1 Introduction

“Park Yoga” refers to Park Yoga a UK based charity registered with the Charity Commission for England and Wales (1183253). Registered office at c/o Purple Office, 6 Crown Square, Poundbury, Dorchester, DT1 3EN.

Park Yoga is a community yoga event led by a qualified instructor in a park which takes place every Sunday between May – September between 9.30 – 10.30, at locations all around the UK, where people of all abilities, and backgrounds, are able to participate in a yoga class for free.

Our mission is to improve the health and wellbeing of the public by providing free yoga sessions in an open space for the public benefit. The beneficiaries will extend to those living throughout the UK regardless of age, disability, gender or ethnicity.

We are committed to respecting and protecting your personal data and online privacy. This includes your right to know what we do with the personal information you share with us. It also guides our policies regarding the management of your data, including how the information is collected, how it is processed and for what purposes.

It is important to us that we communicate our policies and procedures with you clearly and in a manner that provides clarity to all participants in Park Yoga and those who have used our other services, for example a Park Yoga shop and/or donation platforms.

Our Director, Cathi Farrer-Mitchell, collects, manages, and processes all associated data and is therefore considered the data controller.

2 Definitions and interpretations

“Company/we/us/our/group” refers to Park Yoga and/or any subsidiary or organisation operating under our name

“Data Controller” refers to the meaning defined in Article 4 of the UK GDPR

“Data Processor” refers to the meaning defined in Article 4 of the UK GDPR

“Data Protection Act 2018 (DPA)” refers to the regulation Park Yoga complies with as a UK based Charity

“Data Protection Officer (DPO)” refers to the designated person appointed by Park Yoga to monitor data protection compliance within the company

“Donation Platforms” are the official providers and websites that allow people to make monetary donations towards the continued operations of Park Yoga

“Event team” refers to the Yoga Instructors who organise and carry out the individual Park Yoga events

“Information Commissioner’s Office (ICO)” refers to the UK based independent regulator of information rights.

“Internet Protocol (IP) Address” refers to a unique string of characters that identifies each computer using the Internet Protocol to communicate over a network

“Milestones” refers to when someone registered with Park Yoga reaches an individual number of participations since registering at Park Yoga

“Personal data” refers to the meaning defined in Article 4 of the UK GDPR

“Profiling” refers to the processing of personal data to evaluate certain things about an individual

“Online privacy” refers to the level of protection afforded to an individual and their personal data in relation to Park Yoga operating systems

“Terms & Conditions” refers to the Terms and Conditions an individual agrees to when registering to participate at Park Yoga and any newer version of said terms and conditions as and when they are updated.

“UK General Data Protection Regulation (UK GDPR)” refers to regulation Park Yoga Global complies with as a UK based Charity

“Websites” refers to all websites and/or applications operated by or on behalf of Park Yoga and/or licensors with permission to operate from Park Yoga

“You/your/participant/individual” refers to the living individual whose personal identifiable information is stored by Park Yoga

3.1 Contract

As registration for an event is not required Park Yoga does not therefore hold any personal data for participants on any database.

3.2 Legitimate Interests

We wish to develop the reach and impact of our events and as such have a legitimate interest to process certain information with this aim. This includes carrying-out research to further understand who is or isn’t participating in our events (in order to understand our ability to impact those most in need) or capturing and sharing images of our events taking place, helping us to inspire other people to engage in physical activity and redefine what it means to be active.

We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

3.3 Consent

Above and beyond simple participation as a participant or volunteer, there are a number of ways you can help us to ensure our events positively impact the health and happiness of their local communities, and remain free to participate in.

One of the best ways to support us in this way is by consenting to receive emails regarding event profiles, offers, competitions and emails from our partners, and more. We therefore provide the opportunity for you to opt into these communications. You can opt out at any time.

Due to UK GDPR requirements for providing consent, we do not process any data on children under the age of 13 if it would require consent as the lawful reason for processing. For this reason, children under the age of 13 do not have the option to opt in to the above emails.

