top of page

Privacy policy

We are committed to protecting your privacy and ensuring that any personal information you share with us is handled with care, transparency, and respect. This policy explains what information we collect, how we use it, and the choices you have.

Who we are

This website is owned by Jane Cord, who is also the Data Controller responsible for how your personal data is processed in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

 

Personal data we collect

We may collect personal information such as your:

  • name

  • contact details (address, email, telephone number)

  • date of birth

  • booking information

  • treatment history

  • payment information (processed securely by Wix Payments, Stripe, or Apple Pay — we do not store card details ourselves)

We only collect the information necessary to provide you with our services.

How we use your information

We use your personal data to:

  • manage your bookings and appointments

  • provide the treatments and services you request

  • process secure payments

  • communicate with you about appointments, enquiries, or updates

  • send marketing emails if you choose to subscribe (you can unsubscribe at any time)

 

Email marketing

If you sign up to our newsletter, we may send you updates about treatments, events, and offers. You can opt out at any time by clicking “unsubscribe” in any email.

 

Payments

Payments made through our website are processed securely by Wix Payments, Stripe, or Apple Pay. These providers handle your card details using industry‑standard encryption. We do not receive or store your full card information.

 

Website analytics and cookies

When you visit our website, we may automatically collect technical information such as:

  • your IP address

  • browser type

  • pages viewed

  • how you found our website

This helps us improve the website experience for our visitors.

Wix may also use cookies to support site functionality and analytics. You can manage cookie preferences through your browser settings.

 

Sharing your information

We do not sell or share your personal data with third parties, except:

  • where required by law

  • to prevent fraud or protect our website

  • to trusted service providers who help us operate our business (e.g., booking systems, payment processors, email platforms)

These providers only receive the information necessary to perform their services and must keep it secure.

 

Security

We take the security of your information seriously and use appropriate technical and organisational measures to protect it. This includes:

  • secure servers

  • encrypted payment processing

  • limited access to personal data

 

While no online system is completely secure, we take all reasonable steps to safeguard your information.

 

Your rights

Under UK GDPR, you have the right to:

  • access the personal data we hold about you

  • request corrections

  • request deletion (in certain circumstances)

  • withdraw consent for marketing

  • object to certain types of processing

You can learn more about your rights at: www.knowyourprivacyrights.org

 

Contact

If you have any questions about this policy or how your data is handled, you can contact:

Jane Cord Email: jane@enyajspa.com

Address: East Clyst, The Drive, Farringdon, Exeter EX5 2JD

bottom of page