This Privacy Policy (";Policy";) outlines the practices of the Foundation for Positive Mental Health (referred to as ";Seller"; or ";we";) regarding the collection, use, and protection of personal data from buyers (";Buyer"; or ";you";) in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This Policy applies to personal data collected through the Thinkific platform and any related services provided by the Seller.
Data Controller
The Seller is the data controller for the personal data collected and processed through the Thinkific platform. If you have any questions regarding the processing of your personal data, you can contact us using the contact details provided at the end of this Policy.
Personal Data Collection and Use
a. Types of Personal Data: We may collect and process the following types of personal data:
Contact information: name, email address, telephone number.
Payment information: billing address, credit/debit card details.
Account information: username, password, profile information.
Communication information: correspondence, inquiries, feedback.
b. Legal Basis and Purpose of Processing: We collect and process personal data for the following purposes:
Fulfillment of orders: to process and deliver goods and services purchased.
Account management: to create and manage your account on the Thinkific platform.
Payment processing: to facilitate secure payment transactions.
Communication: to respond to inquiries, provide support, and send important updates.
Legal obligations: to comply with applicable laws and regulations.
c. Data Retention: We will retain your personal data for as long as necessary to fulfill the purposes outlined in this Policy, or as required by applicable laws and regulations.
Data Sharing and Third Parties
a. We may share your personal data with third parties only in the following circumstances:
Service providers: We may engage trusted third-party service providers to assist us in delivering goods and services, processing payments, and managing customer relationships. These providers are contractually bound to protect the confidentiality and security of your personal data.
Legal compliance: We may disclose your personal data if required to do so by law or in response to valid legal requests.
Business transfers: In the event of a merger, acquisition, or transfer of assets, your personal data may be transferred to the relevant third party as part of the transaction.
b. We will not sell, rent, or lease your personal data to third parties for marketing purposes.
Data Security
a. We implement appropriate technical and organizational measures to ensure the security and
confidentiality of your personal data. These measures include encryption, access controls, and
regular security assessments.
b. While we strive to protect your personal data, please note that no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee the absolute security of your data.
Your Rights
a. Under the GDPR and other applicable data protection laws, you have certain rights regarding your personal data. These rights include:
Right to access: You have the right to request access to the personal data we hold about you.
Right to rectification: You can request the correction or update of your inaccurate or incomplete personal data.
Right to erasure: You have the right to request the deletion of your personal data under certain circumstances.
Right to restriction: You can request the restriction of processing your personal data in specific situations.
Right to data portability: You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format.
Right to object: You can object to the processing of your personal data in certain situations.
b. To exercise your rights or if you have any concerns or complaints regarding