top of page

Privacy Policy

Privacy Policy - Swansea Academy of Syrcas

Last Updated: - 22 July 2025

 

1. Our Commitment to Your Privacy

Swansea Academy of Syrcas ("we", "us", "our") is committed to protecting and respecting your privacy. This policy explains when and why we collect personal information about people who visit our website, sign up for our classes, workshops, or events, how we use it, the conditions under which we may disclose it to others, and how we keep it secure. It also explains your rights in relation to your personal data.

We aim to be clear and transparent about our data practices. If you have any questions about this Privacy Policy or our privacy practices, please contact us using the details provided in Section 14.

​

2. Who We Are

Swansea Academy of Syrcas is a circus school located at 21-23 Cwmrhydyceirw Rd, Cwmrhydyceirw, Swansea SA6 6LH, UK. Our legal name is SWANSEA POLE & AERIAL ACADEMY LTD. Our Company Registration Number is: 11983308 

​

3. What Personal Information We Collect

We may collect, store, and use the following kinds of personal information:

  • Identity Data: Full name, date of birth, gender.

  • Contact Data: Billing address, delivery address, email address, telephone numbers.

  • Health and Safety Data (Special Category Data): Information about physical health, injuries, allergies, disabilities, or medical conditions relevant to your participation in circus activities. We collect this to ensure your safety and make necessary adjustments. We will always seek explicit consent for processing this data, unless another lawful basis applies (e.g., vital interests in an emergency).

  • Emergency Contact Data: Name, relationship, and contact number of an emergency contact.

  • Financial Data: Bank account and payment card details (typically processed by a third-party payment provider). We do not typically store full card details. This is to ensure compliance with Payment Card Industry Data Security Standard (PCI DSS) requirements.

  • Transaction Data: Details about payments to and from you and other details of classes, workshops, or services you have purchased from us.

  • Technical Data (when you visit our website): Internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website. (See also our Cookie Policy if separate).

  • Usage Data: Information about how you use our website, products, and services.

  • Marketing and Communications Data: Your preferences in receiving marketing from us and our third parties and your communication preferences.

  • Image and Likeness Data: Photographs or videos taken during classes, workshops, or performances for promotional, archival, or educational purposes (with your explicit consent where required – see Section 11).

  • Information about Children: We collect information about children (under 18s) who attend our classes, including their name, date of birth, health information, and emergency contact details. This information is typically provided by a parent or guardian, and we require parental/guardian consent for processing children's data (see Section 10).

​

4. How We Collect Your Information

We use different methods to collect data from and about you including through:

Direct interactions: You may give us your Identity, Contact, Health, Emergency Contact, and Financial Data by filling in forms (online or paper), or by corresponding with us by post, phone, email, or otherwise. This includes personal data you provide when you:

  • Register for classes, workshops, or events;

  • Subscribe to our newsletter or publications;

  • Request marketing to be sent to you;

  • Enter a competition, promotion or survey; or

  • Give us feedback or contact us.

 

  • Automated technologies or interactions: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. (Please see our Cookie Policy [link to your cookie policy if separate] for further details).

  • Third parties or publicly available sources: We may receive personal data about you from various third parties such as analytics providers (e.g., Google), payment service providers, or if someone books a class for you.

  • CCTV: If we operate CCTV at our premises for security purposes, signage will be displayed.

​

5. Our Lawful Basis for Processing Your Information

UK data protection law requires us to have a valid lawful basis for processing your personal data. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Performance of a Contract: Where we need to perform the contract we are about to enter into or have entered into with you (e.g., to provide you with circus classes you have booked).

  • Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., for administrative purposes, to improve our services, or for security).

  • Legal Obligation: Where we need to comply with a legal obligation (e.g., health and safety requirements, safeguarding obligations).

  • Consent: Where you have given us explicit consent to do so (e.g., for sending direct marketing communications via email or SMS, or for using photographs/videos for promotional purposes, or for processing special category health data). You have the right to withdraw consent at any time by contacting us.

  • Vital Interests: In rare circumstances, we may need to process your personal information to protect your vital interests or those of another person (e.g., in a medical emergency).

​

Specifically, we use your information as follows:​​

Purpose/Activity

To register you as a new student/customer

To process and deliver your bookings (classes, etc.)

