Privacy Policy

This page outlines the Privacy Policy for The Lazy Frog. On this page, we explain how we collect and use personal data. Our access and handling of this information is subject to the General Data Protection Regulations (GDPR). This replaces the Data Protection Act of 1998.

"The Lazy Frog" is the trading name of FAT LAZY FROG LTD, Company Number 13220702, registered with the Information Commissioner's Office, reg. no. ZB164955

The data we collect

When you make a booking and attend a course of treatment, we will collect some personal information so that we can record your appointment and manage your treatment session appropriately. This information includes your name, contact phone number, email address and information about any relevant health conditions or allergies.

Website cookies

We use cookies to personalise content, ads and to analyse our traffic. We also share information about your use of our site with our advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services

Why we collect this data

We need your personal contact information so that we can identify you in our booking system and contact you with any updates about your appointment. We also need to gather some information about any relevant health conditions that might affect your comfort and safety during a session.

How we use your data

Your personal contact information will be used to identify you as the guest for any session that you book with us. We may also use your contact details to update you about your booking and get your feedback after a completed session. With your consent, we may also use your contact details to keep you updated on news and special offers via our mailing list or other electronic marketing (e.g. social media).

Information about any relevant health conditions or allergies will be used to ensure your comfort and safety during any treatment or service we provide.

How we protect your data

Personal information may be stored in a number of locations, depending upon the nature of the information and how it was acquired (e.g. provided to us in person, or online via a booking form, email, social media, etc.). We only use secure, GDPR-compliant third party data processors for handling personal information for our booking system, mailing lists, or for processing payment information via a secure payment gateway. Any personal information that we hold is retained in a password-protected, encrypted system.

Your rights regarding your data

You have the right to request access (i.e. copies of) all your personal information held by us. We will provide this information within thirty days of having received your request. Where applicable, you can have your data in a portable format.

You have the right to ensure any information we retain is accurate. You can inform us of any changes to your personal information and we will update our records.

You have the right to have your personal information erased, provided it is no longer required for the handling of any unresolved matter or legal proceeding.

You have the right to restrict the use of your information under certain circumstances. This means that while we retain the information, it will not be processed until those circumstances are addressed.

You also have the right to object against the use of your personal information, for example by withdrawing consent to be contacted for direct marketing purposes.

Handling of data breaches

A data breach is any occasion where security measures have been deliberately or accidentally circumvented in order to access, alter, disclose or destroy personal information.

For example, if unauthorised parties have gained access to and potentially obtained copies of your personal information from our systems.

Outside of documents pertaining to matters we have handled, we generally do not retain anything except contact names, email addresses and telephone numbers (i.e. the information provided with consent). As such, the information we retain is generally low risk.

In the unlikely event that there is a personal data breach that represents a risk to individuals or their businesses, we will inform the Information Commissioners Office (ICO) within 72 hours of becoming aware of it.

Embedded content from other websites

Some pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.