Privacy Policy

Last Updated: 2025-09-22T17:42:20

London Acrobatics (“London Acro”, “we”, “our”, “us”) is committed to protecting your personal information and respecting your privacy. This Privacy Policy explains how we collect, use, and share information when you visit our website https://londonacro.co.uk, join our mailing list, or book events.

Who We Are

London Acrobatics is based in London, United Kingdom.
For any privacy-related questions, please contact us at: admin@londonacro.co.uk

Information We Collect

We may collect the following information when you interact with our site:

  • Newsletter sign-ups: name, email address.

  • Event bookings and forms: name, contact details, and information you provide in booking forms.

  • Payments: handled securely by Stripe. We do not store card details.

  • Emails and enquiries: any information you send us by email.

  • Technical data: basic server logs (e.g. IP address, browser type, time of visit).

We do not create user accounts or store profile information for visitors.

How We Collect Information

  • When you join our mailing list (via Mailchimp).

  • When you submit a booking form (via Fillout, with data stored in Airtable).

  • When you make a payment for an event (via Stripe).

  • When you contact us directly by email.

  • Automatically through necessary server logs.

How We Use Information

We use personal data to:

  • Send newsletters and updates (with your consent).

  • Process event bookings and payments.

  • Respond to enquiries.

  • Maintain the security and performance of our website.

Legal Basis for Processing

Under UK GDPR, we rely on the following legal bases:

  • Consent – for mailing list subscriptions.

  • Contract – to process event bookings and payments.

  • Legitimate interest – to respond to enquiries and maintain website security.

Service Providers and Data Sharing

We share data with trusted third-party service providers who help us run our website, manage subscriptions, and process bookings and payments:

  • SiteGround (UK) – website hosting.

  • Webstudio (EU) – site builder and delivery infrastructure.

  • Mailchimp (USA) – mailing list management. Mailchimp uses Standard Contractual Clauses (SCCs) or equivalent safeguards when transferring personal data from the UK/EU to other jurisdictions. A Data Processing Addendum (DPA) is in place.

  • Fillout (USA) – form submissions. Fillout is GDPR-ready and offers EU-based storage on higher plans. On the Starter plan, respondent data may be stored in the US under appropriate safeguards. A DPA is available on request.

  • Airtable (USA) – booking and ticket data storage. A DPA is available in account settings.

  • Stripe (USA/Ireland) – payment processing. Stripe is PCI-DSS compliant and encrypts payment data. We do not store card details. Stripe provides a DPA and uses SCCs for international transfers.

Some of our service providers use sub-processors who may be located outside the UK/EU. We require all such parties to abide by data protection laws, to enter into appropriate contracts, and to implement technical and organisational measures to protect personal data.

We do not sell or trade your personal data.

Data Retention

  • Newsletter – until you unsubscribe.

  • Bookings and payment records – up to 6 years (for tax and accounting).

  • General enquiries – usually deleted after 2 years.

  • Server logs – typically deleted after 30 days.

Where data is stored in non-UK/EU locations by third parties, safeguards are in place.

Cookies

At present we do not set cookies directly. Some third-party services (such as Stripe during checkout) may place essential cookies required for security and functionality. We do not use analytics or advertising cookies.

Data Security

We use SSL encryption and limit access to personal data to the admin team. Our third-party providers are GDPR compliant and follow industry standards for security.

Your Rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.

  • Request correction of inaccurate data.

  • Request deletion of your data.

  • Withdraw consent at any time (for newsletters).

  • Object to or restrict our processing in certain circumstances.

  • Request a copy of your data in a portable format.

To exercise these rights, please contact admin@londonacro.co.uk.
You also have the right to complain to the Information Commissioner’s Office (ICO) if you believe we are mishandling your data.

Children

Our website and services are not directed to children under 16, and we do not knowingly collect their personal data.

Data Breaches

In the unlikely event of a personal data breach, we will assess the impact and, where legally required, notify the ICO within 72 hours and affected individuals without undue delay.

Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on this page, with the date of the last update shown at the top.