Privacy Policy

This privacy notice tells you what to expect when I collect personal data, and how to contact me should you wish to discuss any aspect of how I handle that data.

Data protection contact

If you have any queries at all regarding data protection, please email me at

The data I process

I store basic customer data so I can take bookings and communicate with my students via a mailing list. I don’t pass the data to anyone else. I don’t ask you for any sensitive data.  

How the data is processed


While you’re subscribed to my mailing list you will receive emails from me about yoga related content.  You are welcome at any time to unsubscribe from the list, of course – either use the “unsubscribe” link at the bottom of any email I’ve sent you, or drop me an email and I’ll take you off manually.

Mailing lists

I use MailChimp to manage my customer mailing lists. They’re a reputable global service provider, and they are fully aware of their responsibilities with regard to information security and data protection. They have a privacy notice of their own, which you can read at (If you’re interested, they also have a more detailed piece about their GDPR compliance:

MailChimp’s servers are located in the USA; they are registered under the Privacy Shield arrangement.

Other data stores

I use Acuity Scheduling to manage and process on line bookings.  Their privacy policy can be located here:  I store no information relating to bank account or credit card payment details.

If you email me, anything you send will be kept for no longer than one year before being removed.


 From time to time I or other authorized parties will carry out photography and/or video recording, which may feature students.  By accepting these terms and conditions, you agree that I or any authorized party may use such images in perpetuity in any promotional, advertising or publicity material in any format whatsoever. You further agree that copyright in these materials rests with Vanessa Garrett Yoga or such authorized party (as the case may be).

Internet interaction

My Web site

I don’t store any personal data on my Web site, which is hosted by Squarespace. The Web server stores the usual log information for support and problem diagnosis purposes, but it doesn’t identify any individuals and nor do I attempt (or wish) to identify anyone from it.

Where cookies are used, it’s simply to make it work and to provide a good customer experience. You can tweak the settings on your browser to suit your privacy preferences.

Social media

I use Facebook and Instagram to post news and information. If you send me private messages, I’ll purge them after no more than six months.

Your data protection rights

You have a number of rights under the laws of data protection. As I mentioned earlier, please get in touch if you have any queries or concerns. I retain a log of requests that I receive so I can demonstrate compliance with data protection law.

  • Right of access: you can request a copy of any personal data I hold about you.
  • Right to rectification: you can ask me to correct any data that’s wrong.
  • Right to erasure: you can ask for your data to be deleted, as long as I don’t have a legitimate need to hold onto it (e.g. to send bills).
  • Right to restrict processing: you can ask that I stop processing your data if there’s some kind of dispute about its use.
  • Right to object: you can object to me using your personal data.
  • Right to data portability: if you want me to send a copy of your data to another organisation, please ask.


As I’ve said already, please get in touch if you have any concerns. If you’re dissatisfied with the way in which your complaint has been handled you may contact the local data protection supervisory authority:

Office of the Information Commissioner

Brunel House
Old Street
St Helier

Phone: +44 (0)1534 716530