Privacy Policy

This Privacy Policy governs the manner in which the website collects, uses, maintains and discloses information collected from users (each, a 'User') of the website ('Site'). This privacy policy applies to the Site and all products and services offered by company.

The Information We May Collect

Our primary purpose in collecting information from or about you is to provide you with a safe, smooth, efficient, and customized experience. Depending on the manner in which you use our Services, we collect information about you that we deem necessary for providing Services and features that optimize, secure, and ease your user experience.

Personal Information or Personal Data ("PII"): Healbright may collect and process information that could be directly or indirectly associated with you; information such as your full name, company name where applicable, user name and password, phone number, email address, billing or mailing address, credit/debit card information and other information that you share with Healbright. You can choose not to provide us with certain information, but that may result in you being unable to use certain features of our Services because such information may be required in order for you to register for an account; purchase products or Services; participate in a contest, promotion, survey, or sweepstakes; ask a question; or initiate other transactions on our website.

Third Party Payment Processors: Payments processed via Custom Payment Gateways by third parties like PayPal and Stripe are subject to the terms of use and privacy policies of those payment gateways and are not accessible or controlled by Healbright. For payments processed via Custom Payment Gateways, we receive information related to the payment status of your account; this information includes your payment card type and last four digits, postal code, country of origin, payment expiration date, and any email address associated with the payment type. For additional information, we recommend that you review the payment processor's Privacy Policy.

Information from Third Party Platforms: You may allow our Services to interact with one or more third party social networks or platforms (such as Facebook), which will provide data about you to us ("Platform(s)"). The information you allow Healbright to access varies by Platform, and it is affected by the privacy settings you and those that you are connected with establish while using such Platforms. Platforms are operated, controlled, and maintained by third parties that are not operated, controlled, or maintained by Healbright. We recommend that you read the terms of use or service and privacy policies of those Platforms to understand how they collect and treat your data and what data they might share with us or other third parties.

Demographic and Usage Data: Healbright may collect information through the use of cookies, HTML5 local storage, and other similar technologies. "Cookies" are alphanumeric identifiers in the form of text files that are inserted and stored by your web browser on your hard drive. Healbright may set and access cookies on your computer or wireless device to track and store preferential information about you. We may gather anonymous information about Users through cookie technology on an individual and aggregate level. Such information is used within Healbright internally and is only shared with third party advertisers, if any, on an aggregated or non-personally identifiable basis. You may opt out of receiving cookies from our website by following the instructions in your web browser. Note, however, that deleting cookies or directing your browser to refuse them may limit your ability to use certain portions of our website that require cookies to function. Healbright gathers certain information automatically and stores it in log files. This information may include Internet protocol (IP) addresses, browser type, operating system, and other usage information about the use of our website, including a history of the pages you view.

Some of the cookies we commonly use are listed below. This list is not exhaustive, but it is intended to illustrate the main reasons we typically set cookies. If you visit one of our sites, the site may set some or all of the following cookies:

1.

Name:

signed_in

Domain:

Used for the specific school domain being viewed.

Retention:

Expires after the browser window is closed.

Description:

Used to determine if a visitor is signed in to the website.

2.

Name:

site_preview

Domain:

Used for the specific school domain being viewed.

Retention:

Expires after the browser window is closed.

Description:

Used to determine whether the website is in free preview mode. This cookie is ignored if the user is not an owner or author of a School.

3.

Name:

videoPlayer

Domain:

Used for the specific school domain being viewed.

Retention:

Expires after the browser window is closed.

Description:

Used to show html5 or Flash videos.

4.

Name:

videospeed

Domain:

Used for the specific school domain being viewed.

Retention:

Expires after the browser window is closed.

Description:

Used to show what speed to play videos.

5.

Name:

wistiaVisitorKey

Domain:

Used for the specific school domain being viewed.

Retention:

Expires after the browser window is closed.

Description:

Used to determine what session each video is used for. This is set by Wistia, a third-party video hosting service.

6.

Name:

session_id

Domain:

Used for the specific school domain being viewed.

