Your Personal Information
All personal information you share with us is maintained in accordance with the Personal Information Protection and Electronic Documents Act (2000). References to DEEP YOGA may include its affiliates, depending on the context.
We collect Personal Data about you when you visit DEEP YOGA or use our services, including the following:
- When you register to use our services by establishing an account, we will collect personal data as necessary to offer and fulfil the services you request. We may require you to provide us with your name, postal address, telephone number, email address, date of birth, gender, emergency contact name and contact information, and pre-existing health conditions in our health commitment and waiver release form to establish an account.
- Any correspondence you send to us, telephone us, or when you email us.
- Details of your visits to our site and the resources that you access (which may include, amongst other things; traffic data and communication data);
- Details of purchases on our website or mobile app.
Reservations you make for DEEP YOGA classes.
We may require you to provide us with additional personal data as you use our services, to the extent that it is necessary for the provision of those services. Where we believe that we need more data we will set out the reasons why we need that information, and describe how we intend to use it.
Sharing Your Data & Data Processors
DEEP YOGA does not and will not ever sell your member details or personal information to any third parties. We will also never purchase information on our members from third party sources.
DEEP YOGA members have the right to withdraw consent for DEEP YOGA to hold your personal information and membership data by cancelling your membership or by any other form of request.
DEEP YOGA will never disclose your personal information without your consent unless disclosure is either necessary to prevent a threat to life or health, authorised or required by law, reasonably necessary to enforce the law or necessary to investigate a suspected unlawful activity.
MINDBODY stores all data in servers and backup servers located in the United States. MINDBODY has Privacy Shield certification which complies with GDPR regulations related to transferring data outside of the EU. Click here for a detailed explanation of how the Privacy Shield requirements align with the new GDPR guidelines.
Use of Your Information
We will process your Personal Data for a variety of reasons that are justified under data protection laws in the European Economic Area (EEA) and Switzerland.
To operate DEEP YOGA and provide services, including to:
- Create an account
- Make a booking, class cancellation, or waitlist booking
- Make a purchase for the provision of our services
- Initiate a payment, whether one-off or through our “Auto Pay” membership
- To manage our business needs, such as monitoring, analysing, and improving the services and DEEP YOGA performance and functionality. For example, we may analyse user behaviour and perform research about the way you use our services.
- To comply with our obligations and to enforce the terms of DEEP YOGA, including to comply with all applicable laws and regulations.
- To anonymise personal data in order to provide aggregated statistical data to third parties, including other businesses and members of the public, about how, when, and why users visit DEEP YOGA.
With your consent, including to:
- To market to you by delivering marketing materials about DEEP YOGA products and Services. We may also process your personal data to tailor certain DEEP YOGA experiences to better match our understanding of your interests.
- To respond to your requests, for example to contact you about a question you submitted to our administration team.
You can withdraw your consent at any time and free of charge.
Your health data is regarded as a special category of data under data protection laws. We process health data so as to be aware of any particular concerns or issues that may affect your ability to undertake exercise with us, or to assist us if there is a medical emergency. Because we cannot allow you to participate in a class unless we have this information we regard the information as being necessary for the performance of your contract with us. In addition, we must have additional authority to process this personal data, because of its status. We will only process this data with your explicit consent, which we will ask for separately. Given the significant harm that could result if we are not aware of a medical condition, we will not be able to allow you to take our classes without your consent.
Under no circumstances do we sell participant or personal information to others. Please note that we will not share health information that may have been provided in connection with a program, program withdrawal or request for refund. With your consent, we may use certain information to provide you with information about DEEP YOGA and its affiliates and programming. This consent is optional and you can decide to withdraw it at any time. Information collected by DEEP YOGA about its users is used internally by authorized employees of DEEP YOGA for following reasons: To process payment, register you in the program of your choice, update you when required of any possible changes of the planned services at DEEP YOGA, determination of those areas, features, and services that are valued the most and found most helpful. Also, we collect information to determine the appropriate participation in the activities and services provided at DEEP YOGA and on our site.
Your Rights Under the GDPR
Subject to limitations set out in EEA data protection laws, you have certain rights in respect of your Personal Data. In particular, you have a right of access, rectification, restriction, opposition, erasure and data portability. Please contact firstname.lastname@example.org if you wish to exercise these rights. If you wish to complete an access request to all personal data that DEEP YOGA holds on you, we would ask that you provide 2 points of data verification to prove your identity, for example, your Date of Birth and Postcode.
If you have an account with DEEP YOGA, you generally can review and edit Personal Data in the Account by logging in and updating the information directly.
Securing Your Information
The DEEP YOGA website uses sophisticated security and safeguard measures to protect users’ information. One such measure is our use of secure server software (SSL), to ensure that your credit card will be protected against fraudulent use while on our site.
We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your Personal Data against loss, misuse, unauthorised access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centres, and information access authorisation controls. While we are dedicated to securing our systems and services, you are responsible for securing and maintaining the privacy of your password(s) and account/profile registration information and verifying that the personal data we maintain about you is accurate and current.
If the revised version includes a substantial change, we will provide you with 30 days prior notice by posting notice of the change on the “About” page of our website. We also may notify Users of the change using email or other means.
Please email us at email@example.com for any inquiries or requests regarding your personal data.
If you are not satisfied by the way in which we address your concerns, you have the right to lodge a complaint with the Supervisory Authority for data protection in your country. In the United Kingdom this is the Information Commissioners Office – www.ico.org.uk