Privacy Policy

Asana Lab, Operating from:

​

Units 3–5, Victoria Building

Lerret Road

Portland

Dorset

DT5 1FE

United Kingdom

​

If you have any questions about this policy or how we use your data, you can contact us at:

info@asanalab.co.uk

​

For the purposes of data protection law, Asana Lab is the “data controller” of your personal data.

We may collect and process the following types of personal data:

​

a) Information you provide directly

• Name

• Email address

• Phone number

• Postal address

• Date of birth (where relevant to training suitability)

• Emergency contact details (for in-person courses)

• Health information you choose to disclose (see section 6)

• Account login details for member areas or forums

• Communications you send to us (emails, contact forms, messages)

​

b) Payment and transaction information

• Course or membership purchases

• Payment status and history

We do not store full card details. Payments are processed securely by third-party providers such as Stripe, who handle your card information in accordance with their own privacy and security standards.

​

c) Online and technical information

• IP address

• Browser type and device information

• Pages visited and interactions with our website

• Cookies and similar technologies (see section 11)

​

d) Community and forum activity

If you participate in our online forums, groups, or community areas, we may collect:

• Profile information you choose to share

• Posts, comments, and messages you submit

• Participation history

We use your personal data for the following purposes:

​

• To provide and manage courses, trainings, workshops, and memberships

• To process payments and manage billing

• To communicate with you about your bookings, training requirements, and course updates

• To manage attendance, certification, and course completion records

• To provide access to online learning platforms, forums, and member areas

• To respond to enquiries and provide customer support

• To improve our services, website, and user experience

• To meet legal, regulatory, and insurance requirements

​

We only use your data where we have a lawful basis to do so.

Under UK GDPR, we rely on one or more of the following lawful bases:

​

• Contract: where processing is necessary to provide the courses or services you have purchased

• Legal obligation: where we are required to comply with the law

• Legitimate interests: where processing is necessary for the running of our business and does not override your rights

• Consent: where you have explicitly agreed (for example, marketing emails or optional health disclosures)

​

You can withdraw consent at any time where consent is the lawful basis.

We may send you emails about:

​

• Courses or trainings you have booked

• Important updates related to your membership or certification

• Other Asana Lab offerings that may be relevant

• ​

You can opt out of marketing emails at any time by using the unsubscribe link in our emails or by contacting us directly.

​

We do not sell your personal data to third parties.

For in-person training, we may ask you to disclose relevant health information to help ensure your safety and suitability for participation.

​

This information:

• Is provided voluntarily by you

• Is used only for safety, instructional, and insurance purposes

• Is handled with additional care and confidentiality

• Will not be shared without your consent unless required for safety or legal reasons

​

You are responsible for ensuring any health information you provide is accurate and up to date.

We may share your personal data with trusted third parties only where necessary, including:

​

• Payment processors (e.g. Stripe)

• Website hosting and IT service providers

• Online learning platforms or community tools

• Professional advisers (accountants, insurers, legal advisers)

• Regulators or authorities where legally required

​

All third parties are required to respect the security of your data and to process it in accordance with data protection law.

Some of our service providers may store or process data outside the UK. Where this happens, we ensure appropriate safeguards are in place, such as standard contractual clauses or equivalent protections, to keep your data secure.

We retain personal data only for as long as necessary for the purposes outlined in this policy, including:

​

• The duration of your course or membership

• Certification and record-keeping requirements

• Legal, tax, and insurance obligations

• ​

When data is no longer required, it is securely deleted or anonymised.

Under UK data protection law, you have the right to:

​

• Access the personal data we hold about you

• Request correction of inaccurate or incomplete data

• Request deletion of your data (where applicable)

• Restrict or object to processing in certain circumstances

• Request data portability

• Withdraw consent at any time

• Lodge a complaint with the Information Commissioner’s Office (ICO)

• ​

To exercise any of these rights, please contact us using the details above.

Our website uses cookies and similar technologies to improve functionality and user experience.

​

You can manage or disable cookies through your browser settings. Some parts of the site may not function properly without cookies enabled.

We take reasonable technical and organisational measures to protect your personal data against loss, misuse, unauthorised access, or disclosure.

​

However, no online system can be guaranteed to be completely secure, and you use our services at your own risk.

We may update this Privacy Policy from time to time to reflect changes in our services or legal requirements. The most recent version will always be available on our website.