top of page
Gilson Gains Logo (1).png

Privacy Policy

Tayla Gilson | gilsongainspt@outlook.com Last updated: 27 May 2026

1. Introduction

This Privacy Policy ("Policy") explains how Tayla Gilson, ("the Trainer", "I", "me", "my") collects, uses, stores, and protects the personal data of clients and prospective clients ("you", "your").

I am committed to protecting your privacy and handling your personal data in a transparent and lawful manner, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By engaging my services, submitting an enquiry, or providing your personal information in any form, you acknowledge that you have read and understood this Policy.

The data controller responsible for your personal data is:

Tayla Gilson Email: gilsongainspt@outlook.com

As a sole trader, I am the sole data controller and am responsible for ensuring your data is handled lawfully and securely at all times.

2. Who is Responsible for Your Data?

3. What Personal Data I Collect

I may collect and process the following categories of personal data:

  • Full name

  • Email address

  • Phone number

3.1 Personal Identification Data
3.2 Health & Fitness Data

  • Current fitness levels and exercise history

  • Health conditions, injuries, or physical limitations relevant to your training

  • Fitness goals and progress information

  • Any other health-related information you choose to share with me

Please note that health and fitness information is classified as special category data under UK GDPR and is subject to a higher level of protection. I only collect this information where it is strictly necessary to provide you with safe and effective personal training services.

I collect your personal data through the following methods:

  • Website contact or enquiry form — when you submit an enquiry or booking request via my website

  • Email — when you contact me directly at gilsongainspt@outlook.com

  • WhatsApp — when you message me directly to enquire about or book sessions

  • Directly from you — when you provide health and fitness information as part of the onboarding process prior to commencing training

4. How I Collect Your Data

5. Why I Collect Your Data and the Legal Basis for Processing

I collect and use your personal data for the following purposes:

5.1 To provide personal training services

Legal basis: Performance of a contract — your data is necessary to deliver the services you have booked and paid for.

5.2 To manage bookings and communicate with you

Legal basis: Performance of a contract — I need your contact details to confirm, amend, or cancel sessions and to communicate with you about your training.

5.3 To assess and protect your health and safety during training

Legal basis: Explicit consent and vital interests — health and fitness information is collected with your knowledge and consent to ensure sessions are appropriate for your physical condition and to safeguard your wellbeing.

5.4 To process payments

Legal basis: Legal obligation — I may be required to retain certain records to comply with applicable laws and regulations.

I will never use your personal data for purposes that are incompatible with those listed above, and I will never sell your data to any third party.

I do not share your personal data with third parties except in the following limited circumstances:

6. How I Share Your Data

6.1 Payment Processing

Where payment is processed through a third-party payment platform, your payment details will be handled directly by that platform in accordance with their own privacy policy. I do not store your full payment card details.

6.2 Legal Requirements

I may disclose your personal data if required to do so by law, or in response to a valid request from a regulatory authority or law enforcement agency.

7. How Long I Keep Your Data

I do not share your health or fitness data with any third party under any circumstances, except where required by law or where you have given your explicit consent.

I will retain your personal data only for as long as is necessary for the purposes for which it was collected.

  • Active clients — your data is held for the duration of your time training with me.

  • Upon cessation of training — all personal data, including health and fitness information, will be securely deleted when you cease training with me.

You may request deletion of your data at any time by contacting me at gilsongainspt@outlook.com. I will action all deletion requests promptly and confirm once completed.

I take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, or disclosure, including:

  • Personal data shared via email is held within a password-protected email account

  • Personal data shared via WhatsApp is stored on a password or biometric-protected device

  • Health and fitness information is stored securely and accessed only by me

  • I do not store physical paper records containing personal data

In the event of a data breach that is likely to result in a risk to your rights and freedoms, I will notify you and, where required, the Information Commissioner's Office (ICO) without undue delay.

8. How I Store and Protect Your Data

9. Your Rights Under UK GDPR

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access — you have the right to request a copy of the personal data I hold about you

  • Right to rectification — you have the right to request that inaccurate or incomplete data is corrected

  • Right to erasure — you have the right to request that your personal data is deleted, subject to any legal obligations I may have to retain it

  • Right to restrict processing — you have the right to request that I limit the way I use your data in certain circumstances

  • Right to data portability — you have the right to receive your personal data in a structured, commonly used format

  • Right to object — you have the right to object to the processing of your data in certain circumstances

  • Right to withdraw consent — where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal

To exercise any of the above rights, please contact me in writing at gilsongainspt@outlook.com. I will respond to all requests within one calendar month in accordance with UK GDPR requirements.

10. Cookies and Website Tracking

If my website uses cookies or any analytics tools that collect data about your browsing behaviour, this will be disclosed separately via a cookie notice on the website. You will be given the opportunity to accept or decline non-essential cookies in accordance with applicable law.

If you have any concerns about the way I handle your personal data, I encourage you to contact me in the first instance at gilsongainspt@outlook.com so that I can address your concerns directly.

If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection matters:

Website: www.ico.org.uk Telephone: 0303 123 1113

11. Complaints

12. Changes to This Policy

I reserve the right to update this Policy from time to time to reflect changes in my practices or applicable law. Any material changes will be communicated to active clients, and the updated Policy will be made available on my website. The date at the top of this Policy will reflect when it was last revised.

13. Contact

If you have any questions about this Privacy Policy or how I handle your personal data, please do not hesitate to get in touch:

Tayla Gilson gilsongainspt@outlook.com

bottom of page