Privacy Policy
At Holistic Hyperbarics (holistic-hyperbarics.com), we are committed to safeguarding your personal data and protecting your privacy. We value transparency, accountability, and trust, and we take our obligations under applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), with the utmost seriousness. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or interact with us.
1. Commitment to Privacy and Data Protection
We understand the significance of your personal data and are committed to ensuring that your privacy is respected and your data remains secure. We implement technical and organizational measures to ensure that all personal information is processed lawfully, fairly, and transparently.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to the website holistic-hyperbarics.com (“Website”) and all services offered through it. Holistic Hyperbarics is the data controller responsible for the collection, use, and management of your personal data. If you have any questions about this policy or your rights as a data subject, you may contact us at [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Includes information about your interactions with our Website, such as Internet Protocol (IP) address, browser type and version, pages visited, session duration, referring/exit pages, and usage patterns.
b. Account Data
Includes identifying details such as your full name, postal address, phone number, and email address, particularly when you create an account or make a booking or inquiry.
c. Profile Data
Includes information such as your service preferences, past purchases, browsing behavior, feedback, and interest indicators, all of which help us understand and improve your user experience.
d. Communication Data
Includes records of your correspondence with us, including support requests, inquiries via contact forms, direct messages, or email exchanges.
e. Technical Data
Includes device type, operating system, browser settings, screen resolution, hardware identifiers, and other diagnostic data used to ensure optimal functionality of the Website.
f. Transaction Data
Includes billing information, payment methods, service order details, and delivery or fulfillment arrangements.
g. Preference Data
Includes your consent for marketing communications, selected areas of interest, and other choices you make related to the customization of content and offers.
4. Legal Bases for Processing
We rely on the following legal grounds to process personal data in line with GDPR and, where applicable, CCPA:
– Consent: Where you provide explicit permission (e.g., opting in to receive marketing communications).
– Contract: When processing is necessary to fulfill a contractual obligation with you, such as providing hyperbaric treatment services.
– Legal Obligation: To comply with applicable statutory or regulatory requirements.
– Legitimate Interests: When processing is necessary for our legitimate business interests, such as improving our services or preventing fraud, provided those interests do not override your fundamental rights and freedoms.
5. Your Rights
Subject to applicable laws, you have several fundamental rights:
– Right of Access: You may request access to your personal data.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of personal data where there is no overriding legal basis for its continued processing.
– Right to Restrict Processing: You may request limits on how your data is used in certain situations.
– Right to Data Portability: You may request a copy of your data in a structured, machine-readable format for transmission to another controller.
For California residents, additional rights may apply, such as the right to opt out of “sale” of personal data, as defined under the CCPA.
If you wish to exercise any of these rights, please contact us at [email protected]. We will respond within the timeframes required under applicable law.
6. Security Measures
The security of your personal data is paramount. We have implemented appropriate technical and organizational safeguards to protect against unauthorized access, alteration, disclosure, or destruction of personal data. These include, but are not limited to, encryption technologies, strict access controls, routine data backups, staff confidentiality agreements, and periodic security training.
7. International Transfers
If we transfer personal data outside of the European Economic Area (EEA) or another applicable jurisdiction, we ensure that appropriate legal mechanisms are in place, such as Standard Contractual Clauses approved by the European Commission or other lawful basis, in accordance with GDPR requirements. For California residents, we ensure that data handling practices comply with the CCPA regardless of the data’s geographic location.
8. Data Retention
We retain your personal data only as long as necessary for the purposes for which it was collected, or as otherwise permitted or required by law.
– Usage and Technical Data: retained for 12–18 months for analytics and diagnostics.
– Account and Profile Data: retained for the duration of your account and up to 6 years thereafter for legal or operational considerations.
– Communication Data: retained for up to 3 years following your last interaction.
– Transaction Data: retained for tax and financial record-keeping requirements (typically 6–7 years).
– Preference Data: retained until withdrawn or updated by the user.
9. Cookie Policy
Our Website uses cookies and similar tracking technologies to enhance user experience and analyze Website performance. Cookies fall into the following categories:
– Essential Cookies: required for core functionality and navigation.
– Functional Cookies: enable us to remember your preferences and provide personalized content.
– Analytical Cookies: allow us to measure Website traffic and usage behaviors.
– Performance Cookies: help us improve responsiveness and speed based on aggregate user data.
10. Cookie Management and Compliance with GDPR & CCPA
Upon your first visit to holistic-hyperbarics.com, you will be presented with a cookie consent banner allowing you to manage your cookie preferences. You may withdraw your consent at any time via our cookie preference settings or by adjusting your browser controls.
In accordance with GDPR and CCPA, we obtain specific consent for non-essential cookies and allow opt-outs for data collection where legally required.
11. Special Protections for Children Under 13
We do not knowingly collect or process personal data from children under the age of 13. If we become aware that we have inadvertently received such data without verified parental consent, we will take immediate steps to delete it. If you believe that a child under 13 has provided us with personal data without appropriate authorization, please contact us at [email protected].
12. Policy Updates and User Notifications
We may revise this Privacy Policy from time to time to reflect legal, operational, or technological changes. Such modifications will be promptly made available on holistic-hyperbarics.com. Where material changes occur, we will notify you via the Website or by direct communication if legally required.
13. Contact Us
For questions regarding this Privacy Policy or to exercise your privacy rights, please reach out to us via email at:
[email protected]
We are committed to privacy compliance and welcome any feedback or concerns related to our data practices. Your trust is important to us, and we are here to ensure that your personal data is handled with the highest level of care.