Privacy Policy

Introduction

Yoga Knowledge Online Limited (we, us, our, YKOL) complies with the New Zealand Privacy Act 1993 (the NZ Privacy Act) and other applicable privacy and data protection laws when dealing with personal information. Personal information is information about an identifiable individual (a natural person).

This policy sets out how we will collect, use, disclose and protect your personal information when you access and use our website (yogaknowledge.net) or related services.

If you are based in the European Union and use our website or related services, the additional terms in the addendum to this privacy policy (GDPR Addendum) apply to you.

This policy does not limit or exclude any of your rights under the NZ Privacy Act and other applicable laws. If you wish to seek further information on the NZ Privacy Act, see www.privacy.org.nz.

Changes to this Policy

We may change this policy by uploading a revised policy onto the website. The change will apply from the date that we upload the revised policy.

This policy was last updated on August 1, 2018

The YKOL Website

YKOL is a comprehensive online platform offering a series of constantly expanding online yoga knowledge courses. When you sign up for or login to your YKOL account or enrol for a course offered on our website, you will be directed to a third party platform called Teachable, Inc ( Teachable). Teachable provides an online course creation platform service that we use to provide our courses. Teachable collects personal information from you when you access your YKOL account or our courses, including your name, email address, billing information, location and any other information Teachable requires to provide its services. For further information about how Teachable handles personal information, its privacy policy is available here: https://teachable.com/privacy-policy

Who Do We Collect Your Personal Information From??

We collect personal information about you from:

  • you, when you provide that personal information to us, including via the website and any related service (including through Teachable) through any registration or subscription process, through any contact with us (e.g. telephone call or email), or when you use our services.
  • third parties where you have authorised this or the information is publicly available.

If possible, we will collect personal information from you directly.

When you visit or use our website or any related service, we may collect information about you:

  • by recording clickstream data, which is non-personal information that is recorded when you click anywhere on a webpage and is used for the purposes of collecting, analysing and reporting data about how you use our website and related services; and
  • through the use of cookies, web beacons and similar storage technologies. Please refer to the cookie section of the GDPR Addendum for further information, including information on how you can disable these technologies.

You may be asked to provide billing information when using our website or related services, including your billing address and credit card information. We use Teachable to process credit card transactions. We do not have access to your credit card information. You can view Teachable’s privacy policy at https://teachable.com/privacy-policy.

What Personal Information Do We Collect?

When you access and use our website or related services (including through Teachable), we collect (including by way of Teachable providing to us) the following information:

  • your email address when you ask to receive information about us or our services, including signing up to our newsletter
  • when you set up or login to your account, your email address, password and what country you are located in
  • any information contained in your correspondence with us, for example, when you send us an email
  • if you purchase services through the website, your purchase history and other information relating to your transactions with us
  • any other information required to provide our website or related services
  • as noted above, clickstream data, including your IP address, geographical location and the time and date on which you last logged into your account

How We Use Your Personal Information

We may use your personal information:

  • to verify your identity
  • to provide the website and related services to you
  • to market our products and services to you,including contacting you electronically (e.g. by text or email for this purpose). You can stop receiving our marketing emails by following the unsubscribe instructions included in those emails
  • to improve the website and related services that we provide to you
  • to respond to communications from you, including enquiries and complaints
  • to conduct research and statistical analysis (on an anonymised basis)
  • to protect and/or enforce our legal rights and interests, including defending any claim
  • for any other purpose authorised by you, the NZ Privacy Act or other applicable law
  • to respond to lawful requests by public authorities, including to meet law enforcement requirements

We may transfer your information in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition.

Disclosing Your Personal Information

We may disclose your personal information to:

  • any business that supports our services and products, including Teachable Inc., any person that hosts or maintains any underlying IT system or data centre that we use to provide the website or other products and services or that we use to process payments.
  • other third parties (for anonymised statistical information)
  • a person who can require us to supply your personal information (e.g. a regulatory authority)
  • any other person authorised by the NZ Privacy Act or other applicable law (e.g. a law enforcement agency)
  • professional advisers e.g. accountants, lawyers, auditors
  • any other person authorised by you
  • any other company in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition.

We share information about your use of the website with our trusted analytics partners through the use of cookies, web beacons and similar storage technologies. Please refer to the cookie section of the GDPR Addendum for further information.

Transfers of Personal Information

A business that supports our services and products may be located outside New Zealand or the European Economic Area (EEA). This may mean your personal information is held and processed outside New Zealand. Please see the Addendum for further information about personal data transfers from the European Economic Area.

Protecting Your Personal Information

We will take reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse. We implement appropriate technical and organisational measures to ensure a level of security appropriate to risks inherent in processing personal information.

You can play an important role in keeping your personal information secure by maintaining the confidentiality of any password and accounts used in relation to our products and services. Please do not disclose your password to third parties. Please notify us immediately if there is any unauthorised use of your account or any other breach of security.

Accessing and Correcting Your Personal Information

Subject to certain grounds for refusal set out in the NZ Privacy Act or other applicable law , you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.

In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.

If you want to exercise either of the above rights, email us at [email protected]. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).

Internet Use

While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.

If you follow a link on our website to another site, the owner of that site will have its own privacy policy relating to your personal information. We suggest you review that site’s privacy policy before you provide personal information.

Contact Us

If you have any questions about this privacy policy, our privacy practices, or if you would like to request access to, or correction of, your personal information, you can contact us here:[email protected].

GDPR addendum

If you are based in the European Union (EU) and use our website and/or our services, these additional terms (GDPR Addendum) form part of our privacy policy.

The General Data Protection Regulation (GDPR) regulates the collection, processing and transfer of EU individuals’ personal data (as defined in the GDPR). The personal information described in our privacy policy is personal data under the GDPR. We are committed to complying with the GDPR when dealing with personal data of our website visitors and service users based in the EU.

