Privacy Policy

This privacy policy (“Privacy Policy”) applies to personal data that we collect from you as a customer (“you” or “your”). It provides information on what data we collect, why we collect the data, how it is used and the lawful basis on which your personal data is processed, and what your rights are under the applicable data protection and privacy laws, including the General Data Protection Regulation (“GDPR”)

Who we are

We are:

Reiki Blossom

Im Atzelnest 8

61352 Bad Homburg

Germany

We are the data controller responsible for your personal data. Our website address is: http://reiki-blossom.com.

 

What personal data we collect and why we collect it

We collect the following information from you:

  • Personal information: This includes your name, address, e-mail address; phone number; gender and date of birth; country, as well as the names, dates of birth, gender and other details about participants in a Reiki session, together with and other information that you elect to provide to us.
  • Payment Information: Information about your bank account information provided by you to our payment service providers, that we require for the purpose of processing payment for our goods and services.
  • Other Information: Personal details you choose to give when corresponding with us by phone or e-mail.

 

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

 

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

 

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

 

How we use your personal information

We use your personal information in the following ways:

  • To provide you with our services and to create and deliver the products you have requested,  and contact you regarding your use of the services. Such use is necessary to respond to or implement your request and for the performance of the contract between you and us.
  • As necessary for certain legitimate business interests, which include the following:
    • where we are asked to deal with any enquiries or complaints you make;
    • to provide postal or electronic communications which we think will be of interest to you;
    • if you ask us to delete your data or to be removed from our marketing lists and we are required to fulfil your request, to keep basic data to identify you and prevent further unwanted processing; and
    • to (a) comply with legal obligations, (b) respond to requests from competent authorities; (b) protect our operations; (c) protect our rights, safety or property, and/or that of our affiliated businesses, you or others; and (d) enforce or defend legal rights, or prevent damage.
  • With your consent, we may use your testimonial to promote and advertise our business, including (a) in our printed publications, presentations, promotional materials (including leaflets, brochures and business cards); (b) on our website and other digital advertising of our services; and (c) in social media forums such as Instagram, Twitter and Facebook.
  • We may provide you with information about goods or services, events and other promotions we feel may interest you. We will contact you by email only with your consent, if this was given at the time you provided us with the personal data.
  • We may use your personal data for other purposes, which you have consented to at the time of providing your data.

As used in this Privacy Policy, “legitimate interests” means our interests in conducting and managing our business. When we process your personal data for our legitimate interests, we make sure to consider and balance any potential impact on you, and your rights under data protection laws. Our legitimate interests do not automatically override your interests. We will not use your personal data for activities where our interests are overridden by the impact on you, unless we have your consent or those activities are otherwise required or permitted to by law. You have the right to object at any time to processing of your personal data that is based on our legitimate interests, on grounds relating to your particular situation (for more information on your rights, please see “Your Data Protection Rights” section below).

 

Disclosure of your information

We share your personal data with third parties in the following situations:

  • Service Providers: we sometimes engage selected third parties who act on our behalf to support our operations, such as (i) card processing or payment services (see the section below headed “Payment Information”), and (ii) IT suppliers and contractors (e.g. data hosting providers or delivery partners) as necessary to provide IT support and enable us to provide our goods/services.
  • Administrative and Legal Reasons: if we need to disclose your personal data (i) to comply with a legal obligation and/or judicial or regulatory proceedings, a court order or other legal process. (ii) to enforce our Terms & Conditions or other applicable contract terms that you are subject to; (iii) to protect us, our members or contractors against loss or damage. This may include (without limit) exchanging information with the police, courts or law enforcement organisations.

 

Payment information

Any payments you make will be processed by our third party payment providers and the payment data you submit will be securely stored and encrypted by our payment service providers using up to date industry standards. Please note that we do not ourselves directly process or store the debit/credit card data that you submit.

 

Data transfers

Your personal data will be transferred to and stored in countries other than the country in which the information was originally collected, including the United States and other destinations outside the European Economic Area (“EEA”) to our service providers for the purposes described above.

Please note that the countries concerned may not provide the same legal standards for protection of your personal data that you have in the United Kingdom or the European Economic Area (EEA). Where we transfer your personal data to countries outside of the EEA we will take all steps to ensure that your personal data continue to be protected. We will implement appropriate safeguards for the transfer of personal data to our service providers in accordance with the applicable law, such as relying on our service providers’ Privacy Shield certification or implementing standard contractual clauses for data transfers. If you would like to receive more information on the safeguards that we implement, including copies of relevant data transfer contracts, please contact us as indicated below.

 

Data retention

We will keep your personal data only for as long as is reasonably necessary for the purposes outlined in this Privacy Policy, or for the duration required by any legal, regulatory, accounting or reporting requirements, whichever is the longer. When you consent to receive marketing communications, we will keep your data until you unsubscribe. Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.

 

Your data protection rights

Certain applicable data protection laws give you specific rights in relation to your personal data. In particular, if the processing of your personal data is subject to the GDPR, you have the following rights in relation to your personal data:

  • Right of access: If you ask us, we will confirm whether we are processing your personal data and, if so, provide you with a copy of that personal data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
  • Right to rectification: If your personal data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your personal data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your personal data so you can contact them directly.
  • Right to erasure: You may ask us to delete or remove your personal data, such as where our legal basis for the processing is your consent and you withdraw consent. If we shared your data with others, we will tell them about the erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your personal data with so you can contact them directly. We may continue processing personal data where this is necessary for a legitimate interest in doing so, as described in this Privacy Policy. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
  • Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your personal data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it. We will tell you before we lift any restriction on processing. If we shared your personal data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your personal data so you can contact them directly.
  • Right to object: You may ask us at any time to stop processing your personal data, and we will do so:
    • If we are relying on a legitimate interest to process your personal data — unless we demonstrate compelling legitimate grounds for the processing or
    • If we are processing your personal data for direct marketing.
  • Right to withdraw consent: If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing of your data before we received notice that you wished to withdraw your consent.
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your personal data, you can report it to the UK data protection authority (the Information Commissioner’s Office or ICO), or, as the case may be, any other competent data protection authority of an EU member state that is authorised to hear those concerns (you may find EU Data Protection Authorities’ contact information here).

If you wish to exercise any of these rights please contact us as described on our “Contact” page, or using the details below. We may also need to ask you for further information to verify your identity before we can respond to any request.

 

CONTACT US

Questions, comments or requests regarding this Privacy Policy should be addressed to Reiki Blossom, Im Atzelnest 8, 61352 Bad Homburg, Germany. Alternatively, email hello@reiki-blossom.com.