Privacy Policy

Effective Date: September 24, 2025

Introduction

Atria Pilates (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website (atriapilates.ca) and our services. As a Mississauga, Ontario-based business, we comply with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable privacy laws. By providing your personal information or using our services, you consent to the practices described in this Privacy Policy. We encourage you to read this policy carefully and contact us if you have any questions.

Information We Collect

We only collect personal information that is necessary to offer our Pilates classes, memberships, and services. This information is provided directly by you through website forms, our scheduling/booking system, or during in-studio interactions. The types of personal information we collect include:

  • Contact Information: Name, email address, phone number, and other contact details you provide when you sign up for classes, memberships, newsletters, or inquiries.

  • Account and Booking Information: When you create a profile or book classes through our scheduling system (powered by WellnessLiving), we collect information such as your selected classes, purchased membership or class package, attendance history, and any preferences or notes you voluntarily provide (e.g. injury or fitness level notes, if you choose to share them).

  • Payment Information: If you purchase class packages, memberships, or subscriptions, payment details (e.g. credit card number or other payment data) are processed securely via our third-party payment processor or the WellnessLiving platform. We do not store your full credit card information on our own systems.

  • Website Usage Data: We use Google Analytics to automatically collect certain data when you interact with our website. This may include your IP address, browser type, device information, pages visited, and time spent on our site. This information is generally aggregated and not used to identify you personally. It helps us understand website traffic and improve user experience.

  • Cookies and Similar Technologies: Our website uses cookies and similar tracking technologies (like the Google Analytics cookies) to enhance your browsing experience, remember your preferences, and collect usage statistics. Cookies are small text files placed on your device; you can set your browser to refuse cookies or alert you when cookies are being sent. However, some website features might not function properly without cookies. For more details, see the Cookies and Analytics section below.

We do not knowingly collect personal information from children under the age of 18 without parental consent. Our services and website are intended for adults. If you are under 18, please do not submit personal information unless you have permission from a parent or guardian. Parents or guardians should contact us if they believe their child has provided personal information, so we can delete it.

How We Use Your Information

Atria Pilates uses the personal information we collect for the following purposes:

  • Providing and Managing Services: We use your information to schedule and manage your Pilates classes, memberships, or private sessions. For example, we may use your name and account details to reserve your spot in a class, track your class package usage, or verify your identity when you attend the studio.

  • Communication: We use contact information (email or phone) to communicate with you about your bookings and our services. This includes sending class booking confirmations and reminders, waitlist notifications, cancellations or schedule changes, and responses to inquiries you send us. We may also send you newsletters or promotional emails about studio updates, new classes, or special offers if you have subscribed to these updates. You can opt out of marketing emails at any time by clicking the unsubscribe link in the email or contacting us.

  • Membership and Billing: If you enroll in a membership or subscription, we (or our payment processor) will use your personal and payment information to process your enrollment, charge your membership fees, and manage renewals or expirations. We may also notify you about upcoming payments, expiring class packs, or changes to pricing or terms related to your purchases.

  • Analytics and Improvement: We use information collected through cookies and Google Analytics to analyze how our website is usedproteuscyber.com. This helps us understand which pages or classes are most popular, how users navigate the site, and where we can improve content or user experience. For instance, knowing that many users visit a particular class page can guide us in providing more information about that class. Analytics data is aggregated and does not directly identify individuals. Google Analytics may use your IP address (which we anonymize where possible) and cookies to generate reports for us about website usage.

  • Safety and Legal Compliance: We may use or disclose personal information to protect the safety, rights, and property of Atria Pilates, our clients, or others. For example, we might use contact or identity information to enforce our studio rules or Terms & Conditions if necessary. Additionally, we will use and disclose personal information as required to meet applicable laws, regulations, legal processes (such as responding to court orders or lawful information requests), or to protect against legal liability.

We will ask for your consent before using your personal information for any new purpose that is not covered by this Privacy Policy. We do not engage in automated decision-making or profiling using your personal data.

