Privacy Policy

At Zestful Zen, we are committed to the protection of personal information provided to us. This privacy notice tells you what to expect us to do with your personal information.

1. Who we are

Zestful Zen is a sole-trader business, founded by Holly Bailie, which offers coaching and mindfulness services and products. Zestful Zen are the data controllers and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).

2. Contact details

Email: [email protected]

It is important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at the address above.

3. What information we collect, use, and why

Zestful Zen may collect, use, and is responsible for certain personal information that you provide when you voluntarily sign up for e-mails or free gifts through our website, register for a class or presentation, leave comments, order a service or product, fill out any type of form, access private membership pages, or otherwise contact Zestful Zen.

We may collect or use the following information to provide services and goods, including delivery:

o Names and contact details

o Addresses

o Purchase or account history

o Payment details (including card or bank information for transfers and direct debits)

o Website user information (including user journeys and cookie tracking)

o Photographs or video recordings (for example, Zoom workshops may be recorded or screenshots taken)

o Call recordings (for example, if a coaching call is being recorded with permission)

o Records of meetings and decisions (for example, notes from a coaching session, or agreed action points)

o Information relating to compliments (e.g. feedback, customer testimonials) or complaints

We may collect or use the following information for service updates or marketing purposes:

o Names and contact details

o Marketing preferences

o Purchase or viewing history

o IP addresses

o Website and app user journey information

o Photographs or video recordings (for example, Zoom workshops may be recorded or screenshots taken)

o Information relating to compliments (e.g. feedback, customer testimonials)

o Records of consent, where appropriate

4. Lawful bases

We use personal data only when we have a valid reason and the legal grounds to do so. We determine the legal grounds based on the purposes for which we have collected your personal data.

Our lawful bases for collecting or using personal information to provide services and goods are:

Consent: Sometimes we will use your personal data because we have asked for your consent, which you can withdraw at any time. For example, to place non-essential cookies, or other similar technologies.

Contract: Performance of a contract with you (or in order to take steps prior to entering into a contract with you): We will use your personal data if we need to in order to perform a contract with you. For example, where you have purchased a subscription from us, or a digital product, we will need to use your contact details and payment data in order to process your order and deliver your purchase.

Compliance with law: In some cases, we may have a legal obligation to use or keep your personal data, for example to retain records of transactions as required by financial regulations.

Legitimate interest: We may process your personal data where it is necessary for our legitimate interests in a way that might be expected as part of running Zestful Zen and in a way which does not materially impact your rights and freedoms. For example:

o Communication Data that includes any communication that you send to us (for example, through the contact form on our website, social media messages or posts, email, text, or any other communication you send us). We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.

o User Data that includes data about how you use our website and any online services together with any data that you post for publication on our website or through other online services. We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain back-ups of our website and/or databases and to enable publication and administration of our website, other online services and business. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business.

Our lawful bases for collecting or using personal information for service updates or marketing purposes are:

Consent: Sometimes we will use your personal data because we have asked for your consent, which you can withdraw at any time. For example, We send marketing emails if you have signed up for those communications, or signed up for a newsletter.

Legitimate interest:

o Technical Data that includes data about your use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business and to decide our marketing strategy.

o Marketing Data that includes data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to enable you to partake in our promotions such as competitions, prize draws and free give-aways, to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising. Our lawful ground for this processing is our legitimate interests which in this case are to study how customers use our products/services, to develop them, to grow our business and to decide our marketing strategy.

o We may use User Data, Technical Data and Marketing Data to deliver relevant website content and advertisements to you (including Social Media adverts or other display advertisements) and to measure or understand the effectiveness of the advertising we serve you. Our lawful ground for this processing is legitimate interests which is to grow our business.

o We may also use such data to send other marketing communications to you. Our lawful ground for this processing is either consent or legitimate interests (namely to grow our business).

o We send marketing if you have signed up for those communications, signed up for a newsletter, or if you have made a purchase or registered and have not opted out of our marketing. Unless you opt out, we will send marketing emails to registered users and newsletter subscribers for as long as you are active on our website or social media accounts or engage with your newsletter subscription, and for up to two years after your last interaction with us. You can also opt out and select communication preferences.

In addition to the above, we also rely on the legitimate interests below to use your personal data:

o For internal administrative purposes related to our services - such as our accounting and records.

o To inform you of any changes to our services, such as updates to our terms and conditions.

o To enable you to register for an account on our website.

o To enable you to share our content with others using social media or email.

o When we respond to your queries and to resolve complaints.

o When we moderate comments under our community standards and participation guidelines.

o To troubleshoot technical issues on our website and its functionalities.

o When we de-identify or anonymise personal data, or aggregate it so that it can no longer identify you.

o For security and fraud prevention, and to ensure that our site is safe and secure and used in line with our terms of use.

o To contact you directly via social media or email if you send us emails or engage with Zestful Zen on social media or contact us.

5. Collection of Children’s Information

By providing us with your data, you warrant to us that you are over 13 years of age.

