Sign up for our newsletter!
Want to stay up-to-date on industry trends?
We understand that privacy and the security of your personal information is extremely important. This privacy policy for Kumbhaka Kissed ("we," "us," or "our") tells you what we do with your information and what we do to keep it secure through the use of our services. It also explains where and how we collect your personal information, as well as your rights over any personal information we hold about you. This Policy explains how we do this and tells you about your privacy rights and how the law protects you.
This privacy notice applies to this website and other interactions (e.g, when you create an account with the Website, purchase or sign up for our product or service, sign up to our newsletter, signup to updates, when you contact us by email or phone or contact us via social media) you may have with us. If you do not agree with the terms, do not access our Website or any other aspect of Kumbhaka Kissed.
If you need to contact us about anything related to this policy or your personal data, please contact us using the email casey@kumbhakakissed.com or telephone 07719 129509.
Personal data means any information capable of identifying an individual. It does not include anonymised data. We may collect and process your personal data in a different ways. We collect personal information which is voluntarily provided by you when you register for services, contact us, or express consent to receive information that relates to our products or services.
We collect or use the following information:
Communication Data that includes any communication that you send to us whether that be through contact forms on our website, through email, text, social media messaging, social media posting or any other communication that you send us. This may also include data from offline conversations (for example, an event or phone call).
Customer Data that includes data relating to any purchases of goods and/or services such as your name, title, billing address, delivery address email address, phone number, contact details, purchase details and your card details.
User Data that includes data about how you use our website and any online services together with any data that you post for publication on our website or through other online services. This may include product, content, files, courses, quizzes, surveys or any other content you upload to or create on the Website.
Technical Data that includes data about your use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website. The source of this data is from our analytics tracking system.
Marketing Data that includes data about your preferences in receiving marketing from us and our third parties and your communication preferences.
Specific examples include:
•Names and contact details (such as email address, address, phone number)
•Purchase or account history
•Your date of birth
•Payment details (including card or bank information for transfers and direct debits)
•Health information (including dietary requirements, allergies and health conditions)
•Personal data you may post on our website •Website user information that may be collected automatically (IP address, account information and registration details, purchasing or viewing history, course access, time zone settings, length of visits and website journey)
•Photographs or video recordings from events or from your posting on the website
•Information relating to compliments or complaints
•Feedback related to future services or consumer needs
Some information we automatically collect when you visit our website, such as your Internet Protocol (IP) address a referring URL, country, when you used or visited our services. It does not tell us who you are specifically. However, it is used to help maintain our operations, security, and internal analytics. We collect this information through cookies and other technologies.
We use the following information:
• to provide services and goods including delivery (financial transactions, customer communications, processing orders, executing contracts)
• to respond to enquiries related to products and services, complaints, or other information you may bring forth
• for operation of customer accounts or service updates (such as notifications about enhancements to products for services you have purchased or signed up with us, technical updates, recording keeping for orders and services)
• for marketing (where we have your expressed consent and where we are legally allowed to do so, complete surveys)
• to make your experience with us more personalised
• website monitoring, analysis
• business protection and management
• adhere to legal obligations
Where we are required to collect personal data by law, or under the terms of the contract between us and you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver goods or services to you). If you don't provide us with the requested data, we may have to cancel a product or service you have ordered but if we do, we will notify you at the time.
Sensitive Data: Some of our services may require you to disclose certain health information prior to entering into a service. We are legally obligated to obtain your consent and inform you of health contraindications to perform certain practices. The lawful basis is obtaining your consent to process this data, for us to carry out our obligations to perform the service, and for your vital interest. In these cases we will ask for your ‘explicit consent’ before we are providing services. This will be discussed at prior to any commencement of a contract or service. We will take measures to collect and retain only the minimum amount of this special category data.
We may automatically collect certain data from you as you use our website by using cookies and similar technologies. Please see our cookie policy for more details about this : Cookie Policy.
We may receive personal data about you from various third parties and public sources as set out below. When a Third Party Service is enabled, we are authorised to connect and access Other Information made available to us in accordance with our agreement with the Third Party Provider. We do not, however, receive or store passwords for any of these Third Party Services when connecting them to the Services. Third party integrations may include: Zapier.com, MailChimp.com, Google.com, Facebook.com, Segment.io
We may receive data from third parties such as analytics providers such as Google based outside the EU, advertising networks such as Facebook based outside the EU, such as search information providers such as Google based outside the EU, providers of technical, payment such as Stripe and Paypal and delivery services, such as data brokers or aggregators.
We may also receive data from publicly available sources such as European Commision EU VAT database.
Under UK data protection law, we must have a “lawful basis” for collecting and using your personal information. There is a list of possible lawful bases in the UK GDPR. We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data. Our lawful bases for collecting or using personal information to provide services and goods are:
Communication Data : We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
Customer Data: We process this data to supply the goods and/or services you have purchased, inform you about updates to the product or service, and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract. For our legitimate interest, we may inform you about updates to the product or service, and to keep records of such transactions, in addition to address any legal claims for responsible business operations.
User Data: We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain back-ups of our website and/or databases and to enable publication and administration of our website, other online services and business. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business.
