EnduroLiving Data Privacy Policy

Effective Date: 20th April 2025

EnduroLiving is committed to protecting your personal data and your right to privacy. This Privacy Policy explains how we collect, use, store, and share your information when you interact with our website, services, and products — in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

EnduroLiving (“we”, “us”, “our”) is a wellness and performance brand based in Saltburn-by-the-Sea, United Kingdom. We provide performance and recovery experiences, digital memberships, and data-driven wellness recommendations through our platform, services, and Outpost facility.

2. What Data We Collect

We may collect the following types of personal data when you interact with us:

A. Information You Provide

Full name

Email address

Contact number (if applicable)

Payment details (processed securely via Stripe or similar provider)

Biometric data manually entered (e.g., HRV, resting heart rate, sleep hours)

Survey or feedback responses

B. Information Collected Automatically

IP address

Device type and browser

Website usage patterns (via cookies and analytics tools)

We do not collect any special category data (e.g., racial/ethnic origin, political opinions, genetic data) unless explicitly provided by you for a specific wellness protocol, and only with your clear consent.

3. How We Use Your Data

We use your data to:

Provide access to our digital wellness dashboard (EnduroIndex)

Recommend protocols or products based on your inputs

Deliver email content, including protocols, updates, and promotions

Manage bookings and Outpost services

Respond to enquiries or support requests

Improve our website performance and user experience

4. Lawful Basis for Processing

We process your data under the following lawful bases:

Consent – when you opt-in to marketing emails or submit wellness data

Contract – to fulfil our agreement when you purchase memberships or services

Legitimate Interests – for internal analytics, service improvement, or limited communications where your rights do not override ours

Legal Obligation – when required to comply with applicable laws

5. Data Sharing

We will never sell your data. We only share your information with trusted third parties where necessary, such as:

Payment processors (e.g., Stripe)

Email marketing platforms (e.g., Mailchimp or ConvertKit)

Analytics services (e.g., Google Analytics)

Software vendors that host or secure our digital platform

All providers are vetted and GDPR-compliant.

6. Data Retention

We retain your personal data only as long as necessary to fulfil the purposes outlined in this policy, including for legal, accounting, or reporting requirements.

Member account data: kept while account is active + 12 months

Email marketing data: kept until you unsubscribe

Booking and transaction data: retained for 6 years (as required by HMRC)

7. Your Rights Under UK GDPR

You have the right to:

Access your personal data

Correct or update inaccuracies

Request deletion (“right to be forgotten”)

Restrict processing in certain circumstances

Object to direct marketing

Withdraw consent at any time

To exercise any of these rights, please email us at: [insert contact email].

8. Cookies and Tracking Technologies

Our website uses essential cookies and analytics cookies to improve user experience and performance.

You can manage cookie preferences in your browser settings.

9. Data Security

We implement appropriate technical and organisational measures to safeguard your data, including:

SSL encryption

Secure cloud storage

Access controls and multi-factor authentication

Regular security audits

10. Contact Information

For data protection questions, requests, or complaints, contact:

Data Protection Officer

EnduroLiving

Email: info@enduroliving.co.uk

If you are not satisfied with our response, you may contact the UK Information Commissioner’s Office (ICO):

https://ico.org.uk