Privacy Policy

Privacy Policy for Holystic Cascade

Effective Date: August 25, 2024

1. Introduction

Holystic Cascade (“we”, “our”, “us”) operates the website holysticascade.com (the “Website”). We are committed to protecting and respecting your privacy in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”). This Privacy Policy outlines the types of personal data we collect, how we process and safeguard it, and your rights regarding your personal data.

2. Data Controller

Holystic Cascade is the data controller responsible for your personal data. Our contact details are:

Business Name: Holystic Cascade
Address: Schererstrasse 1a, 13347 Berlin
Email: holysticascade@gmail.com

3. Data Collection

We may collect and process the following categories of personal data:

3.1 Personal Identification Information

  • Name
  • Email address
  • Phone number
  • Postal address

3.2 Payment Information

  • Credit/debit card details
  • Billing address
  • Transaction history

3.3 Health Information

  • Details relevant to providing massage and physical treatment services (e.g., medical history, current health status, and any relevant conditions).

3.4 Usage Data

  • IP address
  • Browser type and version
  • Time zone setting
  • Browser plug-in types and versions
  • Operating system and platform
  • Information about your visit, including the URL clickstream to, through, and from our Website, products/services viewed or searched for, page response times, download errors, length of visits to certain pages, and page interaction information

3.5 Cookies and Similar Technologies

  • Cookies: Small data files stored on your device to enhance your browsing experience, track website usage, and remember your preferences.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds as required by the GDPR:

4.1 Contractual Necessity

  • To perform our contract with you: For example, to process your bookings, payments, and provide you with our massage and physical therapy services.

4.2 Consent

  • When you have given explicit consent: For example, when you subscribe to our newsletter or agree to receive marketing communications.

4.3 Legitimate Interests

  • For our legitimate business interests: For instance, to improve our services, manage and protect our Website, analyze data, and undertake marketing activities. We ensure that your rights and interests are fully considered and protected.

4.4 Legal Obligations

  • To comply with legal and regulatory obligations: Such as tax, accounting, and regulatory reporting requirements.

5. How We Use Your Data

Your personal data is used for the following purposes:

5.1 Service Provision

  • To process bookings and payments
  • To deliver massage and physical therapy services
  • To communicate with you about your appointments, cancellations, or any issues related to the services provided

5.2 Communication

  • To respond to your inquiries
  • To send you updates, newsletters, or promotional materials (with your consent)

5.3 Website and Service Improvement

  • To administer and improve our Website: Including troubleshooting, data analysis, testing, research, and statistical purposes.
  • To ensure that content from our Website is presented in the most effective manner for you and your device

5.4 Legal Compliance and Security

  • To comply with legal obligations: Such as maintaining proper business records.
  • To protect our business, our customers, and our Website: For example, fraud prevention and detection, and ensuring network and information security.

6. Data Sharing and Disclosure

We do not sell your personal data. However, we may share your data in the following circumstances:

6.1 Service Providers

  • Third-party vendors: Who provide services such as payment processing, website hosting, data analysis, IT services, and customer support. These vendors have access to your personal data only to perform their services on our behalf and are obligated not to disclose or use it for any other purpose.

6.2 Legal Requirements

  • Compliance with Laws and Legal Processes: We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

6.3 Business Transfers

  • In the event of a business transfer: Such as a merger, acquisition, or sale of assets, your personal data may be transferred as part of the transaction. We will notify you if your personal data becomes subject to a different privacy policy.

7. Data Security

We take appropriate technical and organizational measures to secure your personal data and protect it from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: We use SSL/TLS encryption to protect data transmitted to and from our Website.
  • Access Controls: We limit access to your personal data to authorized employees, contractors, and service providers who need it to perform their job duties.
  • Regular Audits: We regularly review our data collection, storage, and processing practices to ensure they comply with this policy and applicable laws.

However, please note that no method of transmission over the internet or method of electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

8. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected or as required by law. Specifically:

  • Service Data: Retained for as long as you remain a client.
  • Payment Data: Retained for 7 years for compliance with tax and accounting obligations.
  • Health Information: Retained for the duration of your treatment and for up to 5 years after your last session.
  • Marketing Data: Retained until you withdraw your consent or unsubscribe from our communications.

9. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

9.1 Right to Access

  • You have the right to request access to the personal data we hold about you: We will provide you with a copy of your data and information about how it is processed.

9.2 Right to Rectification

  • You have the right to request correction of inaccurate or incomplete data: We will rectify any inaccurate or incomplete personal data without undue delay.

9.3 Right to Erasure

  • You have the right to request the deletion of your personal data: This is also known as the “right to be forgotten”. We will delete your data if it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent and there is no other legal ground for processing.

9.4 Right to Restriction of Processing

  • You have the right to request that we restrict the processing of your personal data: Under certain circumstances, such as when you contest the accuracy of the data or object to our processing of it.

9.5 Right to Data Portability

  • You have the right to receive your personal data in a structured, commonly used, and machine-readable format: You also have the right to request that we transmit your data to another controller, where technically feasible.

9.6 Right to Object

  • You have the right to object to the processing of your personal data: Where the processing is based on our legitimate interests or for direct marketing purposes.

9.7 Right to Withdraw Consent

  • You have the right to withdraw your consent at any time: Where processing is based on consent. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact us at holysticascade@gmail.com. We will respond to your request within one month, as required by law.

10. Cookies and Similar Technologies

We use cookies and similar technologies to enhance your browsing experience on our Website. Cookies are small data files stored on your device that allow us to remember your preferences, track your activities on our Website, and analyze Website traffic.

10.1 Types of Cookies We Use:

  • Essential Cookies: Necessary for the functioning of our Website.
  • Analytical/Performance Cookies: Allow us to recognize and count the number of visitors and see how visitors move around our Website.
  • Functionality Cookies: Used to recognize you when you return to our Website and to personalize content for you.
  • Targeting Cookies: Record your visit to our Website, the pages you have visited, and the links you have followed. We use this information to make our Website and the advertising displayed on it more relevant to your interests.

10.2 Managing Cookies:

You can manage your cookie preferences through your browser settings. Please note that disabling cookies may affect the functionality of our Website.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other factors. Any changes will be posted on this page, and where appropriate, we will notify you by email or through a notice on our Website. The updated policy will be effective as of the date of posting.

12. Contact Us

If you have any questions or concerns about this Privacy Policy, your rights regarding your personal data, or our data practices, please contact us at:

Email: holysticascade@gmail.com
Address: Schererstrasse 1a, 13347 Berlin

By using our Website and services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

This Privacy Policy is intended to provide transparency about how Holystic Cascade collects, uses, and protects your personal data in compliance with GDPR.