The website and its content are owned by Kathryn Costa (“Company”, “we”, or “us”). The term “you” refers to the user or viewer of http://www.truenortharts.com, http://www.100mandalas.com, http://100mandalascommunity.com (“Website”).
WHAT DATA WE COLLECT ABOUT YOU
We collect personal data from you so that we can provide you with a positive experience when utilizing our Website or content. We will only collect the minimum amount of information necessary for us to fulfill our obligation to you.
Personal data means any information capable of identifying an individual. It does not include anonymised data.
We may process certain types of personal data about you as follows:
- Identity Data may include your first and last name.
- Contact Data may include your billing address, delivery address, and email address.
- Financial Data may include your bank account and payment card details (when purchasing an item or registering for a program).
- Transaction Data may include details about payments between us and other details of purchases made by you.
- Marketing and Communications Data may include your preferences in receiving marketing communications from us and your communication preferences.
We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offenses.
Where we are required to collect personal data by law, or under the terms of the contract between us and you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver goods or services to you). If you don’t provide us with the requested data, we may have to cancel a product or service you have ordered but if we do, we will notify you at the time.
HOW WE COLLECT YOUR DATA
We collect data about you through a variety of different methods including:
- Direct interactions: You may provide data by filling in forms on our site (or otherwise) or by communicating with us by mail, phone, email or otherwise, including when you:
- order our products or services;
- subscribe to our service or publications;
- enter a competition, prize draw, promotion or survey; or
- give us feedback.
- analytics providers such as Google;
- Contact, Financial and Transaction Data from providers of technical, payment and delivery services [such as Stripe and PayPal].
Please note that the information above (“Personal Data”) that you are giving to us is voluntarily, and by you providing this information to us you are giving consent for us to use, collect and process this Personal Data. You are welcome to opt-out or request for us to delete your Personal Data at any point by contacting us at firstname.lastname@example.org.
If you choose not to provide us with certain Personal Data, you may not be able to participate in certain aspects of our Website or content.
OTHER INFORMATION WE MAY COLLECT
Anonymous Data Collection and Use
To maintain our Website’s high quality, we may use your IP address to help diagnose problems with our server and to administer the Website by identifying which areas of the Website are most heavily used, and to display content according to your preferences. Your IP address is the number assigned to computers connected to the Internet. This is essentially “traffic data” which cannot personally identify you, but is helpful to us for marketing purposes and for improving our services. Traffic data collection does not follow a user’s activities on any other websites in any way. Anonymous traffic data may also be shared with business partners and advertisers on an aggregate basis.
Use of “Cookies”
We may use the standard “cookies” feature of major web browsers. We do not set any personally identifiable information in cookies, nor do we employ any data-capture mechanisms on our Website other than cookies. You may choose to disable cookies through your own web browser’s settings. However, disabling this function may diminish your experience on our Website and some features may not work as intended.
WHAT WE DO WITH INFORMATION WE COLLECT
We may contact you with information that you provide to us based on these lawful grounds for processing:
We may contact you if you give us your clear, unambiguous, affirmative consent to contact you.
We will contact you under our contractual obligation to deliver goods or services you purchase from us.
We may contact you if we feel you have a legitimate interest in hearing from us. For example, if you sign up for a webinar, we may send you marketing emails based on the content of that webinar. You will always have the option to opt out of any of our emails.
We will use the Personal Data you give to us in order to process your payment for the purchase of goods or services under a contract. We only use third-party payment processors that take the utmost care in securing data and comply with the GDPR.
Targeted Social Media Advertisements
We may use the data you provide to us to run social media advertisements and/or create look-alike audiences for advertisements.
Share with Third Parties
We may share your information with trusted third parties who provide IT and system administration services such as Infusionsoft (email newsletter provider), Ruzuku (course management), PayPal and Stripe (for payment transactions), Gmail (email).
