Fullybody20 EMS

Privacy & Cookie Policy

At Fullbody20 EMS, we are committed to protecting your personal data and respecting your privacy. This policy explains what data we collect, how we use it, how long we keep it, and your rights in relation to it. It also covers our use of cookies on this website.

Please read this policy carefully. By using our website and services, you agree to the collection and use of information in accordance with this policy.

1. Who We Are

Fullbody20 EMS is a trading name of Tommy Lab Ltd, a company registered in England and Wales. Tommy Lab Ltd is the data controller responsible for your personal data.

If you have any questions about this policy or how we handle your data, please contact us at hello@fullbody20ems.co.uk.

2. What Data We Collect

2.1 Data You Provide Directly

We collect personal data that you provide to us when you:

  • Create an account on our website
  • Book a session or purchase a membership or package
  • Complete the health questionnaire
  • Submit an enquiry via our contact form

This data may include your name, email address, phone number, billing address, payment information and health information provided via our health questionnaire.

2.2 Data Collected Automatically

When you visit our website, we may automatically collect certain technical data including your IP address, browser type, device type, pages visited and time spent on the site. This data is collected via cookies and similar technologies (see Section 7).

2.3 Payment Data

Payments made through our website are processed securely by our third-party payment provider. We do not store your full payment card details. Only the information necessary to process and record your transaction is retained by us.

2.4 Health Data

As part of our onboarding process, we collect health information via our health questionnaire. This is considered special category data under UK GDPR and is collected solely to ensure your safety and to tailor your EMS training appropriately. This data is stored securely and accessed only by authorised staff.

3. How We Use Your Data

We use your personal data for the following purposes:

  • To provide our services — processing bookings, managing your account and delivering your sessions.
  • To process payments — handling subscription billing and one-off purchases.
  • To ensure your safety — reviewing health questionnaire responses prior to your sessions.
  • To communicate with you — sending booking confirmations, reminders, follow-up emails and responses to your enquiries.
  • To improve our services — analysing how our website and services are used to make improvements.
  • To comply with legal obligations — retaining records as required by law.

4. Legal Basis for Processing

We process your personal data on the following legal grounds:

  • Contract — processing is necessary to fulfil the services you have booked or subscribed to.
  • Legal obligation — where we are required to retain data by law.
  • Legitimate interests — for improving our services and communicating with you about your bookings.
  • Consent — for health data collected via the health questionnaire and for any optional marketing communications.

5. How We Share Your Data

We do not sell your personal data. We may share your data with trusted third-party service providers who help us operate our website and deliver our services, including:

  • WooCommerce — our e-commerce and account management platform.
  • Amelia Booking — our appointment booking and scheduling system.
  • WPForms — our contact form provider.
  • Payment processors — for secure handling of subscription and one-off payments.

All third-party providers are required to handle your data securely and in accordance with applicable data protection law. We do not permit them to use your data for their own marketing purposes.

We may also disclose your data where required to do so by law or in response to a valid request from a regulatory authority.

6. How Long We Keep Your Data

We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required by law. As a general guide:

  • Account and booking data — retained for the duration of your membership and for up to 6 years afterwards in line with standard legal retention requirements.
  • Health questionnaire data — retained for as long as you remain a client and for a reasonable period thereafter for safety and legal purposes.
  • Contact form enquiries — retained for up to 12 months unless an ongoing relationship is established.
  • Payment records — retained for up to 6 years in line with HMRC requirements.

When data is no longer required, it is securely deleted or anonymised.

7. Cookies

7.1 What Are Cookies

Cookies are small text files placed on your device when you visit a website. They help the website function correctly, remember your preferences, and provide us with information about how the site is used.

7.2 Cookies We Use

Our website uses the following types of cookies:

  • Essential cookies — required for the website to function. These include cookies used by WordPress, WooCommerce and Amelia to manage your session, keep you logged in and process your bookings. These cannot be disabled.
  • Functional cookies — used to remember your preferences and improve your experience, such as your cart contents and account details.
  • Analytics cookies — used to understand how visitors use our website so we can improve it. We may use tools such as Google Analytics for this purpose. Data collected is aggregated and anonymised where possible.

7.3 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Please note that disabling essential cookies may affect the functionality of our website, including your ability to make bookings or access your account.

For more information about managing cookies, visit www.allaboutcookies.org.

8. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access — you can request a copy of the personal data we hold about you.
  • Right to rectification — you can ask us to correct any inaccurate or incomplete data.
  • Right to erasure — you can ask us to delete your data where there is no compelling reason for us to continue processing it.
  • Right to restrict processing — you can ask us to limit how we use your data in certain circumstances.
  • Right to data portability — you can request your data in a structured, commonly used format.
  • Right to object — you can object to processing based on legitimate interests.
  • Right to withdraw consent — where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please email us at hello@fullbody20ems.co.uk. We will respond within 30 days.

9. Data Security

We take the security of your personal data seriously and have appropriate technical and organisational measures in place to protect it against unauthorised access, loss or disclosure. Our website is served over HTTPS and access to sensitive data is restricted to authorised personnel only.

Whilst we take every reasonable precaution, no method of transmission over the internet is completely secure. We cannot guarantee absolute security but will notify you and the relevant authorities in the event of a data breach where required by law.

10. Third-Party Links

Our website may contain links to third-party websites, including our YouTube channel and app store links for the InBody app. We are not responsible for the privacy practices of those websites and encourage you to read their privacy policies before providing any personal data to them.

11. Children

Our services are intended for adults aged 18 and over. We do not knowingly collect personal data from anyone under the age of 18. If you believe a minor has provided us with personal data, please contact us at hello@fullbody20ems.co.uk and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy & Cookie Policy from time to time. Any changes will be posted on this page with an updated date. We encourage you to review this policy periodically to stay informed about how we are protecting your data.

13. Complaints

If you have concerns about how we handle your personal data and we are unable to resolve them to your satisfaction, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

Version 1.0 — March 2026 — Fullbody20 EMS

Book a Free Trial
Book a Free Trial
Shopping Basket