Disclosure of Your Information to Third Parties

We value your privacy and do not sell or rent your personal information to third parties. We only share your information in limited circumstances, as described below, and always with appropriate safeguards and legally compliant measures:

  • Service Providers: We share necessary personal information with third-party service providers that help us operate our business and provide our services to you. Notably, we use WellnessLiving (a scheduling and client management platform) to handle class bookings, client accounts, and purchases. When you use our “Book Now” or purchase links, you are interacting with the WellnessLiving system, and the personal information you provide (such as your name, contact info, and booking history) is stored in that system. WellnessLiving is a Canadian-based platform that adheres to privacy and security standards; however, their handling of your data is also governed by their own privacy policy. We recommend reviewing WellnessLiving’s Privacy Policy for information on how they manage your data. Similarly, we use Google Analytics for website analytics; Google may process and store certain usage data (as described in Website Usage Data) on servers outside Canada. Google is a U.S.-based company, so information collected via Google Analytics may be subject to US laws. We have settings in place to minimize data collected (for example, anonymizing IP addresses) and we do not receive information from Google that personally identifies you.

  • Payment Processors: If you make online purchases (such as buying a class package or membership through our site or WellnessLiving), your payment information will be processed by a third-party payment gateway (such as a credit card processor or bank). These payment processors are compliant with PCI-DSS standards and are responsible for the security of your payment transactions. We only receive confirmation of payment and basic details (like last four digits of a card, if needed) – again, we do not store full payment card numbers.

  • Business Transfers: If Atria Pilates is involved in a merger, acquisition, financing, or sale of business assets, or in the unlikely event of insolvency or bankruptcy, personal information we have may be transferred to a successor or affiliate as part of that transaction. In such cases, we would ensure the information remains protected and inform you of any changes in ownership or use of your personal data.

  • Legal Obligations: We may disclose your information if required to comply with legal obligations. For example, we might share information in response to a subpoena, court order, or government request, or to meet regulatory requirements (e.g., tax audits). We may also disclose information if necessary to establish or exercise our legal rights, or defend against legal claims.

  • With Your Consent: In all other cases, we will obtain your explicit consent before sharing your personal information with third parties. For instance, if we wanted to feature a client testimonial on our website using your name or photo, we would only do so with your permission.

In every case where we share your personal information with service providers or partners, we do so only to the extent necessary for them to perform their functions. We require these parties to protect your information and to use it only for the purposes for which it was provided, consistent with this Privacy Policy and applicable law.

Cookies and Analytics

Cookies: Atria Pilates uses cookies and similar technologies on our website to ensure it functions smoothly and to enhance your experience. Cookies are small files stored on your device that help the website remember information about your visit (like your preferred language or items in a cart). We use cookies for several reasons:

  • Essential Cookies: Some cookies are necessary for the website to operate. For example, if our site allows login or booking through an embedded tool, cookies might be used to keep you logged in or remember your selections as you navigate pages. These cookies do not collect personal data for marketing, and you cannot opt out of them if you want to use those features.

  • Analytics Cookies: We use Google Analytics cookies to collect information about how visitors use our site. This includes data like which pages are visited, how long users stay, how they got to our site (e.g., via a search engine or social media), and what kind of devices are used. The analytics cookies identify your browser or device, but do not reveal your name or contact information to us. We use these insights to improve our website layout, content, and marketing efforts. Google may use its cookies to serve you relevant ads on other sites based on your visit to our site (known as remarketing), but we do not actively use Google Ads at this time. You can learn more about how Google Analytics works and how Google uses this data in Google’s own privacy policy.

Your Choices: When you first visit our site, you may see a notification about our use of cookies (if applicable). By continuing to use our site, you agree to our use of cookies as described in this policy. However, you have the ability to control and manage cookies in various ways:

  • Browser Settings: Most web browsers allow you to refuse or delete cookies. You can usually find these controls under the “Preferences,” “Settings,” or “Privacy” menus of your browser. Keep in mind that disabling cookies may affect certain features of our site (for example, the booking interface might not remember your session or preferences).

  • Google Analytics Opt-Out: Google provides an opt-out mechanism for Analytics. You can install the Google Analytics Opt-out Browser Add-on which prevents Google Analytics from collecting information on your visits to sites that use it.