Zestful Zen does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will make our best efforts to promptly remove such information from our records.

6. Where we get personal information from

We may collect data about you by you providing the data directly to us (for example by filling in forms on our site or by sending us emails). We may automatically collect certain data from you as you use our website by using cookies and similar technologies. Please see our cookie policy for more details about this.

We may receive data from third parties such as analytics providers such as Google based outside the UK/EU, advertising networks such as Facebook based outside the UK/EU, such as search information providers such as Google based outside the UK/EU, providers of technical, payment and delivery services, such as data brokers or aggregators.

We may also receive data from publicly availably sources such as Companies House and the Electoral Register based inside the UK.

7. Marketing Communications

Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests (namely to grow our business). See Lawful Bases above for more information.

Under the Privacy and Electronic Communications Regulations (PECR), we may send you marketing communications from us if (i) you agreed to receive marketing communications and (ii) in each case you have not opted out of receiving such communications since.

Under these regulations, if you are a limited company, we may send you marketing emails without your consent. However, you can still opt out of receiving marketing emails from us at any time.

Before we share your personal data with any third party for their own marketing purposes we will get your express consent.

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by emailing us at [email protected] at any time.

8. How long we keep information

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

When deciding what the correct length of time is to keep the data for, we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.

In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

9. Who we share information with

We may have to share your personal data with the parties set out below:

o Service providers who provide IT and system administration services.

o Professional or legal advisers including lawyers, bankers, auditors and insurers

o Government bodies that require us to report processing activities.

o Emergency services (where necessary)

o Third parties to whom we sell, transfer, or merge parts of our business or our assets.

o Publicly on our website, social media or other marketing and information media (where appropriate)

Our data processors include:

o FEA Create. This data processor does the following activities for us: Business management services (email funnels, website, etc.) o Microsoft. This data processor does the following activities for us: Provides cloud services for data storage and processing, e.g. One Drive, Outlook, Word, PowerPoint, etc.

o Google. This data processor does the following activities for us: Provides cloud services for data storage and processing, e.g. Gmail, GoogleDrive, Google Analytics, etc.

o GoDaddy. This data processor does the following activities for us: Provides website hosting services, which includes data storage and processing, e.g. through use of cookies.

10. Sharing information outside the UK

Where necessary, we may transfer personal information outside of the UK. When doing so, we comply with the UK GDPR, making sure appropriate safeguards are in place. Please contact us for more information.

Where necessary, our data processors may share personal information outside of the UK. When doing so, they comply with the UK GDPR, making sure appropriate safeguards are in place. Please contact us for more information.

11. Data storage and transmission

The data that we collect from you may be transferred to, and stored at, a destination outside the UK or European Economic Area ("EEA"). They may also be processed by staff operating outside the UK or EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your enquiries, the processing of your payment details and/or the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data are treated securely and in accordance with this privacy policy.

Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of this website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to this website or to our email address or social media accounts; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

12. Third Parties

Our Privacy Policy does not apply to third parties or websites. Thus, we advise you to consult the respective Privacy Policies of these third parties for more detailed information. It may include their practices and instructions about how to opt-out of certain options.

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

13. Automated technologies or interactions, including cookies

As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.

Cookies are small files that a site or its service provider transfers to your computers hard drive through your Web browser that enables the sites or service providers systems to recognise your browser and capture and remember certain information. We use cookies to help us understand and save your preferences for future visits and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use the following cookies:

o Strictly necessary/essential cookies. These are cookies that are required for the operation of this website. They include, by way of general example, cookies that enable you to log into secure areas of the website, use a shopping cart or make use of e-billing services. o Analytical/performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around the website when they are using it. This helps us to improve the way the website works by, for example, ensuring that users are finding what they are looking for easily.

o Functionality cookies. These are used to recognise you when you return to the website. This enables us to personalise our content for you, greet you by name and remember your preferences.

o Targeting cookies. These cookies record your visit to the website, the pages you have visited and the links you have followed. We will use this information to make the website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance or targeting cookies.

You are able to change your computer/device settings to enable you to have more control over cookies. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

For further information on cookie settings visit www.aboutcookies.org or www.allaboutcookies.org.

14. Your data protection rights

Under data protection law, you have rights including:

o Your right of access - You have the right to ask us for copies of your personal data.

o Your right to rectification - You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete

o Your right to erasure - You have the right to ask us to erase your personal data in certain circumstances.

o Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal data in certain circumstances.

o Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.

o Your right to data portability - You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.

o Your right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent.

You don’t usually need to pay a fee to exercise your rights. If you make a request, we have one calendar month to respond to you.

To make a data protection rights request, please contact us using the contact details at the top of this privacy notice.

15. How to complain

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice.

If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

Website: https://www.ico.org.uk/make-a-complaint

This Privacy Policy was last updated on: 1 August 2024

FREE DOWNLOAD

Headline that hooks people in, gets them excited and makes them want to sign up.

CLEAR CALL TO ACTION