• 25+ Years of Experience
  • Trusted by 200+ Experts
  • 30+ Patents
  • 14 Million Sunlighten Sauna Sessions per year
Book Now

Privacy Policy

This policy explains how we handle your personal data and sensitive health information in compliance with the General Data Protection Regulation (GDPR). By booking a session and completing our health declaration, you provide explicit consent for us to process health-related data to ensure your safety during infrared sauna therapy.

Information We Collect
We collect and process the following categories of data:

  • Contact Data: Name, email, and phone number used for your booking via Acuity Scheduling.
  • Health Data: Information regarding pregnancy, cardiovascular conditions, implants, and medications that may affect heat tolerance.
  • Financial Data: Payment processing information handled securely by Stripe or PayPal.
  • Marketing Data: Your preferences for receiving promotional communications.

Legal Basis for Processing
We process your personal data under the following legal bases:

  • Contract: To fulfill your booking and provide our services.
  • Explicit Consent: For the processing of “Special Category” health data to confirm you are fit for the session.
  • Legitimate Interests: For business operations and internal record-keeping.

Your Rights (Including Deletion)
Under GDPR, you have the following rights regarding your data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request that we correct any inaccurate information.
  • Right to Erasure (“Right to be Forgotten”): You may request that we delete your personal data. We will comply unless we have a legal or insurance obligation to retain specific records.
  • Right to Withdraw Consent: Withdraw your consent for health data processing or marketing at any time.
  • Right to Data Portability: Request a transfer of your data to another provider.

Data Retention & Security
We retain your health declaration and booking data for a period necessary to satisfy legal, accounting, or insurance requirements. All data is stored securely within our encrypted third-party platforms (Acuity, Stripe, and PayPal). We do not sell your data.

How to Exercise Your Rights
To request deletion of your data or to exercise any other rights, please contact us at infraredsaunaclub@sunlighten.com, we will respond to your request within 30 days. You also have the right to lodge a complaint with your local data protection authority if you believe your data has been mishandled.