Heat Lab
LEGAL

Privacy & Cookie Policy

LAST UPDATED: 29 MARCH 2026

This Privacy and Cookie Policy explains how Heat Lab NL C.V., trading as Heat Lab, collects, uses, stores, shares, and protects personal data.

Company name: Heat Lab NL C.V.

Chamber of Commerce number: 98905112

Registered address: Oeverpad 163, 1068PH Amsterdam

Website: https://www.heat-lab.nl/

Email: Emil@heat-lab.nl

Heat Lab is the controller of the personal data described in this Policy.

1. What personal data we collect

Depending on how you interact with Heat Lab, we may collect and process the following categories of personal data:

  • first and last name
  • email address
  • phone number
  • billing or address details
  • account or profile details in Yogo
  • booking details, attendance history, credits, punch cards, gift cards, and purchase history
  • payment related information processed through Stripe or another payment provider
  • communications you send to us by email, forms, social media, or customer support channels
  • website usage data
  • IP address, browser type, device information, cookie identifiers, and similar online identifiers
  • preferences and interests where you choose to share them
  • complaint, support, and incident information

Heat Lab does not request health data as a standard part of booking. If you voluntarily disclose medical or other sensitive information, Heat Lab will only process that information where necessary and lawful, for example to respond to a safety issue or handle your request.

2. Children

Heat Lab's services are not intended for children under 16 without the required parental or guardian involvement where applicable.

If you believe that Heat Lab has collected personal data from a child in a way that is not permitted, please contact Emil@heat-lab.nl and Heat Lab will investigate and, where appropriate, delete the information.

3. Why we process your personal data and the legal basis

Heat Lab only processes personal data where there is a valid legal basis under applicable data protection law.

A. To perform a contract with you

Heat Lab processes personal data to:

  • create and manage bookings, profiles, credits, punch cards, and gift cards
  • process payments
  • send confirmations, invoices, reminders, and booking related messages
  • provide access to sessions, events, and other purchased services
  • manage rescheduling, cancellations, no shows, and customer support

B. To comply with legal obligations

Heat Lab may process personal data to:

  • maintain accounting and tax records
  • comply with consumer law obligations
  • respond to lawful requests from authorities
  • meet fraud prevention, safety, or regulatory requirements

C. For legitimate interests

Where appropriate and balanced against your rights, Heat Lab may process personal data to:

  • operate, secure, and improve its website, services, and booking flows
  • prevent fraud, abuse of offers, chargebacks, misuse of guest privileges, or unsafe behavior
  • manage disputes, incidents, legal claims, and complaints
  • maintain internal business administration and reporting
  • send service related communications necessary for the customer relationship

D. Based on consent

Where required, Heat Lab relies on your consent to:

  • Send newsletters or marketing communications
  • Place non essential cookies or similar technologies
  • Use certain analytics, advertising, and tracking tools
  • Measure campaign performance and build relevant marketing audiences

You can withdraw consent at any time. Withdrawal does not affect processing carried out before consent was withdrawn.

4. Booking platform and payment provider

Heat Lab uses Yogo to manage bookings, customer profiles, attendance, credits, and related customer administration.

Heat Lab uses Stripe or another available payment method at checkout to process payments. Payment card data is processed by the relevant payment provider in accordance with that provider's own privacy and security terms.

Heat Lab only receives the information reasonably necessary to confirm payment, manage the booking, and administer the customer relationship.

5. Website, analytics, and advertising tools

Heat Lab's website is hosted on Netlify.

Heat Lab may use the following categories of third party tools and integrations:

  • Netlify for website hosting and site functionality
  • Yogo booking widgets and related booking integrations
  • Stripe payment tools
  • Google Analytics for website measurement and analytics
  • Meta Pixel for advertising measurement, audience building, and campaign attribution
  • Instagram embeds or related social media integrations
  • Other booking widgets, embedded media, forms, or plugins used on the website from time to time

These tools may collect information about your visit, device, browser, actions on the site, and interactions with booking or checkout flows, subject to your consent where required.

6. How long we keep personal data

Heat Lab does not keep personal data longer than necessary for the purposes described in this Policy.

In general:

  • Customer account, booking, attendance, and transaction data may be retained for as long as needed to administer the customer relationship and then for the applicable legal retention period
  • Accounting and tax records may be retained for as long as required by law
  • Marketing consent records may be retained until consent is withdrawn or the customer unsubscribes, plus a limited period needed to demonstrate compliance
  • Support requests, complaints, and incident records may be retained as long as reasonably necessary to handle the matter and any follow up
  • Cookie and analytics data may be retained for the period configured in the relevant tools

Where possible, Heat Lab will delete or anonymize data when it is no longer needed.

