top of page

Be. Privacy Policy

PRIVACY POLICY 
Be. The Underground Retreat 

Last updated: 02/05/2026 
 

1. Introduction 

Be. The Underground Retreat respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you use our website (beunderground.co.uk) or visit our facility. 
 
We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. 

2. Data Controller 

Be. The Underground Retreat is the data controller responsible for your personal data. 
 
If you have any questions, please contact: 
Email: hello@beunderground.co.uk  

3. The Data We Collect 

a) Identity Data 
- Full name 
- Date of birth 
 
b) Contact Data 
- Email address 
- Phone number 
 
c) Booking & Account Data 
- Membership details 
- Session bookings 
- Attendance records 
 
d) Health & Safety Information (Special Category Data) 
- Medical conditions relevant to sauna, ice bath, or yoga use 
- Injury or health disclosures 
- Emergency contact details 
 
This information is collected to ensure your safety and suitability for participation. 
 
e) Payment Data 
- Billing address 
- Payment method details 
- Direct debit setup information 
 
We do not store full card details. Payments are processed securely via third-party providers. 

4. How We Collect Your Data 

We collect data when you: 
- Sign up for a membership 
- Book sessions 
- Complete health or waiver forms 
- Contact us directly 
- Use our website 

-Purchase Goods  

5. How We Use Your Data 

We use your data to: 
- Manage bookings and memberships 
- Process payments and direct debits 
- Ensure your safety during sessions 
- Communicate important updates 
- Comply with legal obligations 
- Improve our services 
 
We will only use your data where we have a lawful basis, including: 
- Contractual necessity 
- Legal obligation 
- Legitimate interests 
- Explicit consent (for health data) 

6. Health Information (Special Category Data) 

Health information is treated with strict confidentiality. 
 
We process this data only when: 
- You have given explicit consent 
- It is necessary to protect your vital interests (e.g. emergency situations) 
- It is required for health and safety compliance 
 
This information is only accessible to authorised staff. 

7. Payments & Direct Debits 

Payments may be processed through secure third-party providers such as: 
- Wix Payments 
- Stripe 
- GoCardless (for Direct Debits) 

-Sumup  
 
These providers handle your financial data securely and in accordance with their own privacy policies. 
 
We do not store: 
- Full debit/credit card numbers 
- Security codes (CVV) 

8. Data Sharing 

We only share your data when necessary, including with: 
- Payment processors 
- Booking system providers 
- IT and hosting providers 
- Legal or regulatory authorities where required 
 
We do not sell your personal data. 

9. Data Retention 

We retain your data only as long as necessary: 
- Membership & booking data: up to 6 years (for legal/accounting purposes) 
- Health data: retained only while relevant to your active use 
- Payment records: as required by law 

10. Data Security 

We implement appropriate security measures to prevent: 
- Unauthorised access 
- Loss or misuse 
- Data breaches 
 
Access is restricted to staff who need it for legitimate purposes. 

11. Your Rights 

Under UK GDPR, you have the right to: 
- Access your personal data 
- Correct inaccurate data 
- Request deletion (“right to be forgotten”) 
- Restrict processing 
- Object to processing 
- Data portability 
 
To exercise your rights, contact us at: 
hello@beunderground.co.uk  

12. Cookies 

Our website may use cookies to improve user experience and track usage. 
 
You can control cookies via your browser settings. 

13. Third-Party Links 

Our website may contain links to third-party websites. We are not responsible for their privacy practices. 

14. Complaints 

If you are unhappy with how we handle your data, you can contact the Information Commissioner’s Office (ICO): 
Website: https://ico.org.uk 

15. Changes to This Policy 

We may update this policy from time to time. The latest version will always be available on our website. 

16. Contact Us 

If you have any questions about this policy or your data: 
Email: hello@beunderground.co.uk  
 
Be. The Underground Retreat 
“Disconnect to reconnect.” 

bottom of page