Privacy policy

Last updated 31 May, 2024

Roam Within Ltd is a company weekend retreats and dyads to individuals and organisations and is based in the UK. 

Under the Data Protection Act (DPA) 1998 and the General Data Protection Regulation 2018 (GDPR) we have a legal duty to protect any personal information we hold.

What personal data do you collect, hold and process?

We hold:

  • Names, email addresses and personal contact information of customers interested in our retreats

  • Booking and payment information

  • Information provided on retreat registration forms

  • E-mail addresses on our mailing lists where explicit permission has been given to opt into a list

Why do you need this data and what do you use it for?

  • Names and contact details is to communicate with customers who are interested in our retreats

  • Our booking and payment systems are used to administer our retreats and dyad sessions

  • Information provided on retreat registration forms are used to run our retreats effectively

How do you store, protect and process the data?

  • Registration forms are stored via google forms (do we need a link to their privacy policy)

  • We use Squarespace as our booking system and your booking will be stored on this system in accordance with their privacy policy

  • We use Squarespace as our marketing automation platform for our mailing lists and the e-mail address you provide will be transferred to Squarespace for processing in accordance with their privacy policy

Do you share it with anyone else?

  • The information that you provide will only be shared with Roam Within employees and teachers, to help us run your sessions as effectively as we can.

  • We do not share personal data with third parties without explicit consent, unless required to by law.

What about your website? Do you gather any personal data or track visitors in any way?

  • We log all visits to this website using standard server-side logging mechanisms and formats which include IP addresses. Like all websites, we need to log IP addresses.

  • We also use third party analytics and tracking services (currently Google analytics and Facebook pixels).

  • We do use cookies via Google analytics and Facebook pixels.

How long do you keep the data once it's no longer needed?

  • We keep booking, financial and e-mail information for up to seven years and sometimes longer in line with financial / legal protocol.

  • We delete online registration forms one year from the date of retreat completion.

What are my rights around personal data?

You have the right at any time to ask for a copy of the information we hold free of charge.

You also have the right to:

  • ask for mistakes or gaps in the information we hold to be corrected;

  • ask for information not to be used in some circumstances;

  • withdraw previously given consent to processing in some circumstances;

  • ask for information we hold which is no longer needed to be deleted.

To make a request about your data, please contact us. You will need to provide proof of your identity before we can act on any requests.

How do I make a complaint?

If you are unhappy with the way we are holding or processing your personal information you can contact us with your complaint (please note we are a small business and your reply may not be immediate).

Changes to this privacy notice

We keep our privacy notice under regular review. It was last updated in May 2024.