7. Sharing personal data

Heat Lab may share personal data with service providers and partners who help operate the business, including:

  • Yogo
  • Stripe and other payment providers
  • Netlify
  • Google
  • Meta
  • newsletter, CRM, automation, analytics, support, or communications providers
  • accountants, insurers, legal advisers, and other professional advisers
  • authorities or regulators where disclosure is legally required

Heat Lab does not sell personal data.

Where third parties process personal data on Heat Lab's behalf, Heat Lab seeks to ensure that appropriate contractual safeguards are in place.

8. International transfers

Some service providers used by Heat Lab may process personal data outside the European Economic Area.

Where required, Heat Lab will ensure that an appropriate legal transfer mechanism is in place, such as an adequacy decision or approved contractual safeguards.

9. Security

Heat Lab takes reasonable technical and organizational measures to protect personal data against loss, misuse, unauthorized access, alteration, or disclosure.

No system is completely secure, but Heat Lab works to protect personal data in a manner appropriate to the nature of the information processed.

10. Your rights

Subject to the conditions and limits of applicable law, you may have the right to:

  • access your personal data
  • correct inaccurate personal data
  • request deletion of your personal data
  • restrict processing
  • object to certain processing
  • receive your data in a portable format where applicable
  • withdraw consent where processing is based on consent
  • lodge a complaint with the Dutch Data Protection Authority

To exercise your rights, contact Emil@heat-lab.nl.

Heat Lab may ask for reasonable proof of identity before responding to your request.

11. Direct marketing

If you subscribe to Heat Lab newsletters or marketing communications, Heat Lab may send you updates about sessions, openings, offers, events, and related news.

You can unsubscribe at any time by using the unsubscribe link in the message or by contacting Heat Lab directly.

Heat Lab may still send non promotional service messages relating to your bookings, purchases, account, or customer relationship.

12. Cookies and similar technologies

Heat Lab's website may use cookies, pixels, local storage, scripts, SDKs, tags, and similar technologies.

These technologies may be used for the following purposes:

  • to make the website function properly
  • to remember your preferences and consent settings
  • to support security and fraud prevention
  • to analyze traffic and visitor behavior
  • to measure booking flow performance
  • to improve content, usability, and conversion
  • to measure advertising effectiveness
  • to create audiences and support relevant advertising

Strictly necessary cookies

These cookies are necessary for core website functions, security, consent management, and booking functionality. They do not require consent where allowed by law.

Analytics cookies

Heat Lab uses analytics tools such as Google Analytics and may also use analytics related tools through Netlify or Yogo. These cookies and technologies help measure website traffic, visitor behavior, and booking performance.

Where required by law, Heat Lab will request consent before placing non essential analytics cookies.

Marketing and advertising cookies

Heat Lab uses marketing and advertising technologies such as Meta Pixel and may use related tracking through advertising platforms, social media integrations, or embedded services.

These technologies may be used to measure campaign performance, understand user journeys, create audiences, and show relevant advertising.

Where required by law, Heat Lab will request consent before placing non essential marketing cookies or similar technologies.

Embedded content and third party widgets

Instagram embeds, Yogo booking widgets, and other third party content or booking integrations may place cookies or process personal data.

Where required by law, Heat Lab will ask for consent before loading or enabling non essential third party technologies.

13. Cookie consent and managing preferences

When you first visit the Heat Lab website, you may be asked to set your cookie preferences for non essential cookies and tracking technologies.

You can change your preferences at any time through the cookie settings tool or cookie banner where available.

You can also manage or delete cookies through your browser settings. Please note that blocking some cookies may affect website functionality, including booking flows.

14. Third party websites and services

Heat Lab's website or communications may contain links to third party websites, booking pages, payment pages, social media pages, embedded content, or external services.

Those third parties have their own privacy and cookie policies. Heat Lab is not responsible for their content, policies, or practices.

15. Complaints about privacy

If you have questions, concerns, or complaints about how Heat Lab handles personal data, please contact Emil@heat-lab.nl first.

You also have the right to lodge a complaint with the Dutch Data Protection Authority.

16. Changes to this Policy

Heat Lab may update this Privacy and Cookie Policy from time to time.

The latest version will always be published on the website with the updated date at the top.

Back