PRIVACY POLICY

How we collect, use, and protect your personal data

Last updated: February 2026

Quick Navigation

Overview Data Controller Information We Collect How We Use Your Info Legal Basis Data Sharing Data Retention Your Rights Cookies Data Security International Transfers Changes to Policy Contact Us
1

Overview

Carlson Gracie Blackburn & Clitheroe ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you use our website, attend our classes, or interact with us in any way.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take our responsibilities regarding the protection of personal data seriously and are committed to using it fairly, lawfully, and transparently.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy.

2

Data Controller

The data controller responsible for your personal data is:

Carlson Gracie Blackburn & Clitheroe

carlsongracie.bc@gmail.com

07843 973 816

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us using the details above.

3

Information We Collect

Personal Information You Provide

When you join our academy, enquire about our services, or interact with us, we may collect the following information:

  • Identity data: Full name, date of birth, gender
  • Contact data: Email address, phone number, postal address
  • Emergency contact data: Name and phone number of your emergency contact
  • Health data: Medical conditions, injuries, or disabilities relevant to your safe participation in training
  • Payment data: Bank details, payment card information (processed via secure third-party payment providers)
  • Training history: Belt rank, attendance records, competition results, grading history

Information Collected Automatically

When you visit our website, we may automatically collect:

  • Usage data: Pages viewed, time spent on pages, navigation paths
  • Technical data: IP address, browser type and version, operating system
  • Device data: Device type, screen resolution, unique device identifiers
  • Cookie data: Information stored via cookies and similar technologies (see our Cookies section below)
4

How We Use Your Information

Service Provision

  • Administering your membership and delivering BJJ classes
  • Managing class bookings, attendance, and grading records
  • Processing membership fees and payments
  • Ensuring your safety during training through health and medical information

Communication

  • Responding to your enquiries and free trial requests
  • Sending class schedule updates, event notifications, and academy news
  • Marketing communications (only with your explicit consent)

Legal & Safety

  • Complying with legal obligations and regulatory requirements
  • Safeguarding children and vulnerable adults
  • Health and safety compliance within our facilities
  • Insurance claims and accident reporting
6

Data Sharing

We may share your personal data with the following categories of recipients, where necessary and appropriate:

  • Service providers: Third-party companies that assist us with payment processing, website hosting, email delivery, and IT support
  • Insurance providers: Our insurers in connection with claims, incidents, or policy requirements
  • Governing bodies: BJJ and martial arts governing bodies for grading, competition registration, and affiliation purposes
  • Legal authorities: Law enforcement, regulatory bodies, or courts where required by law or to protect our legal rights
  • Emergency contacts: Your designated emergency contact in the event of an injury or medical emergency

We will never sell your personal data to third parties.

7

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

Membership Records

Retained for 7 years after your membership ends, in line with limitation periods for potential claims.

Financial Records

Retained for 6 years as required by HMRC for tax and accounting purposes.

After the applicable retention period, your data will be securely deleted or anonymised.

8

Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data in certain circumstances.

Right to Restrict Processing

Request that we limit the processing of your data.

Right to Data Portability

Request your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests or direct marketing.

Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at carlsongracie.bc@gmail.com. We will respond within 30 days.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.

9

Cookies

Our website uses cookies and similar technologies to enhance your browsing experience. Cookies are small text files placed on your device that help us understand how you use our site.

Essential Cookies

Required for the website to function properly. These include session cookies, security tokens, and preferences. Cannot be disabled.

Performance Cookies

Help us understand how visitors interact with our website by collecting anonymous usage information (e.g., pages visited, time spent).

Functionality Cookies

Remember your preferences and settings (e.g., preferred location, language) to provide a more personalised experience.

Marketing Cookies

Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns. Only set with your explicit consent.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of our website.

10

Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

Secure servers with encrypted data storage and HTTPS across our entire website
Regular security assessments and vulnerability scanning
Role-based access controls limiting data access to authorised personnel only
Secure payment processing through PCI-DSS compliant providers
Regular data backups with encrypted off-site storage

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but will notify you promptly in the event of a data breach as required by law.

11

International Transfers

Your personal data is primarily stored and processed within the United Kingdom. Where we need to transfer data outside the UK, we ensure appropriate safeguards are in place:

  • Transfers to countries with adequacy decisions recognised by the UK government
  • Use of Standard Contractual Clauses (SCCs) approved by the ICO for transfers to other countries
12

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make changes, we will notify you through:

  • Posting the updated policy on our website with a revised "Last updated" date
  • Email notification for significant changes that affect how we use your data
  • Notices displayed at our training facilities

We encourage you to review this policy periodically to stay informed about how we protect your data.

13

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

carlsongracie.bc@gmail.com

Blackburn — Westbury Gardens, BB1 1XF

Clitheroe — Combat Performance Academy, BB7 9AH

We aim to respond to all privacy-related enquiries within 72 hours.

READY TO JOIN THE TEAM?

Experience world-class Brazilian Jiu-Jitsu training with your first class completely FREE!

CLAIM YOUR FREE TRIAL