Effective: September 2020
Last Updated: September 2, 2020
If you do not want your information collected or used in the manner described in this Policy, please do not use our Services or otherwise interact with us. By using our Services or otherwise interacting with us in any manner, you are deemed to have agreed to the provisions of this Policy, unless you are in the European Economic Area (“EEA”) or Switzerland in which case you are acknowledging that you have been provided this Policy. We may change, modify, add or delete portions of this Policy at any time. We encourage you to visit this Policy frequently to ensure you are aware of how it applies to you.
Whole Body Prayer is a “data controller” subject to the General Data Protection Regulation (the “GDPR”) only insofar as we are offering goods or services to individuals in the EEA or where our Digital Properties may be used to monitor individuals’ behavior as far as it takes place in the EEA. Nevertheless, this Policy provides a general description of how we process personal data, regardless of where individual users are from. If you have any questions about this Policy or want to exercise your rights pursuant to the Policy, please contact us using the details set forth below.
Whole Body Prayer
1750 Stone Ridge Drive
Stone Mountain, GA 30083
Whole Body Prayer is committed to working with you to obtain a fair resolution of any complaint or concerns about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint with the competent EU Member State authority.
1. Information We Collect
The nature of the information we collect from you depends on how you engage with us and generally consists of:
Personally Identifiable Information (“PII”), which is information that can be used to identify you, including name, postal address, mobile phone number or e-mail address.
Anonymous information, which is data about you, your device or your activities that does not by itself identify you.
When, and to the extent, anonymous information is combined with PII, such information also becomes PII and is treated and protected as such in accordance with the terms of this Policy.
We collect PII and anonymous information that you directly provide to us as well as information you indirectly provide to us as you use our Services. We may also collect information about you from third parties.
Directly provided information
You may directly provide information to us, including PII such as your name, email address and password when you register for an Account with us, sign up for a newsletter or otherwise fill out a lead generation form regarding a particular product or service on our or third-party digital properties, including social media. You may provide further information to us, including information such as gender, birth date / location, payment information, postal address and phone number as well as physical characteristics and personal preferences, goals, experiences, aptitudes, attitudes and behaviors (i) when you edit your Profile, (ii) when you utilize tools and other services provided by us including calendars, journals, user surveys and online assessments in the course of using our Apps or online programs or (iv) when you purchase a product or service from us through our online store.
We may also collect similar information from you in the course of your discussions with our sales personnel regarding potential purchases or to fully enroll you in our in-person events or other products and services. Please note that in order for us to accommodate your special needs or to ensure your suitability for certain in-person events or programs you may also provide us with specific health-related information including disabilities or allergies, among other information, and we may keep such information for future reference for your safety.
You may also provide information to us via communications at our in-person events, during telephonic or online group lessons, meditations, workshops and other sessions or via forums such as online groups, chat rooms and message boards, some of which may be a required or optional component of our product and service offerings. We also collect information from you when you place a request for customer service, when you respond to any censuses, surveys, or user interviews, provide any testimonials with respect to our products or services or apply for employment with us.
Indirectly provided information
Every time you engage with us we automatically collect certain information about you. This includes:
Usage data such as which of our websites and Apps you visit and any or all of your activities on such properties, including the content and other Materials you access, the sequence, duration, dates and times and manner of such activities and the purchases you make.
Technical information including your internet protocol (IP) address (which may by itself be considered PII in certain jurisdictions and under certain circumstances), device type, model, operating system and identifier, web browser, pages viewed, including any referring page, and information about your mobile network such as the service provider, connection type and geographic area.
Information collected from third parties
Information we may collect from third parties includes:
Usage data and technical and non-technical information provided by third-party service providers (“Whole Body Prayer Vendors”) with whom we contract to provide specific services to support our business.