  • Do Not Track: Our site does not currently respond to “Do Not Track” signals from browsers. If we develop this functionality in the future, we will update this policy accordingly.

By using our site without disabling cookies or opting out, you consent to our use of cookies and the related processing of personal information. We do not use cookies to retrieve data from your device’s hard drive or to collect any other personal information than what is stated above.

Data Retention and Storage

Atria Pilates retains your personal information only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. For example, if you create an account and purchase class packages, we will retain your account information and purchase history while you are an active client so that we can track your class credits and provide our services. If you unsubscribe from our mailing list or cancel your membership, we may still keep certain information for a period of time to resolve disputes, enforce our agreements, or comply with legal obligations (such as maintaining transaction records for tax and accounting purposes).

Under PIPEDA’s principles, personal information “shall be retained only as long as necessary for the fulfilment” of the purposes for which it was collectedproteuscyber.com. When we no longer have a legitimate need or legal obligation to keep your personal information, we will securely destroy it, erase it, or anonymize it so it can no longer be associated with youproteuscyber.com. For instance, we periodically review our contact lists and may remove contacts who have not engaged with us for a long time, and we delete or anonymize web analytics logs after they’re no longer needed.

Storage Location: The personal information we collect is primarily stored on secure servers provided by our service partners. For example, your account and booking data is stored in WellnessLiving’s systems (which are hosted in secure data centers, possibly in Canada or the United States), and our email list (if any) might be stored with an email service provider. We and our service providers employ safeguards to protect this data (as described in the Security section below). Please note that if data is stored or processed outside of Canada (for instance, Google’s analytics data on U.S. servers), it may be subject to the laws of those jurisdictions. However, we continue to protect it with appropriate safeguards as if it were in Canada.

Your Rights and Choices

We believe in being transparent about your personal information and giving you control over it. Under Canadian privacy law (PIPEDA), you have the right to access and correct your personal information that we hold, and to know how we have used it or disclosed it. In plain language, your rights include:

  • Accessing Your Information: You have the right to request confirmation of whether we hold any personal information about you, and to request a copy of that information. We will provide you with the personal data we have about you, as well as information about how it has been used and the organizations to which it has been disclosed, within a reasonable time. (There are certain rare exceptions where we might not be able to provide access – for example, if it would reveal personal information about another individual or if it’s subject to legal privilege – but we will explain any such situation to you.) Generally, if you have an online account through our booking system, you can log in to view basic information like your name, contact info, and class history. For a more detailed request, please contact us directly.

  • Correcting Your Information: If any of your personal details are incorrect or outdated (for instance, you change your phone number or notice a typo in your name on our records), you have the right to request that we correct or update this information. We rely on you to provide accurate information, and we are happy to make appropriate corrections upon your request. In fact, PIPEDA gives you the right to challenge the accuracy of data and have it amended as neededproteuscyber.com. We will make the correction and, where appropriate, we’ll also send the corrected information to any third-party service providers who had access to the wrong information (for example, if we had shared your old email with our email newsletter service, we’d update it there too).

  • Withdrawal of Consent: For any optional uses of personal information (such as receiving marketing emails), you have the right to withdraw your consent at any time. For example, if you initially agreed to receive our newsletter but later change your mind, you can unsubscribe using the link in the email or by contacting us. If you withdraw consent for a particular use (say, analytics tracking via cookies), we will stop that use where feasible. (Note: withdrawing consent for certain uses of data might affect our ability to provide you with some services. For instance, if you don’t allow us to use your contact information, we cannot send you class reminders. We will advise you if any service is impacted by your decision.)

  • Deletion of Information: You may request that we delete your personal information from our records. We will honor such requests provided that the information is not required for us to fulfill our contractual or legal obligations. For example, if you cease to be a client and ask us to delete your data, we can remove your contact info from our mailing list and delete or anonymize your profile in our booking system. However, we might retain transaction records or waiver agreements for a certain period as required by law or for legitimate business purposes (e.g., bookkeeping or protection in case of disputes). We will inform you of any information that we cannot delete immediately and the reasons why (such as legal retention requirements).

