Effective date: 01.12.2025
Privacy policy
We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, make a purchase, or use our services.
Introduction and Contact Details
Data Controller: Gus Wellness Limited ("Güs", "we", "us")
Data Protection Contact: hello@guswellness.com
Güs is committed to protecting the privacy and security of your personal data. This policy explains how we collect, use, and process the personal information you provide when you interact with our services, in compliance with the UK General Data Protection Regulation (GDPR).
The data we collect about you
We only collect personal data necessary to provide and manage our sauna services. We do not collect any Special Category Data (Sensitive Personal Data) such as health, medical, or genetic information.
The types of personal data we collect are:
Identity Data: Name.
Contact Data: Email Address.
Financial & Transaction Data: Details about payments to and from you, and other details of products and services you have purchased from us (e.g., booking history).
Survey Data: Feedback provided through customer satisfaction surveys.
Technical Data: Information collected via cookies and tracking technologies, detailed in our separate Cookie Policy (see Section 7).
How we collect your data
We use the following methods to collect data:
Direct Interactions: You provide data when you:
Create an account or book a session via our booking platform.
Purchase a membership or single session.
Complete a customer satisfaction survey.
Interact with us face-to-face at the Güs facility or at promotional events.
Automated Technologies: As detailed in Section 7, our website and booking platform use cookies and similar tracking technologies.
Third Parties: We receive limited transaction data from our payment processor (Stripe) to confirm purchases.
Our legal basis for processing personal data (GDPR)
We rely on the following lawful bases to process your personal data:
Sharing your personal data
We share your data only when necessary to operate the business and deliver the service:
Service Providers: We use third-party processors who perform functions on our behalf. These parties are contractually obligated to handle your data securely and in line with GDPR standards.
Booking, CRM, and Marketing: Kenko. Kenko is our central booking and customer management platform.
Payment Processing: Stripe. Stripe securely handles all financial transactions.
Legal & Regulatory Authorities: We will disclose your personal data where required to do so by law.
Data security, storage, and Retention
We take the security of your data seriously. We have implemented technical and organisational measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way.
Data Processor Compliance: We rely on our primary service provider, Kenko, which holds GDPR and SOC2 compliance certificates and has a signed Data Processing Agreement (DPA) with Güs, ensuring high data security standards.
Retention: We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Generally, customer data is kept for a period of 5 years after your last interaction, to comply with tax and legal record-keeping obligations.
Cookies and tracking technologies
Our website uses cookies. Some are strictly necessary for the website to function, while others (such as those for website analytics and marketing tracking) require your explicit permission.
Your legal rights (Data subject rights)
Under GDPR, you have the right to:
Request access to your personal data (commonly known as a "data subject access request").
Request correction of the personal data that we hold about you.
Request erasure of your personal data (Right to be Forgotten).
Object to processing of your personal data (e.g., for direct marketing).
Request restriction of processing your personal data.
Request the transfer of your personal data to another party (data portability).
To exercise any of these rights, please contact our Data Protection Contact at hello@guswellness.com. You also have the right to lodge a complaint with the UK supervisory authority for data protection matters, the Information Commissioner’s Office (ICO).