Viewing by Others
Note that whenever you voluntarily make your Personal Data available for viewing by others online through this Website or its content, it may be seen, collected and used by others, and therefore, we cannot be responsible for any unauthorized or improper use of the information that you voluntarily share (i.e., sharing a comment on a blog post, posting in a Facebook group that we manage, sharing details on a group coaching call, etc.).
SUBMISSION, STORAGE, SHARING AND TRANSFERRING OF PERSONAL DATA
Personal Data that you provide to us is stored internally or through a data management system. Your Personal Data will only be accessed by those who help to obtain, manage or store that information, or who have a legitimate need to know such Personal Data (i.e., our hosting provider, newsletter provider, payment processors or team members).
We retain your Personal Data for the minimum amount of time necessary to provide you with the information and/or services that you requested from us. We may include certain Personal Data for longer periods of time if necessary for legal, contractual and accounting obligations.
To use certain features of the Website or its content, you may need a username and password. You are responsible for maintaining the confidentiality of the username and password, and you are responsible for all activities, whether by you or by others, that occur under your username or password and within your account. We cannot and will not be liable for any loss or damage arising from your failure to protect your username, password or account information. If you share your username or password with others, they may be able to obtain access to your Personal Data at your own risk.
You agree to notify us immediately of any unauthorized or improper use of your username or password or any other breach of security. To help protect against unauthorized or improper use, make sure that you log out at the end of each session requiring your username and password.
We will use our best efforts to keep your username and password(s) private and will not otherwise share your password(s) without your consent, except as necessary when the law requires it or in the good faith belief that such action is necessary, particularly when disclosure is necessary to identify, contact or bring legal action against someone who may be causing injury to others or interfering with our rights or property.
YOUR LEGAL RIGHTS
How You Can Access, Update or Delete Your Personal Data
You have the right to:
- Request information about how your Personal Data is being used and request a copy of what Personal Data we use.
- Restrict processing if you think the Personal Data is not accurate, unlawful, or no longer needed.
- Rectify or erase Personal Data and receive confirmation of the rectification or erasure. (You have the “right to be forgotten”).
- Withdraw your consent at any time to the processing of your Personal Data.
- Lodge a complaint with a supervisory authority if you feel we are using your Personal Data unlawfully.
- Receive Personal Data portability and transference to another controller without our hinderance.
- Object to our use of your Personal Data.
Personal Information Request Form – Use this form to make requests.
You may unsubscribe from our e-newsletters or updates at any time through the unsubscribe link at the footer of all email communications. If you have questions or are experiencing problems unsubscribing, please contact us at email@example.com.
We take commercially reasonable steps to protect the Personal Data you provide to us from misuse, disclosure or unauthorized access. We only share your Personal Data with trusted third parties who use the same level of care in processing your Personal Data. That being said, we cannot guarantee that your Personal Data will always be secure due to technology or security breaches. Should there be a data breach of which we are aware, we will inform you immediately.
We have a no spam policy and provide you with the ability to opt-out of our communications by selecting the unsubscribe link at the footer of all e-mails. We have taken the necessary steps to ensure that we are compliant with the CAN-SPAM Act of 2003 by never sending out misleading information. We will not sell, rent or share your email address.
Third Party Websites
We may link to other websites on our Website. We have no responsibility or liability for the content and activities of any other individual, company or entity whose website or materials may be linked to our Website or its content, and thus we cannot be held liable for the privacy of the information on their website or that you voluntarily share with their website. Please review their privacy policies for guidelines as to how they respectively store, use and protect the privacy of your Personal Data.
Children’s Online Privacy Protection Act Compliance
We do not collect any information from anyone under 18 years of age in compliance with COPPA (Children’s Online Privacy Protection Act) and the GDPR (General Data Protection Regulation of the EU). Our Website and its content is directed to individuals who are at least 18 years old or older.
Notification of Changes
DATA CONTROLLER AND PROCESSORS
We are the data controllers as we are collecting and using your Personal Data. We use trusted third parties as our data processors for technical and organizational purposes, including for payments and email marketing. We use reasonable efforts to make sure our data processors are GDPR-compliant.
Last Updated: May, 2018