The low down on your privacy
Let's start with some basics that answer most of the questions we get asked.
- All information is stored in a database which is hosted by Amazon Web Services (AWS).
- Non-personal information (e.g. how many students in a class, how many logbook entries were submitted, etc.) are available in aggregate to The Center for Koru Mindfulness. This helps us understand how students are using the system so we can make improvements. This data is always retrieved and presented anonymously.
- All info continues to be available to the student through their registered account. Information can be permanently removed from the system through the users Account page or by request (remove@korumindfulness.org)
- Your Name, email, logbook entries, comments, and stats submitted during the time of your Koru class are available to your teacher through the Teacher Dashboard. A teacher can access this data as long as they are a Koru Teacher. However, please note you are only connected to your teacher during the span of your Koru class. Your teacher will not continue to receive your log entries.
- Passwords are salted and hashed.
- If you have opted in, your gratitudes will be shared anonymously on the Gratitude River with your class cohort. Once the class is over, these will be shared with the global Koru community.
- The app continues to connect you with your class cohort on the Class Progress screen. This data is always anonymous.
- We use stripe to handle all of our payments. Learn more about Stripe's security practices..
Now for the official Privacy Policy
LAST UPDATED: August 1, 2019The Koru Center for Mindfulness collects certain information through its website, teacher dashboard and our Koru Mindfulness mobile app. To make this Privacy Policy easier to read, the foregoing referenced websites and the App are referred to as the "Web Sites" and the services provided by us through the websites are referred to as the "Services." Any Koru program materials that are provided through the Services, including written materials and audio recordings, are referred to as the "teaching materials."
Your privacy is important to us and this Privacy Policy lays out our policies and procedures surrounding the collection and handling of information provided by you. If you do not agree to all the terms and conditions of this Privacy Policy, please do not use our website or app.
Information We Collect
We may collect the following information from users of the Web Sites: first name, last name, street address, city, state, zip code, phone number, e-mail address, electronic signature and credit card information (we store only the last four digits) (collectively, "Personally Identifiable Information" or "PII"). The Web Sites are not intended for use by children under the age of 13, and we do not knowingly collect PII from children under the age of 13. Use of the Web Sites requires that you register and/or create an account ("Account") or use the Web Sites as a guest.
We also collect aggregated information, demographic information and other information that does not reveal your specific identity ("Non-PII"). Non-PII may include information about the device you use to access the Web Sites, information from referring websites and your engagement with the Web Sites.
We use HTTPS cookies to collect information about you and your activity on the Web Sites. We use this information to remember users on the Web Sites and to enhance users’ experience on the Web Sites. For example, when users with Accounts return to the Web Sites, cookies identify those users and allow the Web Sites to provide certain user-specific information such as user account information and past orders. To learn more about cookies, visit www.allaboutcookies.org. We do not work with advertisers. To learn more about opting-out of cookie-targeted advertising on the Web Sites (sometimes referred to as online behavioral advertising or OBA), visit www.AboutAds.info. Some browsers allow you to indicate that you would not like your online activities tracked, using "Do Not Track" indicators ("DNT Indicators"). We are not obligated to respond to these indicators, and presently we are not set up to respond to DNT Indicators. This means that while the Web Sites may track certain latent information about your online activities, the collected information will be used solely to improve your use of our Web Sites and in ways consistent with the provisions of this Privacy Policy.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. Your profile picture is visible to the public in the context of your comments.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
We use Google services to generate maps and provide autocompletion when searching for events by location, which may collect data via your browser in accordance to Google's privacy policy. We collect and store information you submit to us when registering, for the purpose of reserving your requested spaces at our class and maintaining a record of attendance. We may use cookies to temporarily store information about a registration in progress as well as any error/confirmation messages.
When you use this site several actions (e.g. commenting) trigger the dispatch of emails. They contain information about you associated with your email address. Which data are part of these emails depends on the action performed. These emails are stored and accessible to the site management as log.
Use of Collected Information
We use PII to create users’ Accounts, to communicate with users about our Services, offer users additional Services, assist with Service inquiries, offer promotions and special offers, charge for purchases made through us and fulfill orders. We use certain stored PII to customize future order processing for you. You may request that we cease storing certain PII at any time, but you might not be able to take advantage of certain customized features. Users may affirmatively opt-out of receiving communications from us by visiting https://korumindfulness.us7.list-manage.com/unsubscribe?u=af09f3236ae3548db0d39b8fd&id=bbc68dfc9c and providing us with their e-mail address via the opt-out link. We may also use PII to enforce our Terms of Use.
We do not sell the information we collect through the Web Sites to third parties. We may share collected PII with third-party vendors and service providers with whom we work to provide application programming interfaces ("APIs") and other functions for the Web Sites in connection with the delivery of our Services only to the extent necessary to provide those APIs and Services. Full credit card numbers are transmitted to our credit card processor but are not stored by us. We may allow certain social media platforms to host plug-ins or widgets on the Web Sites, which may collect certain information about users who choose to use those plug-ins or widgets. We may also disclose PII to third parties such as attorneys, collection agencies, tribunals or law enforcement authorities pursuant to valid requests in connection with alleged violations of our Terms of Use, infringement or similar harm to persons or property.
User generated content posted through the Web Sites such as Service reviews and certain social networking preferences (e.g. pages you "Like" or "Follow") may be viewed by the general public. Accordingly, we cannot ensure the privacy of any PII included in such user generated content.
Protection of PII
We use reasonable security measures equal to or exceeding industry standard to protect PII from unauthorized access, destruction, use, modification and disclosure. Unfortunately, even with these measures, we cannot guarantee the security of PII. By using the Web Sites, you acknowledge and agree that we make no such guarantee, and that you use the Web Sites at your own risk.
Accessing, Correcting, and Deleting your PII
Registered Account holders can access and change their own PII using the "Change" function on the Web Sites. If you have an account on this site you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can delete your account using the "Delete" function on the Web Sites. This will erase any personal data we hold about you, including proof of payment. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
If you have questions regarding our use or collection of your PII, please contact us at tech@korumindfulness.org.
Privacy Policy Amendments
We reserve the right, at our sole discretion, to change, modify, add, or delete portions of this Privacy Policy at any time without further notice. If we do this, we will post the changes to this Privacy Policy on this page and will indicate at the top of this page the new effective date (i.e., the LAST UPDATED date). You agree that you will check for new versions of this Privacy Policy. By continuing to access and/or use the Web Sites following the posting of a new Privacy Policy version, you agree to be bound by the then-current version. If you do not agree to the terms of the new version of the Privacy Policy, you agree to stop using the Web Sites.