This policy sets out how we handle your personal information if you’re a CheYoga and Ayurveda Wellness website visitor, a client or a student.
The type of personal information we collect
We collect specific personal information about visitors and users of our Site.
The most common types of information we collect include things like: names, email addresses, IP addresses, other contact details, survey responses, blogs, photos, payment information such as payment agent details, transactional details, and web analytics data.
We will also collect personal information from medical forms.
How we collect personal information
We collect personal information directly when you provide it to us, automatically as you navigate through the Site, or through other people when you use services associated with the Site.
We collect your personal information when you provide it to us with your medical form or when you buy services on our Sites, subscribe to a newsletter, email list, submit feedback, enter a contest, fill out a survey, or send us a communication.
The personal information we collect about you from others
Although we generally collect personal information directly from you, on occasion, we also collect certain categories of personal information about you from other sources. In particular:
- Financial and/or transaction details from payment providers located in the US, and the UK to process a transaction;
Third party service providers (like Google, Facebook, MailChimp) who are found in the US or UK, which may provide information about you when you link or connect. The information varies and is controlled by that service provider or as authorised by you via your privacy settings at that service provider; and
- Other third party sources/ and or partners from Australia, US or UK, whereby we receive additional information about you (to the extent permitted by applicable law), such as demographic data or fraud detection information, and combine it with information we have about you.
How we use personal information
We will use your personal information:
To fulfil a contract, or take steps linked to an agreement: in particular, in facilitating and processing transactions that take place on the Sites, like where you purchase an item from our marketplace or book on a workshop.
Where this is necessary for purposes which are in our, or third parties, legitimate interests. These interests include:
operating the Site;
- Providing you with services described on the Site;
- Verifying your identity when you sign in to any of our Site;
- Updating you with operational news and information about our Site and services, e.g. to notify you about upcoming events;
- Carrying out technical analysis to determine how to improve the Sites and services we provide;
- Monitoring activity on the Site, e.g. to identify potentially fraudulent activity and to ensure compliance with the user terms that apply to the Site;
- Managing our relationship with you, e.g. by responding to your comments or queries submitted to us on the Sites or asking for your feedback or whether you want to participate in a survey;
- Managing our legal and operational affairs (including, managing risks relating to content and fraud matters);
- Improving our products and services.
- Providing general administrative and perform functions and activities
Where you give us consent:
Providing you with marketing information about products and services which we feel may interest you; and
For purposes which are required by law.
To respond to requests by government, a court of law, or law enforcement authorities conducting an investigation.
When we disclose your personal information
We will disclose personal information to the following recipients:
Our professional advisers (lawyers, accountants, financial advisers etc.) which are located in the UK.
Regulators and government authorities in connection with our compliance procedures and obligations;
A third party to respond to requests relating to a criminal investigation or alleged or suspected illegal activity;
A third party, to enforce or defend our rights, or to address financial or reputational risks;
Other recipients where we are authorised or required by law to do so.
Where we transfer and/or store your personal information
We are based in the UK, so your data will be processed in the UK. To protect your information, we take care where possible to work with subcontractors and service providers who we believe maintain an acceptable standard of data security compliance.
How we keep your personal information secure
We store personal information on secure servers that are managed by our service providers, and occasionally hard copy files that are kept in a safe location in the UK. Personal information that we store or transmit is protected by security and access controls, including username and password authentication, two-factor authentication, and data encryption where appropriate.
How you can access your personal information
You also have the right to make a request to access other personal information we hold about you and to request corrections of any errors in that data. You can also unsubscribe from us at any time. To make an access or correction request, contact our privacy champion using the contact details at the end of this policy.
Marketing Choices regarding your personal information
Where we have your consent to do so (e.g. if you have subscribed to one of our e-mail lists or have indicated that you are interested in receiving offers or information from us), we send you marketing communications by email about products and services that we feel may be of interest to you.
You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided.
You also have choices about cookies, as described below. By modifying your browser preferences, you have the opportunity to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to decline cookies, some parts of our Sites may not work correctly in your case.
Cookies and web analytics
When you visit our Sites, there’s specific information that’s recorded which is generally anonymous information and does not reveal your identity. We’re talking about the following kinds of details:
- Your IP address or proxy server IP address’;
- The domain name you requested;
- The name of your internet service provider is sometimes captured depending on the configuration of your ISP connection;
- The date and time of your visit to the website;
- The length of your session;
- The pages which you have accessed;
- The number of times you access our site within any month;
- The file URL you look at and information relating to it;
- The website which referred you to our Site/s; and
- The operating system which your computer uses.
The information you make public or give to others
If you make your personal information available to other people, we can’t control or accept responsibility for the way they will use or manage that data.
There are lots of ways that you can find yourself providing information to other people, like when you post a public message on a forum thread, share information via social media, or make contact with another user (such as a third party Author) whether via our Sites or directly via email.
Before making your information publicly available or giving your information to anyone else, think carefully. If providing information to another user via our Sites, ask them how they will handle your information.
How long we keep your personal information
We retain your personal information for as long as is necessary to provide the services to you and others, and to comply with our legal obligations. If you no longer want us to use your personal information, you can request that we erase it.
When we need to update this policy
We will need to change this policy from time to time to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this page.
How you can contact us
If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact our privacy champion in writing at 10 Stratfield House, 260 Barin Road, SE12 0UP, Grove Park, London or email firstname.lastname@example.org.
For applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ of your personal information.
How you can access your personal information
You are also entitled to ask us to port your personal information (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase it, or restrict its processing.
You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent as more fully described below.
These rights are limited in some situations – for example, we can demonstrate that we have a legal requirement to process your personal information. In some instances, this means that we may retain some data even if you withdraw your consent.
Where we require your personal information to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you or to meet obligations placed on us. In all other cases, provision of requested personal information is optional.
If you have unresolved concerns, you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.