Last updated:
This Privacy Policy describes how Tendonfresh, operating at tendonfresh.world, collects, uses, stores, and protects personal data when you purchase or enquire about our personalised outdoor activity plans, including the Weekend Wanderer Plan, Summit Explorer Plan, and Coastal Discovery Plan, as well as any bespoke route planning services we provide. We are committed to handling your information responsibly and in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
By using our website, submitting a contact form, or purchasing any of our outdoor activity planning products, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please refrain from using our services or providing personal data to us.
The data controller responsible for your personal information is Tendonfresh, located at 167, 169 Great Portland St, London W1W 5PF, United Kingdom. For any privacy-related enquiries, you may contact us via the details provided on our get-in-touch page. Our designated privacy contact handles all data subject requests and compliance matters related to our outdoor activity plan products and associated services.
We collect personal data that you voluntarily provide when interacting with Tendonfresh. This includes your full name, email address, and any message content submitted through our contact form. When you order an outdoor activity plan, we may additionally collect information about your fitness level, preferred terrain types, location preferences, group size, and availability dates to customise your plan effectively.
We also automatically collect certain technical data when you visit tendonfresh.world, including your IP address, browser type and version, operating system, referring URLs, pages viewed, time spent on pages, and device identifiers. This information is collected through cookies and similar technologies as described in our Cookies Policy.
We do not collect sensitive personal data such as health records unless you voluntarily include such information in your messages to help us tailor an outdoor activity plan to your specific needs. If you provide health-related information, we process it solely for the purpose of creating a suitable activity plan and with your explicit consent.
We use your personal data for the following purposes related to our outdoor activity planning products and services:
We will never use your personal data for purposes unrelated to our outdoor activity planning services without obtaining your prior consent. We do not sell, rent, or trade your personal information to third parties for marketing purposes.
Under the UK GDPR, we process your personal data on the following legal bases. For order fulfilment and plan delivery, we rely on the performance of a contract between you and Tendonfresh. When you submit a contact form or consent to data processing via our checkbox, we process your data based on your explicit consent. For website analytics and service improvement, we rely on our legitimate interest in understanding how visitors use tendonfresh.world, balanced against your privacy rights. Where required by law, such as for tax record keeping, we process data to comply with legal obligations.
We may share your personal data with trusted third-party service providers who assist us in operating our business and delivering outdoor activity plans. These include payment processors for handling transactions, email service providers for delivering plans and communications, cloud hosting providers for storing data securely, and analytics providers for understanding website usage patterns.
All third-party processors are bound by data processing agreements that require them to protect your information in accordance with UK GDPR standards. They may only use your data for the specific purposes we instruct and must implement appropriate security measures. We do not authorise our processors to use your data for their own marketing purposes.
We may also disclose personal data if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect the rights, property, or safety of Tendonfresh, our customers, or the public.
Your personal data is primarily stored and processed within the United Kingdom. If any of our service providers transfer data outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the Information Commissioner's Office, or transfers to countries with adequacy decisions. We regularly review our data transfer arrangements to maintain compliance with applicable data protection legislation.
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. Contact form submissions are retained for twenty-four months unless you request earlier deletion. Order and transaction records related to outdoor activity plan purchases are retained for seven years to comply with UK tax and accounting requirements. Plan customisation data is retained for three years to enable plan updates and customer support. Analytics data is retained in anonymised form for up to twenty-six months.
When personal data is no longer needed, we securely delete or anonymise it using industry-standard methods. Backup copies may persist for a limited period before being permanently removed from all systems.
Under the UK GDPR, you have the following rights regarding your personal data held by Tendonfresh:
To exercise any of these rights, please contact us using the details on our get-in-touch page. We will respond to your request within one month, though this period may be extended by two additional months for complex requests. We may need to verify your identity before processing your request.
Tendonfresh implements appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include SSL/TLS encryption for data transmitted through tendonfresh.world, secure server infrastructure with regular security updates, access controls limiting employee access to personal data on a need-to-know basis, regular security assessments and vulnerability testing, and staff training on data protection best practices.
While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to promptly addressing any data breaches in accordance with our legal obligations, including notification to the Information Commissioner's Office and affected individuals where required.
Our outdoor activity plans and website services are not directed at individuals under the age of sixteen. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided personal data to Tendonfresh, please contact us immediately and we will take steps to delete such information from our systems.
We may update this Privacy Policy from time to time to reflect changes in our outdoor activity planning products, services, or legal requirements. When we make material changes, we will update the date at the top of this page and, where appropriate, notify you via email or a prominent notice on tendonfresh.ddd. We encourage you to review this policy periodically to stay informed about how we protect your personal data.
If you have questions, concerns, or complaints about this Privacy Policy or our data handling practices, please contact Tendonfresh at 167, 169 Great Portland St, London W1W 5PF, United Kingdom, or via phone at +441614082874. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe your data protection rights have been violated.