top of page
  • Black Instagram Icon
  • TikTok
  • Black Facebook Icon
  • Youtube
  • LinkedIn

PRIVACY POLICY & GDPR NOTICE 

FOR THE POWER WITHIN 333

1. Introduction

This Privacy Policy explains how The Power Within 333 collects, uses, shares, and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and related laws.

We are committed to maintaining your trust and confidence by ensuring that your personal data is protected and handled responsibly.

2. Who We Are

The Power Within 333 (registered office at 6 Castle Royle, Bracknell, RG42 4JY) is the data controller for the purposes of this privacy notice. We are registered with the Information Commissioner’s Office (ICO) under registration number C1340262.

3. What Information We Collect

We collect and process the following categories of personal data:
- Name, email, phone number, and address
- Medical or wellbeing information (where relevant to services)
- Payment and billing information (not stored directly by us)
- Information via website forms, surveys, or direct contact
- IP address, browser type, and device type (via cookies)
- Photos or recordings (with consent)
- CCTV footage at our premises (stored for 30 days via ADT)

4. How We Collect Information

- Through client forms and service intake forms
- When you use our website (Wix-hosted) and interact with cookies
- When you make payments through our website or in-person
- When you sign up for newsletters or contact us directly
- When you follow or message us via social media

5. Legal Bases for Processing

We process personal data based on the following legal grounds:
- Consent (e.g., email marketing)
- Contract (e.g., providing a booked service)
- Legitimate interest (e.g., business development, surveys)
- Legal obligation (e.g., reporting to authorities)

6. How We Use Your Information

- To provide and manage your sessions or bookings
- To respond to inquiries or complaints
- To process payments securely
- To send newsletters or updates (with consent)
- To improve services and customer experience
- For legal, audit, and insurance purposes

7. Payment & Security

Website payments are handled via secure third-party processors (e.g., Stripe or PayPal) through Wix. In-person payments are processed using a PCI-compliant card reader. We do not store or access your full payment card details.

Our website and communications are protected with SSL encryption, and all data is securely stored on servers within the EEA via Wix and IONOS.

8. Cookies and Website Tracking

We use cookies to enhance user experience and understand how visitors interact with our website.

- Essential cookies: Required for basic site functionality
- Analytics cookies (Google Analytics): Track usage patterns, location, browser type

Upon visiting our site, you will be asked for consent to use cookies. You can manage your preferences via your browser or our cookie banner. For full details, see our separate Cookie Policy.

9. Sharing Your Data

We may share data with:
- IT service providers and website hosts (e.g., Wix, IONOS)
- Payment processors and accounting software
- Legal, insurance, and emergency health professionals
- Authorities (HMRC, police, NHS) when required by law
- Partners for events (only with relevance and minimal data)

All third-party service providers are contractually obligated to comply with data protection laws.

10. Marketing Communications

We only send marketing communications to personal emails with your consent. You may unsubscribe at any time via the unsubscribe link or by emailing surin@thepowerwithin333.co.uk

For business email addresses, communications are sent under legitimate interest, but you can opt out at any time.

11. Your Rights

Under the UK GDPR, you have rights including:
- Access to your personal data (Subject Access Request)
- Correction of inaccurate data
- Erasure ("right to be forgotten")
- Restriction or objection to processing
- Data portability
- Withdrawal of consent at any time

Requests can be made via email to surin@thepowerwithin333.co.uk

12. Data Retention

We retain data for no longer than necessary. Session and client records are stored for up to 7 years (to comply with legal and insurance requirements). CCTV footage is overwritten every 30 days.

13. Social Media & Filming

We manage our own Facebook, Instagram, TikTok, YouTube, LinkedIn, and podcast channels. Messages sent via these platforms are kept confidential.

Filming or photography at events is done with client awareness. Images or audio may be used for marketing purposes with your prior consent.

14. Complaints

To raise a privacy concern or complaint, please contact Surinder Nanuwa at surin@thepowerwithin333.co.uk If you're not satisfied, you have the right to lodge a complaint with the ICO (www.ico.org.uk).

15. Changes to This Policy

We regularly review and update this Privacy Policy to remain compliant with data protection laws. This version was last updated on 25/03/2025

bottom of page