Privacy Policy (GDPR-Compliant)

Effective Date: [Insert Date]
Website: [https://www.youryogasite.com]
Owner / Data Controller: [Your Name or Business Name]
Contact Email: [Insert Email Address]
Registered Address: [Insert Business or Studio Address]

1. Introduction

We are committed to protecting your personal data and complying with the General Data Protection Regulation (EU) 2016/679 ("GDPR"). This Privacy Policy explains how we collect, use, and protect your information when you visit our website or use our services.

2. Data Controller

The data controller responsible for your personal data is:

[Your Name / Company Name]
[Address]
[Email]
[Phone (optional)]

If you have any questions about this Privacy Policy or how your data is handled, please contact us at the above address.

3. What Personal Data We Collect

We collect and process the following personal data when you use our services or website:

  • Name and surname

  • Email address

  • Phone number (if provided)

  • Payment and billing information (for bookings or class purchases)

  • IP address

  • Browser and device information

  • Any other information you provide voluntarily (e.g., through forms or email)

4. Legal Basis for Processing

Under the GDPR, we rely on the following legal bases to process your data:

  • Consent – when you voluntarily sign up for newsletters or contact us.

  • Contract – when you book classes or make a purchase.

  • Legal obligation – when we are required to retain data for tax or legal reasons.

  • Legitimate interest – to improve our services, website, and user experience.

5. How We Use Your Data

We use your personal data to:

  • Provide and manage yoga services (online or in-person)

  • Process bookings and payments

  • Send email communications you have opted in to

  • Respond to inquiries

  • Improve the functionality and performance of our website

  • Comply with legal and regulatory obligations

6. Data Sharing

We do not sell or rent your personal data. However, we may share your data with:

  • Service providers (e.g., payment processors, email platforms, hosting providers)

  • Legal authorities, if required by law

  • Professional advisors (e.g., accountants or legal counsel)

All third-party processors are GDPR-compliant and bound by confidentiality agreements.

7. Data Transfers Outside the EU

If we transfer your data to countries outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs)

  • Data Processing Agreements (DPAs)

  • Transfers to countries with an adequacy decision by the European Commission

8. Data Retention

We retain your personal data only for as long as necessary for the purposes for which it was collected or as required by applicable laws (e.g., tax retention periods).

9. Your Rights Under the GDPR

You have the right to:

  • Access your personal data

  • Rectify inaccurate or incomplete data

  • Erase your data (“right to be forgotten”)

  • Restrict or object to processing

  • Withdraw your consent at any time

  • Data portability (receive your data in a machine-readable format)

  • Lodge a complaint with a supervisory authority

To exercise any of these rights, please contact us at: [Insert Contact Email]

10. Cookies

Our website uses cookies and similar technologies to improve functionality and user experience.

  • Necessary cookies: required for the website to function

  • Analytics cookies: help us understand website usage (e.g., Google Analytics)

  • Marketing cookies (if applicable): used for promotional tracking

Cookie Consent: You will be asked to consent to non-essential cookies upon your first visit. You may manage your cookie preferences at any time.

11. Security

We implement technical and organizational security measures to protect your data from unauthorized access, disclosure, or misuse. While we do our best to protect your data, no system is 100% secure.

12. Third-Party Links

Our website may contain links to other websites. We are not responsible for the privacy practices or content of these third-party sites.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website with the updated effective date.

14. Contact

For any questions about this Privacy Policy or how we handle your data, please contact:

[Your Name / Yoga Business Name]
📧 Email: [Insert Email Address]
📍 Address: [Insert Business Address]