  • Account Management: If you have an online account through our scheduling system (WellnessLiving or a mobile app associated with our studio), you can log in to update some of your personal details, see your schedule, or manage bookings. You are responsible for keeping your login credentials secure. If you wish to deactivate your account, please contact us and we can assist with that process as well.

  • Inquiries and Complaints: We take your privacy rights seriously. If you have any questions about how we handle your personal information or if you have a concern or complaint about privacy, please contact us (see the Contact Us section below). We will do our best to address and resolve your concerns. If you are not satisfied with our response to a privacy complaint, you have the right to escalate the matter to the Office of the Privacy Commissioner of Canada or the relevant provincial privacy commissioner. We will provide you with information on how to do so if needed.

We will not charge you for making an access or correction request, provided the requests are reasonable. We may ask for verification of identity (to ensure we don’t give your data to someone else) and sufficient information to locate your records (like the email you used to sign up) before fulfilling an access request. Our goal is to respond to all legitimate requests within 30 days or as required by law proteuscyber.comproteuscyber.com, and we will notify you if we need more time.

Security of Personal Information

We employ a variety of security measures to protect your personal information from unauthorized access, use, alteration, or disclosure. These measures include:

  • Secure Data Transmission: Our website uses HTTPS encryption (SSL/TLS) for all pages where personal information is collected or displayed. This means that information you enter (such as details on a contact form or payment information during purchase) is encrypted in transit and cannot easily be intercepted by third parties. When using our third-party booking platform, ensure you see the padlock icon in your browser as well, indicating a secure connection.

  • Restricted Access: Internally, access to personal information is limited to authorized personnel who need it to perform their job duties. For example, our instructors and front-desk staff may have access to your name on a class roster, but only management might access your purchase history or account details as needed for customer service or administration. All staff and any contractors are bound by confidentiality obligations.

  • Service Provider Safeguards: We choose reputable service providers (like WellnessLiving and payment processors) that use industry-standard security protocols. WellnessLiving, for example, implements access controls, encryption, and regular security audits on their platform to protect client data. Our payment processing partners are PCI-DSS compliant, meaning they follow strict rules for handling and storing credit card data.

  • Data Storage and Protection: Personal data stored electronically is kept on secure servers with firewall protection. We maintain up-to-date security software and monitor our systems for possible vulnerabilities and attacks. Any physical copies of personal information (if ever printed, such as a signed waiver form) are stored in a secure location at our studio, not accessible to the public.

  • Retention and Disposal: As noted in the Data Retention section, we keep personal data only for as long as necessary. When disposing of data, we use secure methods – for example, shredding paper records or using digital shredding/wiping for electronic files – to ensure the information cannot be recovered.

  • Training and Policies: We educate our team about the importance of privacy and security. We have internal policies in place to guide how we handle personal information and respond to potential security incidents.

Despite all these precautions, it’s important to understand that no method of transmitting or storing data is completely foolproof. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. Cyber threats evolve rapidly, and even well-protected systems can be vulnerable. In the unlikely event of a data breach that poses a real risk of significant harm to you, we will notify you and the appropriate authorities as required by law.

You also play a role in protecting your information. Please keep any account passwords secure and do not share them. Alert us immediately if you suspect any unauthorized access to your account or personal data.

Updates to this Privacy Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make changes, we will update the “Effective Date” at the top of this Policy. If changes are significant, we may also provide a more prominent notice (such as a banner on our website or an email notification).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website or services after any changes to this Policy constitutes your acceptance of the updated terms, to the extent permitted by law. If you do not agree with any updates or changes, you should stop using our services and can request that we remove your personal information as outlined above.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please reach out to us. We are here to help and address any issues.

Contact Information for Privacy Inquiries:
Atria Pilates – Privacy Officer/Owner
220 Queen St S, Second Floor
Mississauga, ON, Canada L5M 1L5
Email: info@atriapilates.ca
Phone: (289) 872-8742 (289-87A-TRIA)

Please include your name and contact information in any correspondence and clearly describe your question or request. We will respond as promptly as possible, generally within 30 days. Your privacy is important to us, and we welcome your feedback.