Privacy policy

Athletic Social House (ASH)

Last updated: 21/01/2026

Privacy Policy

Athletic Social House (ASH)

Last updated: [add date before publishing]

1. Introduction

Athletic Social House (“ASH”, “we”, “us” or “our”) is committed to protecting your privacy and personal data.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you:

  • visit our website,

  • book or attend classes,

  • purchase memberships or products,

  • interact with us via third-party platforms, or

  • communicate with us.

ASH processes personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Who we are

Data Controller:

Athletic Social House

[Legal entity name once registered]

Registered in Spain

📧 privacy@athleticsocialhouse.com

3. Personal data we collect

We may collect and process the following categories of personal data:

a) Identity & contact data

  • Name

  • Email address

  • Phone number

  • Date of birth (where required by booking platforms)

b) Account & booking data

  • Class bookings and attendance

  • Membership type and status

  • Purchase history

c) Payment data

Payments are processed securely by third-party providers (e.g. Stripe, Mindbody).

ASH does not store full payment card details.

d) Technical data

  • IP address

  • Browser and device type

  • Operating system

  • Language and region

e) Marketing & communications data

  • Marketing preferences

  • Interactions with emails or ads

4. How we collect your data

We collect data through:

  • Our website (built using Framer)

  • Booking and membership platforms (Mindbody, ClassPass, Urban Sports Club)

  • Direct communications (email, forms, social media)

  • Cookies and similar technologies (see Cookie Policy)

5. How we use your personal data

We use your data to:

  • Provide and manage class bookings and memberships

  • Process payments and manage subscriptions

  • Communicate with you about your bookings or account

  • Improve our website, services, and user experience

  • Send marketing communications (where consent is given)

  • Comply with legal and regulatory obligations

6. Legal bases for processing

Under GDPR, we rely on the following legal bases:

  • Performance of a contract – to deliver classes, memberships, and services

  • Consent – for marketing communications and non-essential cookies

  • Legitimate interests – to improve our services and prevent fraud

  • Legal obligation – for accounting and regulatory compliance

7. Third-party service providers

We work with trusted third-party providers who process data on our behalf or as independent controllers:

Core platforms

  • Mindbody – class scheduling, memberships, payments

  • ClassPass – third-party class booking access

  • Urban Sports Club – partner booking platform

  • Framer – website hosting and analytics

Payments

  • Stripe (or equivalent) – secure payment processing

Marketing & analytics

  • Google Analytics

  • Meta (Facebook & Instagram)

Each provider processes data in accordance with their own privacy policies.

8. International data transfers

Some of our service providers are located outside the European Economic Area (EEA).

Where this occurs, we ensure appropriate safeguards are in place, such as:

  • EU Standard Contractual Clauses

  • Adequacy decisions by the European Commission

9. Data retention

We retain personal data only for as long as necessary:

  • Account and booking data: for the duration of your relationship with ASH

  • Payment records: as required by tax and accounting laws

  • Marketing data: until you withdraw consent

10. Your rights

Under GDPR, you have the right to:

  • Access your personal data

  • Rectify inaccurate data

  • Request erasure (“right to be forgotten”)

  • Restrict or object to processing

  • Data portability

  • Withdraw consent at any time

To exercise your rights, contact:

📧 privacy@athleticsocialhouse.com

You also have the right to lodge a complaint with your local data protection authority (e.g. AEPD in Spain).

11. Cookies

We use cookies and similar technologies to operate our website and improve your experience.

For full details, please refer to our Cookie Policy.

12. Marketing communications

You will only receive marketing communications if:

  • you have opted in, or

  • we are permitted to do so under applicable law.

You can unsubscribe at any time using the link in our emails or by contacting us directly.

13. Data security

We implement appropriate technical and organisational measures to protect your personal data against:

  • unauthorised access

  • loss

  • misuse

  • alteration

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or business changes. The latest version will always be available on our website.

15. Contact us

If you have any questions about this Privacy Policy or how we handle your data, please contact:

Athletic Social House

📧 privacy@athleticsocialhouse.com