3.4 Other Lawful Bases

There may be occasions where we are required to process information under one of the other three lawful bases:

  • Legal Obligation – for example, this is where we are required to process data to comply with law
  • Vital Interest – for example, if we are required to use an individual’s data to assist with emergency medical care but they are unable to provide consent
  • Public Task – for example, if we are required to carry out a specific task in the public interest which is laid out in law

4 – Categories of data

We utilise the following definitions for the types of data we collect:

4.1  Contact

Individuals who use the Park Yoga donation platforms may be required to provide additional personal information.

 4.2 Technical

For an individual using our donation platforms we utilise IP address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating systems and platform, records of pages visited and other information about the devices used to access our websites.

4.3 Incidents

As part of our continual review of incidents at Park Yoga events we maintain a record of all relevant incident details as they occur, this may include Special Category Data such as individual medical history, if applicable.

4.4 Survey

Any data submitted to us as part of research activities.

4.5 Event Imagery

Filming and photography captured at our events.

5 What data we collect

There are a number of ways where either you are able to explicitly share data with us or we are able to collect it as a result of your actions:

5.1 Donating to Park Yoga

  • Park Yoga has made a commitment that participation in Park Yoga events will be free, forever, for everyone.
  • To assist in this Park Yoga has developed and will continue to develop official platforms where individuals have the option to make one off or continuous donations to Park Yoga.
  • When making a donation an individual is required to provide additional personal information to process the payment and also may be required to open up an additional account with the donation platform.
  • We currently have the following fundraising platforms using external providers:
  • Donations to us via CAF Bank (Charities Aid Foundation), registered via CAF Bank Ltd, 25 Kings Hill Avenue, Kings Hill, West Malling, Kent, ME19 4TA. CAF Bank is the data controller and all data shared and stored with them is through their Privacy Policy
  • Donations to us through Zettle contactless donation machines, registered as Zettle by PayPal, Whittaker House, Whittaker Avenue, Richmond-Upon-Thames, Surrey, United Kingdom, TW9 1EH. Zettle by PayPal is the data controller for this agreement with data. Zettle by PayPal is the data processor and all data shared and stored with them is through their Privacy Policy
  • Donations to us through Volt, registered via Volt Technologies ‘Holdings Limited’, 42 Berners Street, London, United Kingdom, W1T 3ND. Volt Technologies is the data controller for this agreement with data. Volt Technologies is the data processor and all data shared and stored with them is through their Privacy Policy

The following information will be provided to Park Yoga when making a donation:

  • Individual name including title, first name and surname
  • Individual email address
  • Individual postal address

5.3 Partner Surveys

  • On occasion, to help to support our venues and partners we send out partner surveys, under the lawful basis of Consent, to understand their level of connection with the Park Yoga communities they support.
  • Surveys sent by us are done using SurveyMonkey Inc and its affiliates, with data provided by survey respondents held under their Privacy Policy. This data is then held under our privacy policy when transferred from SurveyMonkey to our systems.

5.4 Incident reports

  • Incident reports are compiled by the instructor in the event of an incident. Relevant data is collected via email.
  • Additional information may be added by Park Yoga staff to these reports as part of the process of following up on the incidents.

5.5 Cookies

  • When you visit our websites, cookies will be stored on your computer. Generally, cookies and similar technologies work by assigning to your browser or device a unique number that has no meaning outside of Park Yoga. We use these
  • technologies to personalise your experience and to assist in delivering content specific to your interests.
  • Some third-party services we use, such as Google Analytics, may place cookies in your browser. This Privacy Policy covers use of cookies by Park Yoga only, and not the use of cookies by third parties.
  • To manage the collection of information through cookies or other equivalent technology you can use the settings on your browser or mobile device.

5.6 Log Files

  • The collection of information: Every time you connect to Park Yoga websites your IP (Internet Protocol) address registers on our servers. Your IP address reveals no information other than the number assigned to you.
  • We do not use this technology to obtain any personal data against your knowledge or free will (i.e. automatically recording email addresses of visitors). Nor do we use it for any purpose other than to help us monitor traffic on our website, or (in case of criminal activity or misuse of our information) to cooperate with law enforcement.