For the purposes of the GDPR, we are the data controller (as defined in the GDPR) when processing personal data collected by us through the website and/or when you use our services.

This GDPR Addendum was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal data. However, we are happy to provide any additional information or explanation needed. Any requests for further information should be sent to [email protected].

Processing Personal Data

The personal data we may process consists of the personal information described in our privacy policy. This personal data may be processed for the purposes outlined in our privacy policy.

The legal basis for our processing of personal data is your consent or, for certain types of personal data, processing is necessary for the performance of a contract to which you are a party.

Despite the above, we may process any of your personal data where such processing is necessary for compliance with applicable laws.

You do not have to provide us with personal data to access and use some pages of the website. However, you must provide us with your email address and password when using some of our services such as signing up for or logging into your account on the website. The consequence of not providing your email address and password is that we will not be able to set you up with an account.

Your Rights

Your rights in relation to your personal data under the GDPR include:

  • right of access - if you ask us, we will confirm whether we are processing your personal data and provide you with a copy of that personal data.
  • right to rectification - if the personal data we hold about you is inaccurate or incomplete, you have the right to have it rectified or completed. We will take every reasonable step to ensure personal data which is inaccurate is rectified. If we have shared your personal data with any third parties, we will tell them about the rectification where possible.
  • right to erasure - we delete your personal data when it is no longer needed for the purposes for which you provided it. You may request that we delete your personal data and we will do so if deletion does not contravene any applicable laws. If we have shared your personal data with any third parties, we will take reasonable steps to inform those third parties to delete such personal data.
  • right to withdraw consent - if the basis of our processing of your personal data is consent, you can withdraw that consent at any time.
  • right to restrict processing - you may request that we restrict or block the processing of your personal data in certain circumstances. If we have shared your personal data with third parties, we will tell them about this request where possible.
  • right to object to processing - you may request that we stop processing your personal data at any time and we will do so to the extent required by the GDPR.
  • right to data portability - you may obtain your personal data from us that you have consented to give us or that is necessary to perform a contract with you. We will provide this personal data in a commonly used, machine-readable and interoperable format to enable data portability to another data controller. Where technically feasible, and at your request, we will transmit your personal data directly to another data controller.
  • the right to complain to a supervisory authority - you can report any concerns you have about our privacy practices to the relevant data protection supervisory authority.

Where personal data is processed for the purposes of direct marketing, you have the right to object to such processing, including profiling related to direct marketing.

If you would like to exercise any of your above rights, please contact us at [email protected]. If you are not satisfied by the way your query is dealt with by our data protection officer, you may refer your query to your local data protection supervisory authority e.g. in the United Kingdom, this is the Information Commissioner’s Office.

Children

We do not intend to collect personal data from children aged under 16. If you have reason to believe that a child under the age of 16 has provided personal data to us through our website and/or by using our services, please contact our data protection officer.

Cookies

We use cookies (an alphanumeric identifier that we transfer to your computer’s hard drive so that we can recognise your browser) to monitor your use of the website, including to perform analytics.

We use the following types of cookies for the following purposes:

  • strictly necessary cookies served by us - these cookies are essential for the full functionality of our website. They enable you to navigate around our website and use their features, such as accessing secure areas. Without these cookies, you may not be able to access all the functions of our website.
  • performance cookies served by Google Analytics - these cookies collect information about how you use our website, e.g. which pages are the most visited and if you receive any error messages from any pages. These cookies do not gather information that identifies you. All information these cookies collect is anonymous and only used to improve how our website works. To refuse these cookies, please follow the instructions under the above heading “how to control and delete cookies through your browser?”. You can also opt out of Google Analytics’ cookies at https://tools.google.com/dlpage/gaoptout. Information about Google’s cookies is available from: https://policies.google.com/technologies/types. Google’s applicable privacy policy for Google Analytics cookies is available at https://policies.google.com/technologies/partner-sites.

You can control and/or delete cookies as you wish. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit our website and attempt use our services, you may not be able to access certain parts of our website or services, and some functionalities may not work. You can find out more information about how to change your browser cookie settings at http://www.aboutcookies.org.uk

Other websites may use different cookies from those YKOL uses. You acknowledge and agree that YKOL is not responsible for any third party websites or applications and you access third party websites and applications at your own risk. Please understand other websites and applications are independent from YKOL so you must inform yourself of their separate cookie policies.

International Transfer of Data

The personal data we collect through our website and/or the provision of services may be transferred to, and stored in, a country operating outside the European Economic Area (EEA). Under the GDPR, the transfer of personal data to a country outside the EEA may take place where the European Commission has decided that the country ensures an adequate level of protection. In the absence of an adequacy decision, we may transfer personal data provided appropriate safeguards are in place.

Some of the personal data we collect is processed in New Zealand (where our operations are located). New Zealand is recognised by the European Commission as a country that ensures an adequate level of data protection and we rely on this decision in transferring personal data to New Zealand.

Some of the personal data we collect is processed by third party data processors in other countries, including the United States. Where personal data is transferred outside the EEA or New Zealand, it will only be transferred to countries or specified sectors within a country that have been identified as providing adequate protection for EEA data (e.g. organisations in the United States under the EU-U.S. Privacy Shield framework), or to a third party where we have approved transfer mechanisms in place to protect your personal data (e.g. by entering into the European Commission’s Standard Contractual Clauses . For further information, please contact us using the details set out in set out in our privacy policy.

Data Retention Policy

Personal data that we collect and process will not be kept longer than necessary for the purposes for which it is collected, or for the duration required for compliance with applicable law, whichever is longer.

Contacting us

You can contact us as by email at [email protected].