What We Collect
We collect information about you when you make contact with us through our site. We also collect information when you complete forms, surveys, provide feedback, email us, or supply us with information by other means during the course of our communications. Website usage information is collected using cookies. See dedicated section below for a full list of the cookies collected through our website.
We may process certain types of personal data about you as follows:
Identity Data may include your first name, last name, title, date of birth and gender.
Contact Data may include your billing address, delivery address, email address and telephone numbers.
Financial Data may include your payment card details and bank account details (required only in exceptional cases to process refunds).
Transaction Data may include details about payments to and from you and other details of services you have purchased from us.
Usage Data may include information about how you use our website, products and services.
Marketing and Communications Data may include your preferences in receiving marketing from us and our third parties and your communication preferences.
Sensitive Personal Data: For some of our Events (including courses, workshop, and retreats) or private sessions we may require Participants to complete a personal history questionnaire, which will ask questions that might reveal Sensitive Data. In particular, we explicitly request information pertaining to a participant’s mental and physical health. The questionnaire also includes other non-specific questions where a participant’s answer might reveal other categories of Sensitive Data (these are defined as an individual’s race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions). This data is shared with us and processed on the condition that you have given us your explicit consent to process this personal data for the purposes of fulfilling our contract with you and for our legitimate business purposes. This information is particularly relevant for us and our teachers in being able to prepare for and lead group sessions effectively. We take extra measures to protect highly sensitive data and treat it with the strictest confidentiality, to which all of our staff and teachers are bound.
Where we are required to collect personal data by law, or under the terms of the contract between us and you, if you do not provide us with that data when requested, we may not be able to perform the contract (for example, to provide services to you). If you don’t provide us with the requested data, we may have to cancel a service you have requested but if we do, we will notify you at the time.
How We Collect Personal Information
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms on our website or by corresponding with us through Livechat, post, phone, email or otherwise. This includes personal data you provide when you:
place an order for our products or services;
complete our participant questionnaire;
subscribe to our newsletter, service or publications;
request resources or marketing be sent to you;
enter a competition, prize draw, promotion or survey; or
give us feedback.
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:
Technical Data from the following parties:
analytics providers such as Google Analytics based outside the EU;
advertising networks such as LinkedIn, Facebook, and Twitter based inside and outside the EU;
search information providers such as Google, Bing, and Yahoo based inside and outside the EU; and
Identity and Contact Data from publicly available sources.
How We Use Personal Information
We use legitimate interests as the lawful basis for holding and using your personal information in this way when you visit our website.
We may use Google Analytics so that we can continually improve our service to you. We use Wix as the content management system for our website.
To communicate with you as a prospect customer and to register you as a customer.
Legitimate interests and performance of a contract with you.
To process your order or request and to deliver products/services to you including:
Manage payments, fees and charges and sending necessary communication before, during, and after the Services are delivered.
(d) Marketing and Communications
(e) Financial Data and Transaction Data
Performance of a contract with you and necessary for our legitimate interests (to recover debts due to us)
To conduct necessary participant screening for private and group courses/sessions.
(d) Sensitive personal history information
Performance of a contract with you, Necessary for our legitimate interests (to protect the interests of each individual and the rest of the group by ensuring everyone is fit to participate in the programme for which they registered).
To run classes, talks, events or 1:1 sessions which you have purchased or registered for. This may include sharing your data with third parties who are hosting or delivering the service.
(c) In some cases, sensitive personal history information
Necessary to fulfill a contract and for our legitimate interests as a business to be able to contact you regarding this service and track attendance.
(d) Marketing and Communications
(e) Financial Data and Transaction Data
Performance of a contract with you, Necessary to comply with a legal obligation and Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) and Necessary to comply with a legal obligation
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
Necessary for our legitimate interests to define types of customers for our products and services, to keep our site updated and relevant, to develop our business and to inform our marketing strategy
To deliver relevant website content and programme announcements to you and measure or understand the effectiveness of the notices we serve to you
(e) Marketing and Communications
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods, services, positions, events and other news that may be of interest to you
Necessary for our legitimate interests (to develop and promote our products/services, business operations and positions and grow our business)
We will never email you with marketing unless we have your express consent, and you can opt out of this any time you wish. We will not share your personal data with any third party for marketing purposes, unless we have your express opt-in consent before doing so.
You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any
marketing message sent to you or by emailing us at at any time.
Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
Disclosures of Your Personal Information
We may share Personal Information in the following ways:
Current and future companies under the same management or ownership as Mindful Forces, for the purposes described in this Notice.
Teacher, course leaders, or other third-party facilitator involved delivering a contracted Service.
Authorised service providers who perform services for us (including cloud storage services, website server provider, customer relationship management software, payment processing, customer support, analytics service providers, and accounting services). These service providers comply with privacy and security standards at least as stringent as the terms of this Privacy Notice.
If we believe disclosure is necessary and appropriate to prevent physical, financial, or other harm, injury, or loss.
To legal, governmental, or judicial authorities, as instructed or required by those authorities or applicable laws.
With others only after obtaining your consent. If we want to share Personal Information other than as permitted or described above, we will provide you with a choice to opt into such sharing, and you may choose to instruct us not to share the information.
Some of the external sub-processors outline above may be located outside the European Economic Area (EEA), so their processing of information on our behalf will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure that a similar degree of protection is afforded to it and made in line with data protection laws. Unless there is another legitimate basis, our international transfers of personal data are based on the EU Commission’s standard contractual clauses or where applicable US Privacy Shield or corresponding certification procedures ensuring the adequate level of protection.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
However, please note that booking an event held outside the European Union, or purchasing goods to be sent to an address outside of the European Union, may require us to transfer your data to third parties outside the European Union, for example to the event venue, for the purpose of fulfilling our obligations under the contract, and you consent to this where purchasing goods or services in the above circumstances.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us.
In some circumstances you can ask us to delete your data: see below for further information.
Your Legal Rights
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:
Request access to your personal data.
Request correction of your personal data.
Request erasure of your personal data.
Object to processing of your personal data.
Request restriction of processing your personal data.
Request transfer of your personal data.
Right to withdraw consent.
You can see more about these rights at:
If you wish to exercise any of the rights set out above, please email us at email@example.com.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
What Cookies Do
We use different types of cookies to enhance and improve your experience, including through the following:
When you are signed in to your account, cookies help us display the correct information and personalize your experience, by providing you with features, insights, and customized content. They can also help you fill out forms more easily, e.g., RFI forms. Loss of the information stored in a preference cookie may make the Site experience less functional, but should not prevent it from working.
We collect information about how our Users and Members use and interact with the Site. This may include the pages Members visit most often and when and where Members get error messages. We use these “session state cookies” to help us improve our Site and Services. Blocking or deleting these cookies will not prevent the Site from working.
Third-party Cookies We Use
Some people find the idea of a website storing information on their computer or mobile device to be intrusive, particularly when this information is stored and used by a third party without them knowing. Although cookies are generally quite harmless, you may not, for example, want to see advertising that has been targeted to your interests using your browser history. If you prefer, you may choose to block some or all cookies, or even to delete cookies that have already been set; but you should be aware that you might lose some functions of the website.
If you want to restrict or block the cookies that are set by our Site, or any other site, you can do so through your browser setting. The ‘Help’ function in your browser should explain how. Alternatively, you can visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of browsers. You will find general information about cookies and details on how to delete cookies from your machine. To opt-out of third-parties collecting any data regarding your interaction on our Site, please refer to their websites for further information.