Technical Data: We process this data (see what What information we collect section) to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business and to decide our marketing strategy.
Prospect Data: We process this data when you sign up for free resources and we need to process it in order to send you the free resources you requested. This includes communication about the resources, and to keep records of such transactions. Our lawful ground for this processing is your given consent to the processing of us sending you the free resources. It is also in our legitimate interest to use communications to rely updates about the resource or respond to your communications as well as keep records.
Marketing Data: We process this data to enable you to partake in our promotions such as competitions, prize draws and free giveaways, to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising. Our lawful ground for this processing is our legitimate interests which in this case are to study how customers use our products/services, to develop them, to grow our business and to decide our marketing strategy.
Additional Notes: We may process data to comply with legal requirements or obligations the we are subject to. Our lawful ground for processing this is our legitimate interest in responsible business operations or pursuing or responding to legal claims. As it relates to obtaining professional advice or insurance our lawful ground for processing is to help protect and grow our business.
Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests (namely to grow our business).
Under the Privacy and Electronic Communications Regulations(PECR), we may send you marketing communications from us if you made a purchase or asked for information from us about our goods or services or you agreed to receive marketing communications and in each case you have not opted out of receiving such communications since. Under these regulations, if you are a limited company, we may send you marketing emails without your consent. However you can still opt out of receiving marketing emails from us at any time.
Before we share your personal data with any third party for their own marketing purposes we will get your express consent.
You can ask us or third parties to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences, by following the opt-out links on any marketing message sent to you or by emailing us via the contact us form at any time, or by emailing us using the contact information at the top of this Privacy Notice.
If you opt out of receiving marketing communications this opt-out does not apply to personal data provided as a result of other transactions, such as purchases, warranty registrations etc.
You can find out more about your data protection rights, and the exemptions which may apply on the ICO’s website. Under the data protection laws, you have the right:
• of access - You have the right to ask us for copies of your personal information. You can request other information such as details about where we get personal information from and who we share personal information with. There are some exemptions which means you may not receive all the information you ask for.
• to rectification - You have the right to ask us to correct or delete personal information you think is inaccurate or incomplete.
• to erasure - You have the right to ask us to delete your personal information.
• to restriction of processing - You have the right to ask us to limit how we can use your personal information.
• to object to processing - You have the right to object to the processing of your personal data.
• to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you.
• to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent at any time.
If you make a request, we must respond to you without undue delay and in any event within one month. To make a data protection rights request, please contact us using the contact details at the top of this privacy notice.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within 30 days. Occasionally it may take us longer than 30 days if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice. If you remain unhappy with how we’ve used your data after raising a complaint with us, you have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). Again, we would appreciate if you contact us by email using the contact details at the top of this privacy notice so that we can try to resolve it for you OR update the your information in your account profile.
We do not knowingly collect data from or market to children under 18 years of age. We also do not knowingly sell such personal information. By using the services, you agree that you are at least 18 years of age. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of data we may have collected from children under 18 years of age, please contact us using the contact details at the top of this Privacy Policy.
We may need to share your information with parties to process your data.
Data processors
Zenler: This data processor does the following activities for us: Online Course platform provider Zenler.com who will be data processor of your data. We have entered into a data processing addendum with Zenler to process your data. Other companies in our group who provide IT and system administration services and undertake leadership reporting. Service providers who provide cloud infrastructure, video hosting, live video platforms, email provider, IT and system administration services. - Amazon - Sendgrid - FileStack - Vimeo - Zoom
Stripe: This data processor does the following activities for us: When you provide personal data to make a purchase, payment, or enter any billing details in connection with Kumbhaka Kissed, Stripe receives that personal data and processes it in accordance with Stripe’s Privacy Policy.
This may also include, professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services. Government bodies that require us to report processing activities. require reporting of processing activities in certain circumstances. Third parties to whom we sell, transfer, or merge parts of our business or our assets.
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
We share your personal data within our group of companies which involves transferring your data outside the UK and European Economic Area (EEA). Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria. Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:
Our Online course platform Zenler provider based in the UK is our data processor and we have entered into data processing agreement for the processor to protect your personal data. We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. Where we use providers based in the United States (for example Amazon, Sendgrid) we may transfer data to them where we have signed data processing addendums for the provider to provide protection of data shared between the Europe and the US.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time. Please email support@zenler.com if you want further information on the specific mechanism used when transferring your personal data out of the EEA.
Where necessary, our other service providers that we use to fulfil our services to you may use their own data processing. When doing so, they comply with the UK GDPR, making sure appropriate safeguards are in place. For further information or to obtain a copy of the appropriate safeguard for any of the transfers below, please contact us using the contact information provided above.
Organisation name: NameCheap
Category of recipient: Domain registrar
Country the personal information is sent to: USA
How the transfer complies with UK data protection law: Addendum to the EU Standard Contractual Clauses (SCCs)
Organisation name: Stripe
Category of recipient: Fintech
Country the personal information is sent to: USA
How the transfer complies with UK data protection law: The International Data Transfer Agreement (IDTA)
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data.
They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.
For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.
In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
We may include links to third-party websites, addons and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you.
We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see Cookie Policy.