Retention:

1 month

Description:

Used to store the session state, which is tied to what user is logged in to the website.

7.

Name:

ahoy_events

Domain:

Used for the specific school domain being viewed.

Retention:

1 day

Description:

Used for internal diagnostic tracking.

8.

Name:

ahoy_visit

Domain:

Used for the specific school domain being viewed.

Retention:

1 day

Description:

Used for internal diagnostic tracking.

9.

Name:

ahoy_visitor

Domain:

Used for the specific school domain being viewed.

Retention:

2 years and 1 day

Description:

Used for internal diagnostic tracking.

10.

Name:

fs_uid

Domain:

.Healbright.com

Retention:

For the maximum amount of time the user’s browser supports.

11.

Name:

_ga

Domain:

.Healbright.com

Retention:

2 years

Description:

Used by Google analytics to calculate session and visitor information.

12.

Name:

_gid

Domain:

.Healbright.com

Retention:

2 days

Description:

Used by Google analytics to calculate session and visitor information.

13.

Name:

_smVID

Domain:

.Healbright.com

Retention:

29 days

Description:

Used by the SumoMe email capture integration.

Non-Personal Information: Web Beacons, also known as pixel tags and clear GIFs, ("Web Beacons"), are electronic images that allow a website to access cookies and help track marketing campaigns and general usage patterns of visitors to those websites. Web Beacons can recognize certain types of information, such as cookie numbers, time and date of a page view, and a description of the page where the Web Beacons are placed. No PII about you is shared with third parties through the use of Web Beacons on our website. However, through Web Beacons, we may collect general information that will not personally identify you, such as: Internet browser, operating system, date of visit, time of visit and path taken through the website. Healbright may also collect other Non-Personal Information as visitors browse our website, such as the web traffic, what pages are visited, and from where visitors come. We may compile this Non-Personal Information to enable statistical analysis of our Services that would be used internally or with external assistance to make improvements to our website and Services.

How We Use the Information We Collect

We will use your PII in accordance with applicable data protection legislation and this Privacy Policy for the following purposes and based on the following legal basis under the General Data Protection Regulation (2016/679/EU) ("GDPR"):

Purpose of the processing: To provide you access to our Services, to administrate your Healbright account and communicate with you regarding you Healbright account and use of our Services.

Legal basis for the processing: Performance of contract.

2.

Purpose of the processing: To market and advertise our products and Services, including making recommendations about courses and other Services you may be interested in, conducting market research, surveys or competitions.

Legal basis for the processing: Balancing of interests where Healbright has pursued the legitimate interest of conducting marketing activities.

3.

Purpose of the processing: To prevent, detect, investigate and take measures against criminal activity, fraud and misuse of or damage to our Services or network and to take measures against other threats against Healbright's or a third party's rights.

Legal basis for the processing: Balancing of interests where Healbright has pursued the following legitimate interests:

• Healbright's interest of investigating suspicion of and taking measures against misuse of or damage to our Services or network;

• Healbright's and/or third party's interest of investigating and producing evidence regarding criminal activity, fraud and other threats against its interest;

• Competent authority's interest of conducting law enforcement activities and collecting evidence for such purposes.

4.

Purpose of the processing: To comply with applicable laws, regulations, court orders, government and law enforcement agencies’ requests.

Legal basis for the processing: Compliance with a legal obligation to which Healbright is subject.

Disclosure of your PII

Healbright provides to Instructors the following information about the Students enrolled in their respective Courses: (1) name, (2) email address, (3) IP address, and (4) the Instructor’s Course in which the Student has enrolled. Healbright does not disclose any other information about Students to Instructors, and Students assume full responsibility for the disclosure and use of any other PII the Student chooses to disclose to any Instructor or other users, which at all times shall be subject to the terms of this Privacy Policy.

