This website and its owners take a proactive approach to user privacy and we ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with current legislation and requirements for user privacy under GDPR.
What is Personal information and what do we collect?
Personal information is information that does or may identify you.
You do not have to share your personal information with us, but if you choose not to, we may not be able to provide you with our products and services or answer any questions you may have asked us.
We may collect your personal information from a variety of sources. These include:
Personal information you provide to us directly
This will include:
- The information you provide when you place an order
- The information you provide for attending a yoga class, workshop or retreat
- When you subscribe to receive our newsletter or information about our products, offers and promotions
- Personal information contained within any enquiry
Some of the personal information we collect may be sensitive information. This might include information about your health. We will only collect this information with your explicit consent. We may collect personal information manually, for example at a workshop or retreat, and this, with your consent, will be processed into our secure data system. See more about sensitive information below.
Information collected automatically
We use Google Analytics and profiling techniques to collect information about how you use our sites and what pages you have visited. This helps us ensure that we deliver relevant content to you and to better understand what is of genuine interest to you. See more about cookies and profiling below.
Personal information from other sources
We collect personal data from other sources including trusted partners and where we operate an account on third-party platforms such as YouTube, Twitter, Facebook, other social media platforms and streaming platforms such as Spotify, iTunes, Apple Music, Insight Timer, CD Baby and other online streaming platforms.
When we collect or use Sensitive Information
Sensitive information falls into a special category of personal information. This includes information relating to your health, race, sexuality or ethnicity.
We only collect sensitive information in limited circumstances which include:
- When you sign up to yoga classes, workshops and retreats we ask you to tell us about your health and wellbeing
- When you raise a specific enquiry through via email or our website
How we use your personal information
We only collect, process and disclose your personal information for specific and limited purposes. These include:
- To administer any order you have placed with us;
- To administer and deliver yoga classes, workshops & retreats;
- To deliver Lomi Lomi massages;
- To send you our newsletter;
- To provide you with information about our products, events and offers that we believe will be of genuine interest to you;
- To direct you to content within our site that we think is relevant to you;
- To provide tailored product recommendations and targeted advertising based on what you have shared with us;
- To answer any enquiry you may send to us;
- To help us to understand and react to the changing interests and needs of our consumers so that we can improve our websites and our products.
Where required, we will obtain your consent to process your personal information. Where you have given consent, you may withdraw your consent at any time. Please see withdrawing consent.
How we share your personal information
We do not sell or share your personal information to any third party.
We share your personal information with selected third parties in the following circumstances:
- To courier and logistics providers who ship products you may have ordered
- With payment processors who administer secure payment options
- With parties who host and process personal information on our behalf in accordance always with applicable laws and regulations
- To yoga partners with whom we collaborate to deliver workshops and retreats – if you have consented to this in the first place
When we are legally required to disclose it. This includes:
- To comply with a legal obligation;
- When we believe in good faith that an applicable law requires it;
- At the request of governmental authorities conducting an investigation;
- To verify or enforce any other policy relating to this website;
- To detect and protect against fraud, or any technical or security vulnerabilities;
- To respond to an emergency situation.
International data transfers
We will only send personal information collected within the EEA to foreign countries:
- To follow your instructions;
- To comply with a legal duty; or
- To work with any agent or adviser who we use to help run our business and services.
If we do transfer personal information outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. We will use one of the following safeguards:
- Transfer to a non-EEA country whose privacy legislation ensures an adequate level of protection of personal data to the EEA one;
- Transfer personal data to organisations that are part of specific agreements on cross-border data transfers with the European Union (e.g., Privacy Shield, a framework that set privacy standards for data sent between the United States and the European countries).
How we protect your personal data
We take the security of your personal information very seriously. We take every effort to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure.
Our measures include implementing appropriate access controls, investing in appropriate IT security and ensuring that we encrypt personal information wherever possible.
Any confidential paperwork and notes are stored in a locked filing cabinet. The details of sessions, medical and personal histories will stay confidential.
Access to your personal information is only permitted internally, to agreed yoga partners or business service providers on a need-to-know basis and subject to strict confidentiality obligations when processed by third parties.
We do not collect your financial data. The payment systems we use are Paypal and BACS which are, to the best of our knowledge, safe and secure ways to pay.
How long do we keep your personal information for?
We will keep your personal information for as long as we need it for the purpose it is being processed for. For example, where you have purchased one of our products online, we will keep your personal information related to the purchase so we can perform the specific contract you have entered. After which, we will keep the personal information for a period which enables us to handle or respond to any complaints, queries or concerns relating to the purchase.
Your personal information may also be retained so that we can continue to improve your experience with us and to ensure that you can enjoy your experience.
We will actively review the personal information we hold and delete it securely when there is no longer a legal, business or consumer need for it to be retained.
Your rights as a data subject
This is a summary of your rights relating to the personal information we hold about you.
The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your personal information and your rights. Therefore, we’re providing you with the information in this charter.
The right to access and rectification. You have the right to access, correct or update your personal information at any time. We understand the importance of this and should you want to exercise your rights, please contact us as set out below;
The right to data portability. The personal information you have provided us with is portable. This means it can be moved, copied or transmitted electronically under certain circumstances.
The right to be forgotten. Under certain circumstances, you have the right to request that we delete your personal information. If you wish to delete the personal information we hold about you, please let us know and we will take reasonable steps to respond to your request in accordance with legal requirements. If the personal data we collect is no longer needed for any purposes and we are not required by law to retain it, we will do what we can to delete, destroy or permanently de-identify it.
The right to restrict processing. Under certain circumstances, you have the right to object to certain types of processing, including processing for direct marketing (i.e. receiving emails from us notifying you or being contacted with varying potential opportunities).
The right to lodge a complaint with a supervisory authority. You have the right to lodge a complaint directly with any local Supervisory Authority about how we process our personal information;
The right to withdraw consent. If you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time by contacting the details below.
Rights related to automated decision-making. You have the right not to be subject to any decision which is based solely on automated processing in certain circumstances.
If you wish to contact us about your personal information, including where you wish to withdraw consent or restrict certain processing activities, please email email@example.com
We will update this privacy charter from time to time to reflect customer feedback and changes to our products or services.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computer hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
INFORMATION ABOUT OUR EMAIL MARKETING CAMPAIGNS
Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list]. This information is used to refine future email campaigns and supply the user with more relevant content based around their activity.
Subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign.
Email marketing campaigns are processed via Mailchimp which is GDPR compliant.