Information you provision us with access to including, for example, data provided by social media services when you create or log-in to your Account via such social media services (including your name, user name(s), e-mail address and other information depending on your account settings with the relevant social media service) or, in the case of our Whole Body Prayer Mediation and Well-being App, information from Apple HealthKit. Please note that we do not currently collect any information from HealthKit and, in the event we collect such information in the future, we expressly warrant that we will not use (or permit any third-party to use) any such information for marketing, advertising or use-based data mining.
Transaction information from third-party app stores you use to install or purchase a subscription to one of our Apps.
Additional information we may purchase about you and your activities from third-party data providers.
Contact information provided by any person via our “Refer a Friend” feature.
We may combine any data we collect with other information we may have about you or use information we have to derive or infer other information. For example, we may be able to determine your approximate location using your IP address.
2. How We Use Your Information
We may collect, store and use your information for any purpose relating to our business, subject to this Policy. This includes, for example:
Personalizing your experience by offering and delivering content, products and services relevant to your stated and inferred interests, needs, location or other preferences.
Fulfilling your orders including delivering goods or granting access to Services and Materials, as the case may be, as well as managing any related payments and collections and complying with any consequent legal obligations such as the collection and filing of taxes.
Communicating with you about products and services we believe would be of interest to you.
Providing you with support and responding to your inquiries, including investigating your concerns and monitoring and improving our processes.
Soliciting your feedback on new or existing products and services.
Analyzing our audience behavior and usage patterns to inform product and content development and to improve our marketing initiatives.
Creating, maintaining, customizing, and securing your Account, preventing transactional fraud and assessing and maintaining the safety, security, and integrity of the Services and our databases, business and technology infrastructure more generally.
Delivering targeted offers and ads through our Digital Properties, third-party properties, and via email, text messages (with your consent, where required by law) and push notifications.
Enabling your participation in promotions, sweepstakes or contests offered by us.
Responding to law enforcement requests and as required by applicable law, court order, or governmental regulations.
For other purposes as may be disclosed or is otherwise clear at the point of collection or in the event it is otherwise necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
3. Who Else May Have Access to Your Information
Whole Body Prayer will never sell or rent your PII to any third party under any circumstances and will only share or disclose your PII with third parties as set forth in this Policy and in all cases, for legitimate business reasons. As you interact with us, the following entities may obtain your information:
Certain of our business partners (“Partners”) who directly provide specific services to you in connection with a product or service offering from Whole Body Prayer, including hotels that accommodate you for one of our in-person programs. Additionally, some of our programs are provided to you by Partners including the Whole Body Prayer Health Retreat. We may provide information about you to Partners in order for them to directly provide you with the services you are expecting. Please note that we will only share information with Partners that is relevant for their provision of such services to you and such information may include, at your request, special instructions to accommodate your needs, including disclosure of relevant disabilities and allergies. For the avoidance of doubt, information shared with Partners may include the responses you provide to us pursuant to the MBTA and the analyses drawn therefrom. Please note that Partners with whom we share information as described herein will be identifiable to you and you should refer to their privacy policies to understand how they protect and use your information.
Advertising service providers that provide analytics to us (e.g., Google Analytics) and / or serve advertisements on our behalf on our and third-party web properties and mobile applications, including agencies, social media platforms (e.g., Facebook) and ad servers (e.g., Google AdSense, etc.). In addition to information we provide them, these entities may use Tracking Technology to collect and combine your information over time and across browsers and devices in order to infer your interests for the purpose of presenting you with advertisements across various browsers and devices attributed to you. For more information about your rights with respect to Tracking Technology and the use of your information for interest-based advertising please refer to the section entitled Cookies, Web Beacons and Similar Technologies.
Providers of third-party functionality we provide access to on our Digital Properties to enhance your experience, including social media service providers. These entities may directly collect information about you and your activities, including by way of Tracking Technology, and use such information for any purpose pursuant to their privacy policies and, if applicable, your Account settings with such third parties.