5.7 Web Beacons

  • These are small pieces of code that deliver a graphic image on a web page or in an email for the purpose of transferring data back to us. The information collected via this process will include information such as IP Address, as well as information about how you respond to an email campaign (e.g. at what time the email was opened, which links you click on in the email, etc.).
  • We may use web beacons on our websites or include them in e-mails that we send to you. We use this information for a variety of purposes, including but not limited to, site traffic reporting, unique visitor counts, advertising, email auditing and reporting, and personalisation.

5.9 Social Media

  • When you engage with Park Yoga over social media, it will usually be as a registered user of that social media platform. The use of personal data on social media is governed by your agreement with that platform’s own privacy policy or terms and conditions. Park Yoga official social media pages are administered by Park Yoga [and the instructor for each venue] as a data controller of these pages.
  • These social media platforms may process user personal data to deliver anonymised user statistics to the local administrator of that page or event. We do not use the
  • personal data you have made available on social media outside of that platform, unless you have given us your consent to do so.

5.10 Event Photography and Filming

  • Photography or filming is likely to take place at our events, is common practice, and helps us to inspire other people to engage in physical activity and to redefine what it means to be active. It also provides a means for historical recording of our events over time. Furthermore, our use of images helps to demonstrate diverse groups of people engaging in and enjoying physical activity both during Park Yoga events but also as part of the wider community.
  • We ensure compliance with safeguarding laws and are supported through our Safeguarding Team and externally with the support of other experts in the field of safeguarding. Further details of our Photography Policy are available on request.
  • Individuals can submit their own stories, information and/or photos directly to Park Yoga. Information submitted is stored in line with this Privacy Policy and this is clearly stated on the form, along with the individual’s rights in regards to that information.

6 What data we share

6.1 Anonymised participant data

Our vision is for the UK to have connected communities, reduced social isolation with people living with improved physical and mental wellbeing and, as a result, much of our internal work centres around understanding the health and wellbeing of our communities.

6.2 Park Yoga Surveys

Any data collected in line with Park Yoga Surveys, may be shared with official partners. Any data shared will be anonymised and aggregated, with no individual responses and/or personal data shared directly.

6.3 Imagery

Images shared with Park Yoga may be used on Park Yoga Social Media channels and/or our websites, as well as other promotional material, including but not limited to videos and imagery on posters.

7 How we contact you

The large majority of our outgoing communication, to the Park Yoga community, is via social media.

Sending an email to you is a form of data processing, and as such may only be carried out under a specific lawful basis.

7.1 Under the Lawful Basis of Fulfilling a Contract

In order to fulfil our obligation to you and to ensure our events are delivered in a safe and appropriate manner, and to ensure the Park Yoga organisation is managed appropriately, there are some communications we send to everyone.

The following communications are not an exhaustive list, but fall into this category:

  1. Confirmation you have registered with us.
  2. Updates to key documents, such as this Privacy Policy.
  3. Confirmation that your participation (participating or volunteering) has been recorded by the local event team.
  4. Notification that you have joined a Park Yoga milestone club and are eligible to claim any associated items such as t-shirts, wristbands, or certificates.
  5. For those who have volunteered at a Park Yoga event, a regular volunteer update.
  6. For those who have signed up to volunteer at a specific Park Yoga event, emails from that event team relating to that volunteering situation.

As per Section 5 if you have registered to make donations via the Park Yoga donations platform we will also contact you under the lawful basis of fulfilling a contract to:

  1. Confirm receipt of donation(s)
  2. Any additional communication in relation to your specific donations to this platform

7.2 Under the Lawful Basis of Legitimate Interest

There are some occasions where we may contact you as part of our vision for the UK to have connected communities, reduced social isolation with people living with improved physical and mental wellbeing.

The following types of communications are not an exhaustive list, but fall into this category:

  1. Surveys aimed at developing our understanding of who is participating
  2. Surveys for research aimed at understanding the effect of Park Yoga on global health and wellbeing

You have a right to object to receiving these emails, to do that please contact Park Yoga  directly.

7.3 Under the Lawful Basis of Consent

As per Section 5 if you have registered to make donations via the Park Yoga donation platform we can also contact you under the lawful basis of consent to help support Park Yoga.

