Last Updated: February 7, 2019
Our website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. When you use our website, products and services, you are trusting us with your information. We have the responsibility to protect your information, to be transparent with you about how we store, handle and process your information, and put you in control of your information.
Your data may be stored and processed through the following: Wix.com, Acuity Scheduling, ActiveCampaign, Zapier, Everlesson, and Google G Suite, in accordance with their Terms and Privacy Policies. They store your data on secure servers behind a firewall.
All direct payment gateways used by us adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of your credit card information.
When do we collect information?
We collect information from you when you subscribe, register on our site, book an appointment, place an order, respond to a survey, fill out a form, use Live Chat, visit our Blog, open a Support Ticket, enter information on our site, or provide us with feedback on our products or services. Other than that, we do not collect information from visitors of our site. We use the information we collect to understand your needs, improve our services and visitor experience in order to better serve our users.
Why do we collect information?
We collect your information so that we can:
Understand your needs and, thereafter, provide you with knowledgeable assistance through our services and offers.
Process subscriptions, donations, payments, goods and services that you request from us.
Deliver relevant information and announcements regarding programs, products/services, events, news, and offers that can potentially improve your quality of life.
Communicate to you through email, SMS, phone, and other electronic means.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
To improve our website in order to better serve you.
To allow us to better service you in responding to your customer service requests.
To administer a contest, promotion, survey or other site feature.
To inform you of workshops, events news updates, tools, offers, etc., that can potentially improve your quality of life.
To quickly process your transactions.
To ask for ratings and reviews of services or products.
To follow up with you after correspondence (e.g., live chat, email or phone inquiries).
How long do we retain your information?
A subscriber's record is retained in our database for as long as s/he does not unsubscribe. Once s/he unsubscribe, his/her record is marked for deletion. When we run periodic and annual cleanup of our lists, we delete persons who have unsubscribed as long as they are not clients of Rev. Katherine Lopa.
Clients are those who availed of Rev. Katherine Lopa's professional services, or were students of her workshops, classes, courses, and webinars.
If subscriber is a client, then his/her record is retained for a minimum of 6 years from date of last service, after which time his/her data is destroyed. The main reason we keep a client's record for that long is to provide information on a client's care to other healthcare professionals. The next major reason is statutory. Both state and federal laws have statutes of limitations that impact the length of time records must be kept. Record keeping obligation in our business domicile, Arizona, is at least 6 years.
If subscriber is a Lily, then his record is retained indefinitely. The main reason for this is that his record in the Lily Database serves as evidence that he has been Lily-activated. If you would like to avail of events, workshops, meditations, news updates, activations, upgrades, and other offers from the Creator for release to LILIES ONLY, your record in the Lily Database serves as attestation and conclusive proof that you have been Lily-activated and you are, therefore, a Lily. If you would like this proof permanently erased from the Lily Database, you must request it in writing. Simply email your request to firstname.lastname@example.org and we will gladly cooperate with you. Your record will be deleted after the statutory obligation of 6 years is met. Bear in mind that this will forever exclude you from all future "Lilies Only" activations, upgrades, and opportunities unless you can show an original, signed Lily Activation Certificate as proof that you are a Lily.
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
Our website uses regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
To maintain the safety of your personal information, we implement a variety of security measures when a user places an order, or enters, submits or accesses their information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless you give us prior consent. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, unless 3rd party is integrous and meets most, if not all, of the following criteria:
Third party agrees to comply with the legal practices we endorse, such as the California Online Privacy Protection Act, Children Online Privacy Protection Act, Fair Information Practices, Can-Spam Act, Digital Millennium Copyright Act, General Data Protection Regulations, etc.
We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Do we use 'cookies'?
Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users. See more at https://support.google.com/adwordspolicy/answer/1316548?hl=en
We use Google Analytics to implement the following:
• Demographics and Interests Reporting.
We may, at our discretion, use Google AdSense Advertising on our website.
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website. Google Analytics does not collect Personally Identifiable Information.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out browser add on.
California Online Privacy Protection Act
In compliance with CalOPPA, we agree to the following:
Users can visit our site anonymously.
You can change your personal information:
By emailing us.
By calling us.
By clicking here to update your information with us anytime. You may also update your information by clicking on "Manage Your Subscription" at the footer of every email we send you.
How does our site handle Do Not Track signals?
We don't honor Do Not Track signals or use advertising when a Do Not Track (DNT) browser mechanism is in place. We don't honor them because:
We do not track customers over time and across third party websites, hence, there is no need for us to respond to Do Not Track (DNT) signals.
Does our site allow third-party behavioral tracking?
It's also important to note that we allow third-party behavioral tracking (e.g., Google Analytics).
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email within 7 business days.
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
Send information, respond to inquiries, and/or other requests or questions;
Process orders and to send information and updates pertaining to orders;
Send you additional information related to your product and/or service;
Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CAN-SPAM Act, we agree to the following:
Not use false or misleading subjects or email addresses.
Identify the message as an advertisement in some reasonable way.
Include the physical address of our business or site headquarters.
Monitor third-party email marketing services for compliance, if one is used.
Honor opt-out/unsubscribe requests quickly.
Allow users to unsubscribe by using the link at the footer of each email.
If at any time you would like to unsubscribe from receiving future emails, you can:
Click the “Unsubscribe” link at the footer of every email we send you. We will promptly remove you from ALL our email contact lists.