Other entities as required for legal compliance. For example, we may disclose your information to third parties when such disclosure is:
necessary to conform to legal requirements or to respond to a subpoena, search warrant or other legal process received by us, whether or not a response is required by applicable law;
necessary to enforce or apply our Terms, Policy, or other agreements; or
to protect the rights, property, or safety of Whole Body Prayer, our employees, you or our other users / customers or other members of the general public.
Affiliates of Whole Body Prayer or to others as appropriate in connection with the consummation or negotiation of a financing, sale or merger of Whole Body Prayer or any assets of Whole Body Prayer. In any such transaction, information about our customers and users is generally considered an asset to potential investors or successors in interest to Whole Body Prayer.
To any other entity as otherwise directed by you or with your express consent. This may include entities through which you purchase our Services including, for example, your employer, or a provider of another of your products or services to the extent they sponsor your use of the Services. The nature of the information we provide to such entities in connection with the foregoing, if any, will be clearly disclosed to you by any such entity in advance of collection.
Other third parties may also have access to your information as a result of your interactions with us, including:
Any other visitor to our properties or a fellow participant in a product or service offering in the event you:
Provide such information to them in person.
Utilize any publicly accessible blogs, message boards or other community forums on our properties or third-party properties, including social media sites, on which our products or services may be included or via which they are supported.
Participate in telephonic or online group lessons, meditations, workshops or other sessions or online groups, some of which may be a required or optional component of our product and service offerings.
Submit any testimonials or reviews of our products and services, subject to the explicit terms of the communications pursuant to which such reviews and testimonials are submitted.
For the avoidance of doubt, you should assume that any information you provide in connection with the above actions may be read, collected, and used by others. To the extent this data is provided on any third-party property, the terms and privacy policies of such third-party property will apply to any such data under their control or in their possession. It is strongly recommended that you carefully monitor the information you share pursuant to the above activities as any such information may become a permanent part of the public domain and have unintended consequences. Whole Body Prayer may not regularly monitor any such information and is under no obligation to do so. Please see our Terms for more information about what we consider User Generated Material and Footage and how we use such information.
Partners to whom you directly provide your information following a referral from Whole Body Prayer. For example, the Whole Body Prayer Health Retreat may include health consultations and other services provided by medical professionals (“Medical Partners”) to whom you may disclose certain health-related information (including information about physical and mental health conditions and diagnoses, treatments for medical conditions, genetic information, family medical history, medications you take, and medical insurance details) (“Medical Information”) as part of the program. While we may invoice you for the entire cost of the Whole Body Prayer Health Retreat, you will be required to directly provide Medical Information to any such Medical Partner who will collect and process such Medical Information subject to their terms and policies. Any requests with respect to Medical Information collected by a Medical Partner should be directed to the specific Medical Partner involved with the relevant program.
Potential clients of yours if you are a Whole Body Prayer Certified Coach and you provide and authorize such information for public display. Please note that the information thus displayed will be visible to anyone who visits Digital Properties on which such information is displayed, regardless of whether or not they are actually seeking the services you provide. You may authorize information including your name, photos, telephone number and email address, personal website address, geographic area, education / Whole Body Prayer certifications achieved, Whole Body Prayer event attendance history, and other information as well as User Generated Content.
We may also use and share anonymous aggregated info, including information about you and your activities that is de-identified and with respect to which you cannot reasonably be associated, for any purpose whatsoever, including for research studies, demographic profiles of our users and summaries of our users’ activities and behaviors.
4. Cookies, Web Beacons and Similar Technologies
We and, as discussed herein, certain third parties use Tracking Technology on Whole Body Prayer Digital Properties or in connection with Whole Body Prayer advertisements and activities on third-party properties for various purposes. These include Whole Body Prayer-specific uses such as authenticating you and recognizing your preferences when you visit our Digital Properties, customizing your experiences with our Services, analyzing website analytics and such other purposes as set forth elsewhere in this Policy. Whole Body Prayer Vendors use Tracking Technology to fulfill their service obligations to us. Other third parties use Tracking Technology for interest-based advertising, to provide their products and services directly to you or for other purposes as set forth in their respective terms and policies.