8 How we protect your information

We work extremely hard to apply appropriate security measures in order to protect your data from being accessed or disclosed without your permission, or lost. We have a relatively small staff team, who are regularly updated on good practice in data handling, all personal data is password protected and only available to those with a specific need for access.

In the event of a data breach we will notify you and any applicable regulator, where legally required to do so.

Park Yoga Instructors often use Facebook to communicate with participants, in these cases we retain administrative control centrally and are able to control/remove access when required.

9 – Retention periods

In order to present our data retention periods as simply as possible we have chosen to do so using our definitions of categories of data defined in Section 4.

9.1 Profile and identity data

Donation platforms: Park Yoga will hold the personal information for anybody who has made a donation via the data platforms controlled by this privacy policy for seven years after the last donation made.

9.3 Technical data – three years from point of collection

In order to provide the best possible service to our users, to support the administration of our systems and processes, and to comply with legal obligations.

9.4 Incident data – in perpetuity

We retain this data in order to keep a historical record of our incident profile, from which we are able to continually review our operating policies in order to enable the safe and appropriate delivery of our events. By collecting this data we are able to comply with legal obligations surrounding health and safety.

9.5 Survey data – in perpetuity

This data is used for the purposes of understanding our community in greater detail. Changes over time are of particular interest where comparison of current versus historical data allows us to assess the impact of our events and associated interventions.

9.6 Event Imagery – in perpetuity

Event imagery is predominantly processed under the lawful basis of Legitimate Interest, and may be stored securely by event teams in perpetuity as it represents a historical record of that event.

Although extremely rare, there can be occasions where we are required to process information conveyed in photographs under another of the lawful bases, such as Legal Obligation, Vital Interest, Public Task.

Our Photography Policy is available on request.

10 Automated decision making and Profiling

In some situations, we make automated decisions based on various types of data that we hold, this is known as profiling. Examples of where we use this might be to send research surveys to people who have only ever participated once or to market products to specific demographics of people.

Whilst our automated decision-making processes do not have a legal or similarly significant effect on the individuals concerned, you do have the right to object to us applying these processes to your data.

To understand more about automated decision making and profiling please see this section of the ICO website.

11 Your rights

Park Yoga is a UK registered charity, under UK GDPR you have certain rights in relation to your personal data.

To question, carry out or enquire about any of these rights please contact Park Yoga.

11.1 Be informed if your personal data is being used

Where appropriate we endeavour to inform you of this at the point where your personal data is collected, however, for circumstances where that is not practicable or possible please refer to this Privacy Policy.

11.2 Get copies of your personal data

You are free to request, at any time, a downloadable copy of all the personal data we hold on you.

11.3 Have your personal data corrected

If at any time you believe the data we hold on you is incorrect and/or no longer accurate and you are unable to change it via your Park Yoga profile please contact Park Yoga.

11.4 Have your personal data deleted

You are free to request, at any time, for us to delete your personal data by contacting Park Yoga.

Please note that once carried out this cannot be undone, as such, we would recommend that, in accordance with section 11.2, you request a downloadable copy of your participation history.

Every request is reviewed on a case-by-case basis and we do not delete volunteer data. This is in order to support potential future challenges, enquiries or investigations where this information may be critical.

11.5 Limit how we use your personal data

Where you have previously provided us consent to use your personal data in a specific way, you can remove your consent at any time by contacting Park Yoga.

If you are concerned about how your personal data is being used please contact Park Yoga.

11.6 Data portability

In conjunction with Section 11.2, we will provide you with copies of your data in standard machine-readable formats. If required, please contact Park Yoga.

11.7 Object to the use of your personal data

Where we are processing your data under the lawful basis of Legitimate Interest you have the right to raise an objection to this processing. This is not an absolute right to object and we will carry out an assessment on the objection on a case by case basis, balancing out your reasons for your objection in the context of our legitimate interests.

11.8 Contact us and/or raise a concern

Our designated Data Protection Officer is Cathi Farrer-Mitchell, c/o Purple Office, 6 Crown Square, Poundbury, Dorchester, DT1 3EN.

Any concerns or questions about this privacy policy can be submitted to Park Yoga, by emailing hello@parkyoga.co or by post to the address above.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues.

This Privacy Policy was approved by our Board of Trustees on 24th October 2024.