Privacy & GDPR

We have assessed our systems and policy in accordance with the new GDPR regulations coming into force on May 25th  2018.  

This Privacy Policy details the approach that BGHS takes to the use of personal information from, and related to, our customers. We understand that privacy issues are extremely important to our customers and do not disclose any information to any third parties unless legally required to do so. We reserve the right to change this policy at any time and will post any revised details on this site. We have taken into account the new GDPR guidelines. 

Further details of this policy are listed below.

Cookies: We use cookies on our website in the form of google analytics. They do not collect PII. We do not collect or store information from our website. On occasion we advertise through Facebook. Facebook complies with GDPR and no individual identifying information is stored or collected by BGHS.  

Forum: The email address and IP address of all posts are recorded only to aid in enforcing the terms & conditions of the forum which has been agreed on registration. You agree that “Bristol Gardens Health Spa Forum” have the right to remove, edit, move or close any topic at any time should we see fit. As a user you agree to any information you have entered, being securely stored in the phpBB database which we as administrators have accessed to. While this information will not be disclosed to any third party without your consent, neither “Bristol Gardens Health Spa” nor phpBB shall be held responsible for any hacking attempt that may lead to the data being compromised. Passwords are not saved and no PII information is collected by us. We do not collect or store any posts for any reason. The forum platform phpBB is GDPR compliant under EU law. If you signed up to the forum before the GDPR rules were introduced you may wish to look again at the phpBB site for their own updates. If you wish to have your account deleted please email us with your username and linked email address and we will delete your posts and membership.  

Email addresses: If you contact us via our website, forum or direct email. We keep the email on our servers until they time out or we are asked to delete them. We do not use any of the information stored for marketing purposes and the emails are not disclosed to a third party. They are purely used to correspond with you in relation to the contact you make with us. 

Links to other website: Our website contains links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

At reception: When entering BGHS you will be asked to give your first name and surname. You will also be asked for a contact number. This information is kept on our POS system to ensure we can provide a safe and compliant environment and show compliance with legal and financial business data to authorities when legally required to do so. We may keep a record next to your name of any medical needs, events or situations that will improve your experience and safety of your stay or other users. We do not keep or store any payment card information. We do not share or use your data with third parties or anyone outside of BGHS unless legally required to do so in writing. We will not use the information to identify your visits to anyone and never give out information on who is in or has visited to members of the public even if they claim to be related. The software provider is confirmed to have implemented organizational and technical measures since 2017 to ensure that they are GDPR compliant. They are ICO registered and checked. If you wish your name and details to be removed from our CRM database you have the right to request this and we will delete it from our local database. Please email us at contact@bghs.co.uk to request this.

Paying by card: Card Receipts and statements will display the name BGHS instead of Bristol Gardens Health Spa. BGHS complies with PCI DSS regulations. Your card details will not be passed on to 3rd parties unless legally required to do so. We do not hold PII linking anyone to any card receipt. All receipts are stored securely and destroyed in accordance to with regulations in the recommended time frame.

Making Bookings: In order to book massage appointments prior to arrival in the building, you will need to leave a contact telephone number. This number will only be used to contact you, either to confirm your appointment or make you aware of any changes to the appointment that is necessary.  We may then use the number to build a securely stored record of customers that have failed to arrive, in order to prevent advance bookings in the future. No information will be given to third parties unless legally required to do so. See Massage booking T&C for further details. 

Medical information: We may need to keep a record of any medical information that you have informed us about, that could affect your visit to BGHS. This will be kept in confidence and only be used for the purpose of providing safer conditions for your visit. We are required to fill in an accident report for every incident that has resulted in medical attention needing to be received no matter how small. This report and any information given to us is kept securely and in confidence and only disclosed if requested to do so by our insurance company or any parties working on their behalf or if legally required to do so.

Breaking The Rules: We reserve the right to retain any information necessary that we have collected from you to identify you in the future should you break any of our rules, particularly if this results in a ban or needing to call the police. This will include details of your description and any visually identifying marks that we can note. If we have PII information such as phone number or address we will store this securely under GDPR rules. This information will stay on record permanently within our company unless we are legally required to share it or delete it. 

Recording equipment: We do not allow or use any visual or audio recording equipment in the building.We will seek to prosecute anyone who breaches the privacy of customers, staff and our business by making or publishing any recordings in any format.