Free Shipping on orders over £20

Privacy Policy


Cool Bathing [the company] values your privacy and always aims to demonstrate transparency and fairness in the collection and use of customer/personal data. This is our Data & Privacy Policy, in compliance with the GDPR which is effective from 25th May 2018.


The GDPR was adopted by the EU Parliament to:

Create consistency within all the member states of the EU as to the rules regarding data protection, implementation of the law, and how the rules are enforced.

Modernise the principles laid out in the 1995 Data Protection Directive (Directive 95/46/EC), which was written before the advent of social media, 'smart' mobile devices that now can access things like cameras and geo-location information, and the ubiquity of online services and communications.

Reinforce the rights of individuals to control and protect their personal data.

Strengthen the EU internal market, ensuring stronger enforcement of the rules, streamlining international transfers of personal data and setting global data protection standards.


  • Organisations located within the EU;
  • Organisations located outside of the EU if they offer goods or services to (even for free), or monitor the behaviour of, EU residents; and
  • Organisations processing and holding personal data of EU residents, regardless of the Organisation’s location.


The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person ('data subject') who can be directly or indirectly identified in particular by reference to an identifier.

This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people. The GDPR applies to both automated personal data and to manual filing systems where personal data is accessible according to specific criteria.


A data controller is an organisation that determines the purposes, conditions, and means of the processing of personal data. Cool Bathing is a data controller, for the legitimate purpose of operating its business online at

The Data Protection Officer for the company is Mrs Karen Thomas who can be contacted at

Data processors are organisations that process personal data on behalf of data controllers. Third party data processors with which the company is associated includes (but is not limited to) providers of: IT systems and website/email hosting, accounting systems, file sharing/storage systems, sub-contracted business services including the manufacture of  products, transport/courier services, marketing/advertising services, social media and analytics platforms, electronic mailing list and e-news platforms, e-commerce software and credit card/payment platforms for online purchases via


Cool Bathing uses your personal data for the following legitimate purposes:

To enable our business to respond to your enquiries and contacts about the quotation/provision of products, as advertised in print or online at and associated social media accounts. Enquiries and contacts include those received through phone calls, emails, social media platforms and post; or in response to e-newsletters and online advertising including those generated via google paid-for adwords.

To enable provision of contracted services according to your instruction, or the instruction of your nominated contacts.

To keep in touch with you during the planning and delivery stages of the services you have contracted us to provide.

To instruct third parties, where appropriate, who may be assisting us in the provision of the services you have contracted.

We may contact you by email, letter or telephone call to follow up about the services you have received.