TAOS LogoThe Art of Sensuality

Privacy Policy

Last updated: 25/05/2026

This Privacy Policy explains how The Art of Sensuality (TAOS) collects, uses, and protects your personal data in accordance with the UK General Data Protection Regulation (GDPR).

1. Data Controller

TAOS is operated by Wesley Tan, Stroud, Gloucestershire, United Kingdom. You can contact us at touch@taosense.uk.

2. Information We Collect

  • Contact details (name, email, phone number, address).
  • Booking details for sessions, workshops, or retreats.
  • Health or wellbeing information voluntarily shared before a session.
  • Payment information (processed securely via Stripe).
  • Technical data such as device, browser, or cookies (if analytics are implemented).

3. How We Use Your Information

  • To process enquiries, bookings, and payments.
  • To deliver our services and provide session follow-up.
  • To communicate updates, workshops, or newsletters (with consent).
  • To maintain records for legal, tax, and professional compliance.

4. Lawful Basis for Processing

  • Consent (for contact forms and newsletters).
  • Contractual necessity (for bookings and payments).
  • Legitimate interest (for security and service improvement).

5. Data Storage and Security

Personal data is stored securely using trusted third-party processors:

  • Supabase – for form submissions and workshop enquiries.
  • Stripe – for secure payment processing.
  • Zoho Mail – for email communication.
  • Resend – for automated transactional emails.
  • Google Analytics (Google LLC) – anonymous usage analytics, page views, and traffic sources. Data is processed in the US under Google’s Data Processing Terms. Analytics cookies are only set with your consent and can be withdrawn at any time via our cookie preferences.

Access is restricted and data is encrypted where applicable. We do not sell or share data with third parties for marketing purposes.

6. Data Retention

  • General enquiries: 12 months.
  • Booking and payment records: 6 years (for accounting compliance).
  • Newsletter subscribers: until you unsubscribe.

7. Your Rights

Under GDPR you have the right to:

  • Access, correct, or delete your personal data.
  • Withdraw consent at any time.
  • Request data portability or restriction of processing.
  • Complain to the ICO if you believe your rights are violated.

8. Cookies and Tracking Technologies

We use cookies and similar technologies in the following categories:

  • Strictly Necessary – Session management, authentication, and CSRF protection (via NextAuth). These are essential for the site to function and are always active.
  • Analytics – Google Analytics 4 (ID: G-R2TKMNE59V, Google LLC) tracks page views and traffic sources to help us improve the site. These cookies are only set after you give explicit consent.
  • Marketing – Meta Pixel and similar advertising technologies. Not currently active; consent will be sought before these are enabled.

You can review and withdraw your consent at any time using the cookie preferences panel (available in the site footer). For full details of every cookie we set, see our Cookie Policy.

9. Updates to This Policy

This policy may be updated from time to time. The latest version will always be available on this website.