure CCTV

We use a Verisure surveillance system with internal and external cameras for safety and security. Footage may capture identifiable individuals and is treated as personal data. We record and retain footage for no longer than necessary, normally up to 30 days unless required in connection with an incident, investigation or legal requirement. Access to CCTV footage is restricted to authorised staff only and is used only for legitimate purposes such as preventing or detecting crime, protecting property, and ensuring safety. We do not use CCTV in private areas where people should reasonably expect privacy. You may request access to recordings of you as required by data protection law. Verisure footage is stored securely and access is controlled. You should also be informed by on‑site signage that CCTV is in operation and why it is used; this supports transparency around this processing. 

Third‑party systems and data sharing

We use third‑party service providers to deliver services on our behalf. This includes:

  • Momence for booking, scheduling, payments, membership management and related communications. This means Momence processes your name, contact details, booking history, health or consent information you provide, and billing details.

  • Payment processors such as Stripe via Momence to handle payments securely.

  • Analytics providers for website performance and usage data.

We only share the information necessary for these services and require partners to protect your data in accordance with data protection law.

How we store and protect your data

We keep your information secure using technical and organisational safeguards. Electronic records are stored on secure systems protected by access controls. CCTV footage and digital records are stored with strict access limits. We retain data only as long as needed to fulfil the purpose of collection and legal or regulatory requirements.

Your rights

Under UK GDPR you have rights including: the right to access your personal data, correct inaccurate data, erase data, restrict or object to processing, withdraw consent where applicable, and request data portability. You can exercise these rights by contacting us at support. If you have concerns, you also have the right to complain to the Information Commissioner’s Office (ICO).

Marketing and communications

We may send you news, offers or updates by email if you have opted in. You can opt out at any time via the unsubscribe link in our emails or by contacting us directly.

Cookies and website tracking

We use cookies and similar technologies to understand how people use our website and improve functionality. You can manage cookies through your browser settings.

Changes to this privacy policy

We may update this policy from time to time. The most current version will be available at https://www.sojournpilates.com/privacy-policy and will include the date of revision.