Tracking Technology includes:
Cookies, which are small strings of data sent by a web server that is stored in your computer’s Internet browser and provided back to the web server to uniquely identify your browser each time you encounter a page accessed by that web server. We may use session cookies, which are temporary cookies that disappear after you close your browser, and/or persistent cookies, which are reloaded when you open a new browser session. You may be able to configure your browser to accept or reject all or some cookies, or notify you when a cookie is set – all browsers are different, so check the settings of your particular browser to learn how to change your cookie preferences. Disabling cookies, however, may make certain functionality provided by us unavailable or suboptimal. Blocking cookies will not prevent the use of other technologies on your browser or device.
Web beacons (also known as single-pixels (1×1), clear GIFs or pixel tags), which are electronic images embedded in a webpage or HTML-based e-mail. Web beacons can recognize certain types of information on your computer, such as a cookie number, time and date of a page view and the webpage where the beacon is placed. While you may not decline web beacons, you may render some web beacons unusable by rejecting their associated cookies. As mentioned above, if you disable the cookies associated with a beacon, some functionality may not work properly.
Other similar technologies such as local storage objects (“LSOs”), including “flash cookies,” authentication tokens” and HTML5 local storage. Like cookies, these technologies are stored on your computer, albeit in different parts of your device, and perform similar functions. They can also be used to store certain information about your preferences. Your Internet browser may allow you to disable HTML5 or delete information contained in HTML5 local storage by changing your browser settings. To manage Flash LSOs please click here. Please note that disabling these technologies may interfere with the performance and features of our products and services.
We use Google Analytics to help us better understand activity on our Digital Properties. Data collected via Google Analytics is used by us according to this Policy and may also be used by Google according to its policies. For more information about Google Analytics, please click here. To opt out of the collection and processing of data by Google Analytics click here.
Please note that if you delete cookies, reset your device identifier or use another browser or device, you may need to repeat your opt-out choices. If you opt out of IBA, you will still receive ads, but these ads may be less relevant to you. If you disable cookies or opt out of IBA by any of the avenues set forth above, we will still collect data by other means and for the purposes set forth in this Policy.
To disable collection of precise location information from your mobile device, you can access your mobile device settings and choose to limit that collection.
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track your online activities over time and across browsers and devices. Our websites do not support Do Not Track requests at this time, which means that we may collect information about your online activity both while you are using our websites and after you leave our properties.
5. How to Access, Change or Delete Your Information and Messaging Preferences
If you have an Account, you may view and directly edit certain information we have about you, such as your email address, in your Profile. You can also contact us directly at firstname.lastname@example.org to edit your information.
You may request removal of information you provide for public display on our Digital Properties as set forth in the section entitled Who Else May Have Access to Your Information by contacting us at email@example.com. In some cases, we may not be able to remove such information, in which case we will let you know why we are unable to do so.
You also have the right at any time to stop us from contacting you by email for promotional purposes either by clicking “Unsubscribe” at the bottom of any email communication or in your Account settings on certain of our Digital Properties. Notwithstanding your indicated email marketing preferences, we may send you administrative emails regarding Whole Body Prayer, including, for example, order confirmations and notices of updates to this Policy or the Terms if we choose to provide such notices to you in this manner.
At any time, you can manage our ability to send you push notifications by turning off the notification settings in the relevant mobile application or in the device settings of your mobile device. If you choose not to receive push notifications, you may still receive in-app notifications.
Any changes you request will take effect within 48 hours.
