Privacy Policy

Last updated: 1 March 2026

AeroSport UK ("AeroSport", "we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at aerosportuk.com and use our services. Please read this policy carefully. If you disagree with its terms, please discontinue use of the site.

1. Information We Collect

We may collect the following categories of personal information:

  • Identity Data: first name, last name, username, date of birth, gender.
  • Contact Data: email address, telephone number, postal address.
  • Financial Data: payment card details (processed securely by Stripe; we do not store full card numbers).
  • Transaction Data: details of sessions booked, payments made, and refunds processed.
  • Technical Data: IP address, browser type and version, time zone, browser plug-in types, operating system, and platform.
  • Profile Data: fitness goals, health conditions disclosed for training purposes, session notes, progress metrics.
  • Usage Data: information about how you use our website and services.
  • Marketing & Communications Data: your preferences for receiving marketing communications.

2. How We Use Your Information

We use your personal data in the following ways, under the following lawful bases:

  • Contract performance: to process bookings, manage payments, and provide client support.
  • Legitimate interests: to improve our platform, detect fraud, and ensure platform security.
  • Consent: to send marketing communications (you can withdraw consent at any time).
  • Legal obligation: to comply with applicable law including GDPR, tax law, and anti-money laundering regulations.

3. Data Sharing

We share your data only where necessary:

  • Trainers: when you book a session, the trainer receives your name, contact details, and the intake information you provide. They are contractually bound to use this data only for training purposes.
  • Payment processors: Stripe processes all payments. Their privacy policy applies to card data.
  • Service providers: we use third-party providers for email, analytics, and customer support software. All providers are GDPR-compliant and process data under Data Processing Agreements.
  • Legal authorities: we will disclose data if required by law or to protect the rights and safety of our users.

We do not sell your personal data to third parties. Ever.

4. Data Retention

We retain personal data for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Client profile and session data is retained for 7 years in accordance with UK tax law. Marketing preference records are retained for 3 years from last interaction. You may request deletion of your account and data at any time (subject to our legal retention obligations).

5. Your Rights Under GDPR

As a UK data subject, you have the following rights regarding your personal data:

  • Right of Access: to request a copy of the personal data we hold about you.
  • Right of Rectification: to request correction of inaccurate or incomplete data.
  • Right of Erasure: to request deletion of your data where there is no lawful basis for continued processing.
  • Right of Restriction: to request that we limit the processing of your data in certain circumstances.
  • Right of Portability: to receive your data in a structured, machine-readable format.
  • Right to Object: to object to processing based on legitimate interests or for direct marketing purposes.
  • Rights related to automated decision-making: we do not make solely automated decisions with significant legal effects.

To exercise any of these rights, contact us at aerosport@atomicmail.io. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

6. Security

We implement appropriate technical and organisational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include TLS encryption for all data in transit, AES-256 encryption for stored sensitive data, regular penetration testing, access controls and audit logs, and staff training on data security. Despite these measures, no internet transmission is completely secure. We cannot guarantee the security of data transmitted to our site.

7. Cookies

We use cookies and similar technologies on our website. Please refer to our Cookie Policy for full details of the cookies we use and how to manage your preferences.

8. Children's Privacy

Our services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16 without verifiable parental consent. If you believe we have inadvertently collected data about a child, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a prominent notice on our website and, where required by law, by requesting your re-consent. The date at the top of this page shows when it was last revised.

10. Contact

For any privacy-related questions, requests, or concerns, please contact our Data Protection Officer:
AeroSport UK
1 Brewers Hill Rd, Dunstable, LU6 1AA
Email: aerosport@atomicmail.io
Phone: +44 1582 934 617