Legal

Privacy Policy

Last updated: 31 May 2026  ·  Full Chair Ltd, Company No. 17249022

This Privacy Policy describes how Full Chair Ltd (company no. 17249022), trading as Full Chair ("Full Chair", "we", "us", "our"), collects, uses, and shares information about you when you use our services at https://www.fullchair.co.uk (the "Service").

Data Controller:
Full Chair Ltd · Flat 2, 32 London Lane, Hackney, London, E8 3FU
hello@fullchair.co.uk

1. Who this policy applies to

This policy applies to studio owners, artists, and clients whose data is entered into Full Chair, and visitors to https://www.fullchair.co.uk.

Full Chair is a B2B SaaS platform. If you are a client of a studio that uses Full Chair, your data is managed by that studio. Full Chair acts as a data processor for client data; the studio is the data controller.

2. Information we collect

Account data: name, email address, hashed password.

Studio and artist profile data: studio name, URL slug, profile information, settings, role.

Client data (entered by studio users): client names, email addresses, phone numbers, notes, enquiry history, consultation information.

Appointment and booking data: dates, times, session type, duration, deposit status.

Payment data: deposit amounts and payment status. Card details are held exclusively by Stripe — Full Chair does not store raw card data.

Usage and technical data: IP address, browser type, login activity, error logs (collected via Vercel and Sentry).

3. How we use your information

4. Legal bases for processing (UK GDPR)

PurposeLegal basis
Providing the Service, managing accounts, processing paymentsContract performance (Art. 6(1)(b))
Error monitoring, security, fraud prevention, product improvementLegitimate interests (Art. 6(1)(f))
Compliance with legal obligationsLegal obligation (Art. 6(1)(c))
Marketing communications (opt-in only)Consent (Art. 6(1)(a))

5. Sharing your information

We do not sell your personal data. We share data with the following sub-processors:

Sub-processorPurposeLocation
Supabase, Inc.Database hosting and authenticationIreland (EU)
Vercel, Inc.Application hostingUnited States
Resend, Inc.Transactional email deliveryUnited States
Stripe, Inc.Payment processingUnited States
Anthropic, PBCAI-assisted featuresUnited States
Sentry (Functional Software)Error monitoringUnited States

6. International transfers

Our primary database is hosted in Ireland (EU). For transfers to the United States, we rely on UK International Data Transfer Agreements (IDTAs) and/or Standard Contractual Clauses. Copies are available on request at hello@fullchair.co.uk.

7. Cookies

Full Chair uses cookies and similar technologies. We will not set non-essential cookies without your consent. You can update your preferences via the consent banner on our website.

8. Data retention

Data typeRetention period
Account dataDuration of active subscription + 12 months after termination
Client and appointment dataDuration of active subscription + 30 days after termination
Payment records6 years (legal and tax obligation)
Error and system logs90 days

9. Your rights

Under UK GDPR you have the right to access, rectify, erase, restrict, or port your personal data, and to object to processing. To exercise any right, contact hello@fullchair.co.uk. We will respond within one month.

You may also lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk · 0303 123 1113.

10. Security

We use encrypted data storage and transmission (TLS/HTTPS), authentication controls, row-level security policies, and error monitoring. If you believe your data has been compromised, contact hello@fullchair.co.uk immediately.

11. Changes to this policy

We may update this policy from time to time. We will update the "Last updated" date and notify you of material changes by email where required.

12. Contact us

Full Chair Ltd
hello@fullchair.co.uk
Flat 2, 32 London Lane, Hackney, London, E8 3FU
Company No. 17249022