6. Children’s Privacy
We do not intentionally collect or maintain PII from individuals who are under sixteen (16) years old. Protecting the privacy of minors is very important to us. Thus, if we obtain actual knowledge that we are holding PII of someone under 16 years of age, we will take steps to permanently remove that PII from our records. Should you, as a user’s parent or legal guardian, become aware that a user who is under the age of 16 has provided us with PII, please notify us immediately by any means set forth below.
7. How We Protect Your Information
Whole Body Prayer takes precautions to ensure that your PII is secured. We use a variety of industry-standard technical, contractual, administrative and physical security measures and procedures to help protect your PII from unauthorized access, use, alteration or disclosure. We restrict access to PII to those employees or contractors who need access to perform their job functions. Please note that despite our best efforts, no one can guarantee the security of PII. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of PII at any time.
8. Links to Other Websites and Services
Our Digital Properties may contain links to third-party websites. We do not control the privacy policies or practices of such websites. You should review the terms and policies of any property you visit before providing any PII on such property. Whole Body Prayer is not responsible for the content or practices of any linked websites, and we provide these links solely for your convenience.
9. California Residents
This section supplements the information contained in this Policy and applies solely to visitors, users, consumers and others who reside in the State of California (“consumers”). The provisions within this section have been adopted to comply with the California Consumer Privacy Act of 2018 (CCPA) and its regulations. Any terms defined in the CCPA have the same meaning when used in this section.
Whole Body Prayer collects and maintains different types of personal information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). The CCPA sets out eleven categories of personal information, including:
Identifiers. For example, real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, Account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). For example, a name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Protected classification characteristics under California or federal law. For example, race (which includes historically associated traits, such as hair styles and protective hair styles, e.g., braids, locks, and twists), religious creed (which includes religious dress and grooming practices), color, national origin (which includes, but is not limited to, national origin groups and aspects of national origin, such as height, weight, accent, or language proficiency), ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex (which includes pregnancy, childbirth, breastfeeding, and related medical conditions), gender, gender identity, gender expression, age, sexual orientation, military or veteran status (including state and federal active and reserve members as well as those ordered to duty or training), immigration/citizenship status or related protected activities (which includes undocumented individuals and human trafficking), protected medical leaves, domestic violence victim status, political affiliation, or any other category or activity protected by federal, state, or local laws, ordinances, or regulations.
Commercial information. For example, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Biometric information. For example, genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
Internet or other similar network activity. For example, browsing history, search history, personal social media activity, personal email, online transactions and information on a consumer’s interaction with a website, application, or advertisement.
Geolocation data. For example, physical location or movements.
Sensory data. For example, audio, electronic, visual, thermal, olfactory, or similar information.
Professional or employment-related information. For example, current or past job history or performance evaluations.
Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). For example, education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
Inferences drawn from other personal information. For example, profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Collection and sharing of personal information
Whole Body Prayer collects and shares the following categories of personal information:
Identifiers and personal information categories listed in the California Customer Records statute. This information is collected directly and indirectly from you, and from third parties for the purpose of fulfilling or meeting the reason you provided the information and for such other purposes as may be described in the section entitled How We Use Your Information. For example, if you share your name and contact information to participate in a program or purchase a product or service, we will use that personal information to process your payment and facilitate your participation in or access to program, product, or service. This information may be shared with Whole Body Prayer Vendors, Partners and other third parties as described in this Policy. For more information on our collection and sharing of this type of information, please refer to the sections entitled Information We Collect and Who Else May Have Access to Your Information.
Protected classification characteristics under California or federal law. You may provide us with your gender in response to censuses or surveys of our users or in connection with your enrollment in one of our events or programs. We may also infer such information based on our interactions with you. You may also directly provide us with certain health-related information in order for us to accommodate your special needs or ensure your suitability for certain in-person events or programs.
Commercial information. This information may be collected from third parties in order to better understand our users for marketing and product and service development purposes. We will also collect and store your purchases of our products and services to provide you with easy access to such offerings.
