Privacy Policy

Last updated: 30 November 2025

This Privacy Policy explains how ACT SELF DEFENCE CIC (company number 14204958) collects, uses and protects your data when you use our website or participate in training.

---

1. What Information We Collect

When you create an account or attend sessions, we may collect:

• Name
• Email address
• Account login details (securely hashed)
• Medical information you choose to provide
• Session bookings and attendance history
• Emergency-related notes relevant to training safety
• Waiver acceptance dates
• Digital membership card details including QR identifiers

2. Sensitive Medical Information

Medical information is optional but strongly recommended. It allows instructors to respond appropriately in emergencies and adapt training if needed.

You are responsible for keeping your medical details up to date. This data is only visible to authorised ACT instructors and is stored securely.

3. How We Use Your Information

We use your data to:

• Manage your member account
• Facilitate booking and attendance
• Generate digital membership cards with QR access
• Send session confirmations and reminders
• Apply safety measures during training
• Contact you about cancellations, schedule changes or emergencies

4. Legal Basis for Processing

We process your data under the following GDPR bases:

• Contract: providing training and session access
• Legitimate interest: managing safe training environments
• Consent: for storing optional medical information

5. Attendance & QR Codes

When you attend a session, your QR code is scanned to log your presence. This:

• Supports safeguarding
• Provides accurate attendance records
• Helps with fire safety and building occupancy checks

6. How We Store Your Data

Your data is stored securely in our UK-hosted system. Passwords are hashed and never stored in plain text.

7. Data Sharing

We do not sell or share your data with any third-party advertisers. Data may be shared only with:

• Authorised ACT instructors
• Our website hosting provider (for technical operations only)
• Payment processors (Stripe/PayPal) in the future if online payments are added

8. Cookies

Our website uses essential cookies for:

• Login and session functionality
• Security
• Bookings and navigation

You may accept these via our on-site cookie notice.

9. Your Rights

Under GDPR, you have the right to:

• Access your data
• Request correction or deletion
• Withdraw consent for medical data
• Request an export of your data
• Lodge a complaint with the ICO

10. Data Retention

We retain account information for as long as you maintain an active membership. If you request account deletion, your data will be removed unless required for safeguarding or legal purposes.

11. Contact for Data Requests

To request access, deletion or correction of your data, contact:
info@actselfdefence.com

12. Updates to This Policy

We may update this policy occasionally. Any changes will be posted on this page with an updated revision date.