We take the protection of the data of users of our website and/or mobile app very seriously and are committed to safeguarding the information that users provide to us in connection with the use of our website and/or mobile app (together: "digital assets"). Furthermore, we are committed to protecting and using your data in accordance with applicable law.

This privacy policy explains our practices regarding the collection, use, and disclosure of your data through the use of our digital assets (the "services") when you access the services through your devices.

Please read the privacy policy carefully and make sure you fully understand our practices regarding your data before using our services. If you have read, fully understood, and do not agree with our practices, you must discontinue the use of our digital assets and services. By using our services, you acknowledge the terms of this privacy policy. Continued use of the services constitutes your consent to this privacy policy and any changes thereto.

In this privacy policy, you will learn:

• How we collect data

• What data we collect

• Why we collect this data

• To whom we disclose the data

• Where the data is stored

• How long the data is retained

• How we protect the data

• How we handle minors

• Updates or changes to the privacy policy.

What data do we collect?

Category: Always

Below is an overview of the data we may collect:

• Unidentified and unidentifiable information that you provide during the registration process or that is collected through the use of our services (“non-personal data”). Non-personal data does not allow for conclusions about who it was collected from. The non-personal data we collect consists mainly of technical and aggregated usage information.

• Individually identifiable information, i.e., all information that can identify you or could reasonably be used to identify you (“personal data”). Personal data we collect through our services may include information that is requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses, and more. If we combine personal data with non-personal data, as long as they are in combination, we treat them as personal data.

How do we collect data?

Below are the main methods we use to collect data:

• We collect data when you use our services. When you visit our digital assets and use the services, we may collect, gather, and store usage, session, and related information.

• We collect data you provide to us directly, for example, when you contact us via a communication channel (e.g., an email with a comment or feedback).

• As described below, we may collect data from third-party sources.

• We collect data that you provide to us when you register for our services via a third-party provider such as Facebook or Google.

Why do we collect this data?

We may use your data for the following purposes:

• To provide and operate our services;

• To develop, customize, and improve our services;

• To respond to your feedback, requests, and inquiries and to provide support;

• To analyze usage patterns and demands;

• For other internal, statistical, and research purposes;

• To enhance our data security and fraud prevention capabilities;

• To investigate breaches and enforce our policies and terms, as well as to comply with applicable law, regulations, or governmental orders;

• To send you updates, news, promotional materials, and other information related to our services. You may opt-out of receiving promotional emails at any time by clicking the unsubscribe link in these emails.

To whom do we disclose this data?

We may share your data with our service providers in order to operate our services (e.g., storing data through third-party hosting services, providing technical support, etc.).

We may also disclose your data in the following circumstances: (i) to investigate, detect, prevent, or address illegal activities or misconduct; (ii) to assert or defend our rights; (iii) to protect our rights, property, or personal safety, as well as the safety of our users or the public; (iv) in the event of a change of control of our company or any of our affiliated companies (through a merger, acquisition, or purchase of substantially all assets, etc.); (v) to collect, retain, and/or manage your data through authorized third parties (e.g., cloud service providers) as appropriate for business purposes; (vi) to work with third parties to improve your user experience. To avoid any misunderstandings, we would like to clarify that we may transfer or share non-personal data at our own discretion.

We will not share your email address or other personal data with advertisers or advertising networks without your consent.

Where do we store the data?

Non-personal data

Please note that our companies and our trusted partners and service providers are located worldwide. For the purposes explained in this privacy policy, we store and process all non-personal data we collect in various jurisdictions.

Personal data

Personal data may be maintained, processed, and stored in the United States, Ireland, South Korea, Taiwan, Israel, and other jurisdictions as required for the proper provision of our services and/or as required by law (as further explained below).

How long do we retain the data?

Please note that we will retain the collected data for as long as necessary to provide our services, comply with our legal and contractual obligations, resolve disputes, and enforce our agreements.

We may correct, supplement, or delete inaccurate or incomplete data at any time at our own discretion.

How do we protect the data?

The hosting service for our digital assets provides us with the online platform that allows us to offer you our services. Your data may be stored through the data storage, databases, and general applications of our hosting provider. It stores your data on secure servers behind a firewall and provides secure HTTPS access to most areas of its services.

All payment options offered by us and our hosting provider for our digital assets comply with the PCI-DSS (Payment Card Industry Data Security Standard) as managed by the PCI Security Standards Council, a collaboration of brands like Visa, MasterCard, American Express, and Discover. PCI-DSS requirements help ensure the secure handling of credit card information (including physical, electronic, and procedural measures) by our store and its service providers.