Internet or other similar network activity. This information is collected indirectly from you including through the use of Tracking Technology. This information is collected to assist us in operating and improving our products and services and for security purposes as well as for other purposes described in the section entitled How We Use Your Information including for marketing and product and service development purposes. This information may collected by or shared with Whole Body Prayer Vendors and other third parties as further described in the sections entitled Information We Collect and Who Else May Have Access to Your Information.
Geolocation data. This information may be collected indirectly from you through Whole Body Prayer Vendors or you may provide such information directly to our sales personnel. We use such information in order to better understand our users for marketing and product and service development purposes.
Sensory data. While we may record your customer service and sales calls, we only use such data to respond to your service issues and improve the provision of our services. Similarly, your voice and image may appear in User Generated Material or Footage but we do not intentionally collect this information to identify you for any purpose whatsoever.
Professional or employment-related information. This information is collected directly from you in the event you provide such information as part of a census or survey of our users or of Whole Body Prayer Certified Coaches. You may also provide such information directly to our sales personnel or we may purchase such data from third parties. We use this data in order to better understand you and our other users for marketing and product and service development purposes. Whole Body Prayer Certified Coaches may also directly provide this information to us for public display in order for potential clients to find and connect with them through our on-line resources.
Inferences drawn from other personal information. Such personal information may be collected directly and indirectly from you, and from third parties. The inferences drawn therefrom helps us improve our ability to offer and deliver products that are tailored to your interests and needs. We may also use these inferences in assessments and reports provided to you as part of our services and as requested by you. This information may be shared with Whole Body Prayer Vendors, Partners and other third-parties as further described in the sections entitled Information We Collect and Who Else May Have Access to Your Information.
Whole Body Prayer may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we endeavor to enter into a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the relevant service on our behalf.
Pursuant to the CCPA, personal information does not include:
Publicly available information from government records.
Deidentified or aggregated consumer information.
Information excluded from the CCPA’s scope, like:
health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and
personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
Use of personal information
We may use or disclose the personal information we collect as set forth in the section entitled How We Use Your Information or as otherwise set forth in the CCPA. We will not collect additional categories of personal information or use the personal information we collect for materially different, unrelated, or incompatible purposes without providing you notice.
Disclosures of personal information for a business purpose
In the preceding twelve (12) months, Whole Body Prayer has disclosed the following categories of personal information for a business purpose: identifiers and California Customer Records personal information categories; protected classification characteristic under California or Federal law; internet or other similar network activity; sensory data; professional or employment related information; and inferences drawn from other personal information. We disclose your personal information for a business purpose to the following categories of third parties: Whole Body Prayer Vendors, Partners, and other third parties as described in this Policy, including as set forth in the section entitled Who Else May Have Access to Your Information.
Sale of personal information
In the preceding twelve (12) months, Whole Body Prayer has not sold personal information.
Your rights and choices
Access to Specific Information and Data Portability Rights. You have the right to request that Whole Body Prayer disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request to us via email at firstname.lastname@example.org (see Exercising Access, Data Portability, and Deletion Rights below), we will disclose to you:
The categories of personal information we collected about you.
The categories of sources for the personal information we collected about you.
Our business or commercial purpose for collecting or selling that personal information.
The categories of third parties with whom we share that personal information.
The specific pieces of personal information we collected about you (also called a data portability request).
In addition, if we disclosed your personal information for a business purpose, we will identify the personal information categories that each category of recipient obtained.
Deletion Request Rights. You have the right to request that Whole Body Prayer delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights below), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service provider to:
Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights. You may manage your information and preferences regarding our communications with you. To exercise the access, data portability and deletion rights described, please submit a verifiable consumer request to us via email at email@example.com.
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. We may also require verification of the identity of your designated agent.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. We consider requests made through an email address previously provided by you and associated with your Account as sufficiently verified.
