General Data Protection Act (GDPR)

As a result of the new data protection laws coming into effect on May 25th 2018 (please visit  Information Commissioners Website for more information) everyone who deals with data needs to review and update their approach. This article is meant as a communication to all my current, prospective and future students. It will be present on the website but also will be shared with students.

This article might also be a useful article for other yoga teachers and organizations. However in no way is this meant to be a full explanation and you should always seek legal advice and do your own research. This information specifically relates to my situation and approach not what you should or should not do for your own situation.

Relevant background information. The context of this article for my students. I have been using signatures both physical (printed forms) and digital (mailchimp). My forms have also explained how the data will be used. I will be updating my printed and electronic forms to be inline with the new requirements.

In my situation, if you are a student of mine there are a few things. 1) you only need to opt-out if you no longer wish to receive emails (soft opt in email). 2) existing students who are not opting out can still be contacted by me unless they opt out, 3) by May 25th 2018 people dealing with data need to become compliant with GDPR.

What follows are some quotes and supportive evidence for my situation as a teacher and holder of information you can use for your own judgements. Please do feel free to ask me questions if you think something is unclear or you feel my approach needs a change.


“When is the GDPR coming into effect?The GDPR was approved and adopted by the EU Parliament in April 2016. The regulation will take effect after a two-year transition period and, unlike a Directive it does not require any enabling legislation to be passed by government; meaning it will be in force May 2018. ” (

Soft Opt-In

“What is a ‘soft opt-in’? The term ‘soft opt-in’ is sometimes used to describe the rule about existing customers. The idea is that if an individual bought something from you recently, gave you their details, and did not opt out of marketing messages, they are probably happy to receive marketing from you about similar products or services even if they haven’t specifically consented. However, you must have given them a clear chance to opt out – both when you first collected their details, and in every message you send. The soft opt-in rule means you may be able to email or text your own customers … “(

The soft opt in email I sent is available here if you want to see an example

In Short (added 19th April at 22:28)

  • Make sure your physical sign up forms include a real signature. That you state what you are using the information for. And a brief statement about what you will do with the data
  • Electronic forms as above, but electronic signature us okay, like mailchimps digital signature is okay
  • Ensure you email all your students before May25th to offer a soft opt in, otherwise you can’t contact them unless you see them again, or they sign up again.
  • Maybe include a disclaimer and/or privacy statement
  • Read up and make sure you know your stuff. There are plenty of links.
  • Do it NOW, time is running out.

Other links you may find useful





Posted in News
Also found on: Google+