PRIVACY POLICY

Step Into Tranquility

Last updated: 26-10-2024

  1. INTRODUCTION

Step Into Tranquility ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, participate in our retreats, or engage with our online community.

  1. INFORMATION WE COLLECT

We collect the following types of information:

  • Personal Information: Name, email address, date of birth, phone number, flight information, medical information, dietary preferences, allergies, and emergency contact details.

  • Usage Information: Information about your interactions with our website and online community, including IP address, browser type, and pages visited.

  • Payment Information: We collect payment details necessary for processing retreat bookings and payments.

  1. HOW WE USE YOUR INFORMATION

We use your information for the following purposes:

  • Processing retreat bookings and payments

  • Communicating about retreats (pre-arrival, during stay, post-retreat)

  • Personalizing retreat experiences

  • Sending newsletters and marketing communications (if opted in)

  • Managing our online community

  • Improving our services and user experience

  • Legal compliance and safety purposes

  1. DATA RETENTION

We retain your personal information for 365 days after your last interaction with our services, unless a longer retention period is required by law (e.g., for financial and tax-related records). You may request early deletion of your data by contacting us at legal@stepintotranquility.com. We will process your request within 30 days, subject to any legal obligations to retain certain data.

  1. COOKIES AND TRACKING TECHNOLOGIES

We use industry-standard analytics and marketing tools to improve our services and user experience. Our website uses a detailed cookie consent banner that allows you to accept or reject specific categories of cookies. This banner provides clear explanations of each cookie type and its implications for user privacy. For more information about our cookie practices, please review our comprehensive cookie policy on our website.

  1. THIRD-PARTY SERVICES

We use third-party service providers to facilitate our services, including payment processing, booking systems, and online community software. These providers may have access to your personal information only to perform these tasks on our behalf. We require explicit confirmation from all third-party service providers that they fully comply with GDPR regulations and other applicable data protection laws. We regularly audit their compliance to ensure the ongoing protection of your data.

  1. INTERNATIONAL DATA TRANSFERS

Some of our third-party service providers may process or store your data outside the European Union, specifically in the United States. We ensure that all international data transfers are conducted in compliance with GDPR requirements, using appropriate safeguards such as Standard Contractual Clauses. We regularly review and update these safeguards to maintain the highest level of data protection.

  1. YOUR RIGHTS

Under GDPR, you have the following rights:

  • Right to access your personal data

  • Right to rectification of inaccurate personal data

  • Right to erasure of your personal data

  • Right to restrict processing of your personal data

  • Right to data portability

  • Right to object to processing of your personal data

  • Right to withdraw consent at any time

To exercise these rights or withdraw your consent for data processing, please contact us at legal@stepintotranquility.com. We aim to respond to all legitimate requests within 24 hours during workdays.

  1. DATA SECURITY

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. For sensitive data, such as medical information, we use industry-standard encryption protocols and secure storage systems that comply with GDPR requirements for special category data.

  1. AGE RESTRICTION

Our services are intended for users who are 18 years of age or older. We do not knowingly collect personal information from individuals under 18 years of age.

  1. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. We will notify registered users of any significant changes via email. The latest version will always be available on our website.

  1. DATA BREACH NOTIFICATION

In the event of a data breach that poses a serious threat to your rights and freedoms, we will notify you and the relevant supervisory authority immediately, and no later than 24 hours after becoming aware of the breach. We maintain a robust incident response plan to ensure swift action in such situations.

  1. HEARTBEAT APP

Our online community is powered by the Heartbeat app. Key points from the Heartbeat app's privacy policy relevant to our users include:

  • Types of data collected (e.g., profile information, communication content)

  • Data usage for community management and service improvement

  • Third-party data sharing practices

  • User controls and privacy settings within the app

For full details, we encourage users to review the complete Heartbeat app privacy policy on their website.

  1. MARKETING COMMUNICATIONS

We may send marketing communications to users who have opted in to receive them. You can opt out of marketing communications at any time by:

  • Clicking the "Unsubscribe" link in any marketing email

  • Adjusting your communication preferences in your account settings

  • Contacting us at legal@stepintotranquility.com

We process opt-out requests promptly, typically within 48 hours.

  1. CONTACT US

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: legal@stepintotranquility.com

Step Into Tranquility
Xaló Valley
Marina Alta, Spain