Sunkissed Glow Sunbed Studio

Legal

Privacy Policy

Last updated: April 2026

Sunkissed Glow Sunbed Studio ("we", "us", "our") is committed to protecting your privacy. This policy explains what personal information we collect when you visit sunkissedglow.co.uk or use our studio, how we use it, and the rights you have under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Sunkissed Glow Sunbed Studio operates a luxury tanning and red light therapy studio at 32-40 Keirby Walk, Burnley, BB11 2DE. For any privacy queries, contact us at [email protected].

2. Information we collect

We may collect the following categories of personal information:

  • Identity & contact data — name, email address, date of birth (where required for age verification).
  • Booking data — appointment dates, sessions used, packages purchased.
  • Payment data — handled directly by our payment provider; we do not store full card details.
  • Health declaration data — answers to our pre-tan health questionnaire (skin type, medical conditions, medication) where relevant for safe use of UV equipment.
  • Marketing data — your preferences for receiving communications from us.
  • Technical data — IP address, browser type, device, pages viewed, collected via cookies and similar technologies.

3. How we use your information

We process your personal data for the following purposes and on the following legal bases:

  • To provide our services — managing bookings, taking payment, delivering safe tanning sessions (lawful basis: contract).
  • To meet legal and safety obligations — age verification (we do not provide UV tanning to under-18s), maintaining health records (lawful basis: legal obligation, vital interests).
  • To communicate with you — confirmations, reminders, service updates (lawful basis: contract).
  • For marketing — newsletters, offers and promotions, only with your explicit consent, which you can withdraw at any time (lawful basis: consent).
  • To improve our website — anonymous analytics to understand how visitors use the site (lawful basis: legitimate interest, with cookie consent where required).

4. Sharing your information

We do not sell your data. We share it only with trusted third parties who help us run the business — including our booking platform, payment processor, email provider, and website host. All processors are bound by contract to handle your data securely and only on our instructions. We may also disclose information where required by law.

5. How long we keep it

We keep personal data only for as long as necessary. Booking and transaction records are typically retained for 6 years to meet HMRC requirements. Health declaration records are kept for 3 years from your last visit. Marketing consent is held until you withdraw it.

6. Cookies

Our website uses essential cookies to function and, with your consent, optional cookies for analytics and marketing. You can manage your preferences via the cookie banner that appears on your first visit, or by clearing your browser cookies and reloading the page.

7. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (subject to our legal retention obligations)
  • Object to or restrict our processing
  • Withdraw consent for marketing at any time
  • Lodge a complaint with the Information Commissioner's Office (ico.org.uk)

To exercise any of these rights, email [email protected].

8. Security

We use appropriate technical and organisational measures to protect your data, including encrypted connections (HTTPS), secure payment processing, and restricted access to client records.

9. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top reflects the most recent version. Material changes will be highlighted on this page.

See also: Terms & Conditions