To manage our relationship with you


 
 
To ensure health and safety during activities

To send service communications (e.g., class changes)

To send marketing communications (with consent)
 

To administer and protect our business and website

​

To use data analytics to improve our website/services

​

For photography/videography (with consent)

​

To comply with legal or regulatory obligations​

Type of Data
​
Identity, Contact
​
​
Identity, Contact, Financial, Transaction, Health
​
Identity, Contact, Marketing & Communications

 
 
Identity, Health, Emergency Contact


Identity, Contact


Identity, Contact, Marketing & Communications

​

Identity, Contact, Technical

​

​

Technical, Usage

​

​

Image and Likeness

​

​

All relevant categories

​

Lawful Basis for Processing
​
Performance of a contract
​
​
Performance of a contract, Legitimate interests (safety)
 
Performance of a contract, Legitimate interests (e.g., to keep our records updated and to study how customers use our services)

Legal obligation, Vital interests, Explicit Consent (for health)

Performance of a contract, Legitimate interests

Consent

 

 

Legitimate interests, Legal obligation

​

 

Legitimate interests

 

 

Consent

 

 

Legal obligation

​

6. Sharing Your Information

We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes without your explicit consent.

We may pass your information to our third-party service providers, agents, subcontractors, and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example, to process payments or send out newsletters). However, when we use third-party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.

​

We may also share your information with:

  • Emergency Services: In the event of an accident or medical emergency, we may share relevant health and emergency contact details.

  • Professional Advisers: Including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.

  • HM Revenue & Customs, regulators, and other authorities: Who require reporting of processing activities in certain circumstances.

  • Safeguarding bodies: If we have concerns about the welfare of a child or vulnerable adult.

We will ensure any transfer of data, especially outside the UK, is done with appropriate safeguards in place as required by UK GDPR. This includes relying on adequacy decisions, implementing Standard Contractual Clauses (SCCs) issued by the ICO, or other legally approved mechanisms.

​

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

​

8. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

​

9. Your Legal Rights

Under data protection law, you have rights including:

  • Right of Access: You have the right to request a copy of the personal information we hold about you.

  • Right to Rectification: You have the right to request that we correct any personal information if it is found to be inaccurate or out of date.

  • Right to Erasure (Right to be Forgotten): You have the right to request your personal information to be erased where it is no longer necessary for us to retain such data.

  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.

  • Right to Data Portability: You have the right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller.

  • Right to Object: You have the right to object to our processing of your personal data where we are relying on a legitimate interest (or those of a third party). You also have the right to object to us processing your personal data for direct marketing purposes.

  • Rights in relation to Automated Decision Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. (We do not currently conduct such processing).

  • Right to Withdraw Consent: If we are relying on consent to process your personal data, you have the right to withdraw that consent at any time.

If you wish to exercise any of these rights, please contact us at [Your Data Protection Contact Email/Address]. We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

​

10. Children's Data (Under 18s)

We are committed to protecting the privacy of children. If you are under the age of 16, we require consent from your parents or legal guardian before you can register for our classes or provide us with personal information. For children under 13, parental/guardian consent is always required for processing personal data.

We collect information about children (including name, date of birth, relevant health information, emergency contact details) directly from parents/guardians or with their explicit consent. This information is used to ensure the child's safety and well-being during our activities, for class administration, and for communication with parents/guardians.

Parents/guardians have the right to review the information we hold about their child, request corrections, request deletion, and withdraw consent for the processing of their child's data at any time by contacting us.

​

11. Photography and Videography

We may occasionally take photographs or videos during classes, workshops, events, or performances for promotional purposes (e.g., on our website, social media, brochures) or for educational/archival reasons.

  • Adults: We will seek your explicit consent before using identifiable images or videos of you for promotional purposes. You can withdraw this consent at any time.

  • Children (Under 18s): We will always seek explicit consent from a parent or legal guardian before taking or using identifiable images or videos of children for promotional purposes.

  • General/Crowd Shots: For general crowd shots where individuals are not the main focus, we may rely on legitimate interests, but we will strive to inform attendees when filming or photography is taking place.

If you do not wish to be photographed or filmed, or wish for an image/video of you/your child to be removed, please notify a member of staff or contact us.

​

12. Cookies and Website Links

Our website may use cookies to enhance your experience. A cookie is a small file which asks permission to be placed on your computer's hard drive. Cookies allow web applications to respond to you as an individual. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

​

13. Changes to This Privacy Policy

We keep this Privacy Policy under regular review. Any changes we make to this policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or when you next attend a class. Please check back frequently to see any updates or changes. This policy was last updated July 2025.

​

14. How to Contact Us and Complaints

If you have any questions regarding this policy or our privacy practices, or if you wish to exercise any of your rights or make a complaint, please contact:

Data Protection Contact: 

Swansea Academy of Syrcas 21-23 Cwmrhydyceirw Rd, Cwmrhydyceirw, Swansea SA6 6LH 

You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk

bottom of page