All personal data is stored and processed in line with GDPR. Lyra Massage is registered with the Information Commissioner’s Office.

Lyra Massage only collects necessary personal data to make sure that clients’ can receive safe and effective treatments. It is used to tailor treatments to each individuals’ needs; reduce risks to clients’ health; maintain accurate records of clients’ treatment and health history; contact clients’ regarding appointments; and to comply with legal and insurance requirements.

Data collected from clients includes:

• Contact information (name, phone number, email, address)

• Health and medical history relevant to treatment

• Lifestyle relevant to treatment

• Session notes

• Emergency contact (if provided)

Client personal data is stored securely and privately on an online platform that provides a Data Processing Agreement. This platform is password protected, uses two-factor authentication and all data is encrypted.

Client personal data will be retained for 7 years after their last appointment. If the client is under 18 when they receive treatment, personal data will be kept until they are 25. This is for insurance and legal reasons.

Lyra is the only person who handles client personal data. All personal data is treated with the strictest confidence; no additional information will be sought without prior permission; and client permission will always be obtained before any data is shared or transferred.

At any time, clients have the right to access data held about them and rectify any inaccuracies or withdraw consent to take any additional personal data.

Lyra can be contacted at lyramassage@outlook.com to answer any questions about data protection.

You can read the South East Dance CCTV Policy here https://southeastdance.org.uk/cctv-policy/