Notwithstanding the measures and efforts we and our hosting provider take, we cannot and do not guarantee absolute protection and security of the data you upload, publish, or otherwise share with us or others.

Therefore, we encourage you to set strong passwords and avoid sharing any sensitive information with us or others that, in your opinion, could cause substantial or lasting harm if disclosed. Since email and instant messaging are not recognized as secure communication forms, we ask that you do not share confidential information through these communication channels.

How do we handle minors?

The services are not intended for users who have not reached the legal age of majority. We will not knowingly collect data from children. If you are not of legal age, you should not download or use the services, nor provide us with any information.

We reserve the right to request proof of age at any time so that we can verify whether minors are using our services. If we become aware that a minor is using our services, we may prohibit and block such users from accessing our services and delete all data held about them. If you believe that a minor has provided us with data, please contact us as explained below.

We only use your personal data for the purposes outlined in this privacy policy and only when we believe that:

• The use of your personal data is necessary to perform or conclude a contract (e.g., to provide you with the services or customer support or technical assistance);

• The use of your personal data is necessary to comply with relevant legal or regulatory obligations, or

• The use of your personal data is necessary to support our legitimate business interests (provided that this is always done in a manner that is proportionate and respects your privacy rights).

As an EU resident, you may:

• Request confirmation as to whether personal data concerning you is being processed and request access to your stored personal data as well as certain supplementary information;

• Request receipt of personal data that you have provided to us in a structured, commonly used, and machine-readable format;

• Request the correction of your personal data stored by us;

• Request the deletion of your personal data;

• Object to the processing of your personal data by us;

• Request the restriction of the processing of your personal data, or

• File a complaint with a supervisory authority.

Please note, however, that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and how we use it, please contact us as outlined below.

In the course of providing the services, we may transfer data across borders to affiliated entities or other third parties from your country/jurisdiction to other countries/jurisdictions worldwide. By using the services, you consent to your data being transferred outside of the EEA.

If you are a resident of the EEA, your personal data will only be transferred to locations outside of the EEA when we are satisfied that adequate or comparable levels of data protection are in place. We will take appropriate steps to ensure that we have adequate contractual agreements with our third parties to ensure that appropriate safeguards are in place to minimize the risk of unlawful use, alteration, deletion, loss, or theft of your personal data and that these third parties always act in accordance with applicable laws.

Rights under the California Consumer Privacy Act

If you are using the services as a California resident, you may be entitled under the California Consumer Privacy Act (CCPA) to request access to and deletion of your data.

To assert your right to access and delete your data, please see below for how to contact us.

Category: The website does not sell user data

We do not sell the personal data of users for the purposes and intents of the CCPA.

Category: Websites with a blog or forum

Users of the services who reside in California and are under 18 years old may request the removal of their posted content by emailing us at the address provided below in the "Contact" section. These requests must be labeled “California Removal Request.” All requests must include a description of the content you wish to be removed and sufficient information for us to locate the material. We do not accept notices that are not properly labeled or submitted, and we may not be able to respond if you do not provide sufficient information. Please note that your request does not ensure complete or comprehensive removal of the material. For example, material you have posted may be republished or reposted by other users or third parties.

Updates or changes to the privacy policy

Category: Always

We may revise this privacy policy at our sole discretion from time to time, and the most current version will always be posted on the website (see the “Effective date” statement). We encourage you to review this privacy policy regularly for any changes. In the event of material changes, we will post a notice on our website. Your continued use of the services after notice of any changes constitutes your acknowledgment and agreement to such changes and your consent to be bound by the terms of such changes.

Contact:

If you have general questions about the services or the data we collect about you and how we use it, please contact us at:

Name: Mantra-Wellness
Address: Hinter den Höfen 1
Email: info@mantra-wellness.com

DISCLAIMER

The information contained herein does not constitute legal advice, and you should not rely solely on it. Specific legal requirements may vary from state to state and/or jurisdiction to jurisdiction. As set out in our Terms of Service, you are responsible for ensuring that your use of the services complies with the applicable laws and you adhere to them.

To ensure that you fully meet your legal obligations, we strongly recommend that you seek professional legal advice to better understand the specific requirements that apply to you.

For more info regarding privacy, visit the contact page! 

For more info on regulatory compiance visit our Imprint page.