Your verifiable consumer request must: (i) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or the authorized representative of such person and (ii) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Response Timing and Format. We endeavor to respond to verifiable consumer CCPA requests within forty-five (45) days of receipt. If we require more time (up to 45 days), we will inform you of the reason and extension period in writing. If you have an Account with us, we will deliver our written response to the email address associated with that Account. If you do not have an Account with us, we will deliver our written response by mail or electronically, at your option, following verification. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
Deny you goods or services.
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Other California privacy rights
Under California’s “Shine the Light Law,” Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal customer information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request via email to firstname.lastname@example.org or by mail to:
Whole Body Prayer
1750 Stone Ridge Drive
Stone Mountain, GA 30083
10. Visiting our Digital Properties from Outside the United States
We store and process all PII for Whole Body Prayer within the US.
If you are visiting our Digital Properties from outside the United States, please be aware that your information will typically be transferred to, stored, and processed in the United States where our servers are located and our central databases are operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. Please be assured that we seek to take reasonable steps to ensure that your PII is protected. By using our services, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this Policy.
11. Visiting our Digital Properties from the European Economic Area (EEA)
The legal basis for using European PII
When we collect information about you through our Digital Properties, generally the legal basis on which we process your PII is fulfillment of an agreement with you. When we use your PII outside of what is strictly necessary to perform a contract with you, we are doing so toward our legitimate interests of informing you about products, services or Materials we believe would be of interest to you; responding to your inquiries and service issues; better understanding our users and their interests more generally to help inform product and service development; to secure and maintain the integrity of your Account or the Services and infrastructure; and as otherwise set forth in the section entitled How We Use Your Information. We may also process your PII when you provide consent for us to do so or where it is necessary for us to comply with a legal obligation.
The processing of your PII may involve a transfer of data outside the EEA. Whenever we transfer PII out of the EEA: we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or, where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
Please send us an email at email@example.com or write to us at Whole Body Prayer, 1750 Stone Ridge Drive, Stone Mountain, GA 30083, Attention: Privacy if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Rights for EEA residents
In addition, if you are a resident of the EEA, you have the right to:
Find out if we use your PII, to access your PII, and receive copies of your PII.
Withdraw any express consent that you have provided to the processing of your PII at any time without penalty.
Access your PII and have it corrected or amended if it is inaccurate or incomplete.
Obtain a transferable copy of some of your PII which can be transferred to another provider when the PII was processed based on your consent.
Request that we restrict the processing of your data if you believe your PII is inaccurate, no longer necessary for our business purposes, or if you object to our processing of your PII, subject to our investigation and/or verification of your claim.
Request your PII be deleted or restricted under certain circumstances. For example, if Whole Body Prayer is using your PII on the basis of your consent and has no other legal basis to use such, you may request your PII be deleted when you withdraw your consent.
If you wish to exercise any of these rights, or raise a complaint on how we have handled your PII, please send us an email at firstname.lastname@example.org.
No fee usually required
You will not have to pay a fee to access your PII (or to exercise any of the other rights set forth above). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your PII (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
12. Data Retention
We will only retain your PII for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your PII for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for PII, we consider the amount, nature and sensitivity of the PII, the potential risk of harm from unauthorized use or disclosure of your PII, the purposes for which we maintain and process your PII and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. Please note that by law we have to keep basic information about our customers (including contact, identity, financial and transaction data) for seven years after they cease being customers for tax purposes.
We may anonymize your information (so that it can no longer be associated with you) for research or statistical purposes and use this information indefinitely without further notice to you.
From time-to-time we may modify, update, add to, remove portions of or otherwise alter this Policy. Any changes will be posted or linked to from our Digital Properties, including at www.mywholebodyprayer.com, to ensure your ability to know what information we collect, how we collect and use that information, and when and to whom we may disclose such information. If you object to any such changes, you must immediately cease using our Services or otherwise interacting with us. You are bound by any changes to this Policy when using our Services or otherwise interacting with us after those changes have been posted.