SaunaSwim

Privacy Policy

Last updated: 11 April 2026

Who we are

"SaunaSwim" ("we", "us") operates this website and related pre-launch services (including waitlist signups and contact enquiries). If you have questions about privacy, contact hello@saunaswim.com.

What data we collect

  • Account information: name, email address, and password when you register as a user or listing owner.
  • Listing data: venue details, images, and other content submitted by listing owners.
  • Waitlist: your email address (and any optional information you choose to provide).
  • Contact enquiries: name, email, message, plus optional company and phone number.
  • Billing information: subscription plan and payment status. Payment card details are handled directly by Stripe and are never stored on our servers.
  • Usage data (with consent): information about how people use the site (pages visited, interactions, device/browser info) via analytics tools.

How we use your data

  • To create and manage your account.
  • To process subscription payments via Stripe.
  • To respond to enquiries and provide customer support.
  • To manage the waitlist and send early access updates and product news (where you've opted in).
  • To send transactional emails (e.g. email verification, password reset, booking confirmations) via Resend.
  • To improve the site using analytics and heatmaps (only where you consent to analytics cookies).

Lawful bases (UK GDPR)

  • Contract: to create your account and process subscription payments.
  • Consent: for analytics cookies and for marketing updates where required.
  • Legitimate interests: to operate and secure the site and to respond to your messages.

Analytics & tools we use

  • Resend: email delivery for waitlist and transactional messages (e.g. contact form).
  • PostHog:product analytics and session insights (enabled only after consent). Data is processed on PostHog’s EU infrastructure.
  • Google Analytics: site measurement (enabled only after consent where applicable).
  • Microsoft Clarity: heatmaps/session insights (enabled only after consent).
  • Google Search Console: site performance/SEO reporting (does not require on-page tracking scripts).
  • Stripe: payment processing for Pro subscriptions. Stripe is our payment processor and operates under its own privacy policy. Stripe may set cookies for fraud prevention. We receive confirmation of payment status but never access full card details.
  • Google OAuth: if you choose to sign in with Google, we receive your name and email address from Google to create or match your account. We do not receive your Google password. You can disconnect this at any time by managing your Google account permissions.

Cookies

We use essential cookies required for core site functionality. With your permission, we also use analytics cookies to understand how the site is used and to improve performance. You can accept or reject non-essential cookies and update your choices at any time via “Cookie settings” in the footer.

The cookies we set or permit are:

  • ss_consent (essential) — stores your cookie consent choice. Expires after 1 year.
  • sauna-swim.auth-session (essential) — stores your login session in localStorage. Cleared on logout.
  • Google Analytics (_ga, _ga_*) (analytics, consent required) — measures site traffic and page views. Expires after 2 years.
  • Microsoft Clarity (_clck, _clsk, CLID, ANONCHK, MR, MUID, SM) (analytics, consent required) — session recording and heatmaps. Expires after 1 year.
  • PostHog (ph_*) (analytics, consent required) — product analytics to understand feature usage. Data stored on EU servers. Expires after 1 year.
  • Stripe (__stripe_mid, __stripe_sid) (functional, set only if you use Pro checkout) — fraud prevention and checkout state. Expires after 1 year / session.

Sharing and international transfers

We share data with our service providers (Resend, Stripe, Google, Microsoft, PostHog, Cloudflare) to operate email, payments, authentication, analytics, image hosting, and related services. Some providers may process data outside the UK. Where relevant, providers rely on appropriate safeguards (such as Standard Contractual Clauses or UK adequacy decisions).

Retention

  • Account data: kept for as long as your account is active. You may request deletion at any time by emailing us.
  • Billing records: kept for the period required by UK tax law (typically 7 years).
  • Waitlist emails: kept until launch and a reasonable period afterwards, or until you unsubscribe.
  • Contact enquiries: kept as long as needed to handle your request and maintain basic records.
  • Analytics data: retained according to tool settings and your consent choices.

Your rights

Under UK GDPR you have rights including access, rectification, erasure, and objection (among others). You can exercise these rights by emailing hello@saunaswim.com.

Updates

We may update this Privacy Policy from time to time. The latest version will be posted on this page.