Healbright may also disclose any of your information, which in some cases includes PII, in the following situations:

  • With your consent. Healbright may transmit your PII to a third party when you give us express permission to do so. For example, this may occur when we complete a transaction on your behalf or at your request.
  • With our authorized service providers. Healbright may share your PII with our authorized service providers that perform certain services and process PII on our behalf. These services may include providing customer service and marketing assistance, performing business and sales analysis, supporting our website functionality, and supporting contests, sweepstakes, surveys and other features offered through our website. These service providers may have access to PII needed to perform their functions but are not permitted to share or use such information for any other purposes.
  • Payment providers and your bank. For the purpose of administrating payments within our Services, we may disclose your PII to third party payment providers and your bank.
  • With our business partners. When you make purchases, reservations or engage in promotions offered through our website, we may share PII with the businesses with which we partner to offer you those products, services, promotions, contests and/or sweepstakes. When you elect to engage in a particular merchant’s offer or program, you authorize us to provide your email address and other information to that merchant.
  • In connection with a substantial corporate transaction, such as the sale of our business; a divestiture, merger, consolidation, or asset sale; or in the event of bankruptcy. If another company acquires Healbright, that company will take on all responsibility for the information we collect, including PII, and it will assume all rights and obligations with respect to that information. Should this happen, the acquiring company may implement its own policies with respect to your information.
  • If we are required to disclose information by law. Healbright may be obligated to disclose a User’s personal information, if directed by a court of law or other governmental entity. Without limiting the foregoing, we reserve the right to disclose such information where we have a good faith basis to believe that such action is necessary to: (a) comply with applicable laws, regulations, court orders, government and law enforcement agencies’ requests; (b) protect and defend Healbright’s or third party's rights and property, or safety of Healbright, our users, our employees, or others; (c) prevent, detect, investigate and take measures against criminal activity, fraud and misuse or unauthorized use of our Services and/or to enforce our Terms of Use or other agreements or policies; and/or (d) protect your personal safety or property or that of the public. In the event that your information is disclosed, we will comply with the law and make commercially reasonable efforts to notify you.

Healbright may also use and share Non-Personal Information we collect with third parties to develop and deliver targeted advertising on our website or applications of third parties, and to analyze and report on advertising you see. We may combine Non-Personal Information we collect with additional Non-Personal Information collected from other sources. We also may share aggregated, non-personal information with third parties, including advisors, advertisers and investors. For example, we may engage a third party acting on our behalf to collect web log data from you (including IP address and information about your browser or operating system) when you use our website and other websites you may access during your Internet browsing session, or place or recognize a unique cookie on your browser to enable you to receive customized advertisements or content. For more information regarding your choices about how third parties collect information about you on our website see the section titled Do-Not-Track Procedures below.

Please keep in mind that all of the information that you disclose or content that you post in your user profile, forum posts, comments, or other public portions of our website becomes public information. Because this information is publicly available, we cannot control how others treat it so we ask all Users to exercise care in deciding what information they chose to share.

Data Retention

We will save your PII until you erase you delete your account or otherwise exercise your right to erase your PII.

Access to Your Information and other rights

You are, at any time and free of charge, entitled to receive a copy of the PII that we hold about you and information about the processing thereof. Please note that Healbright needs to be able to determine your identity in order to be able to respond to your request.

If you believe that any PII we are holding is incorrect or incomplete please send an email with your specific request to Contact@Healbright.com. We will work with you to make any corrections deemed necessary. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. Additionally, note that registered Instructors and Students may change visibility of their respective personal information throughout our website by editing their personal profiles.

You have the right to request that Healbright restricts the processing of your PII under certain conditions. For example, if you contest the accuracy of the PII, the processing may be restricted for a period enabling Healbright to verify the accuracy of the PII or if Healbright no longer needs the PII for the purposes of the processing but you require the PII for the establishment, exercise, or defense of legal claims.

You have the right to have your PII deleted without undue delay and Healbright is obliged to delete your PII without undue delay if, for example, the PII is no longer necessary in relation to the purpose for which it was collected or otherwise processed. Please note that Healbright is not obliged to delete the PII if Healbright can show that the processing is necessary, for example, for the establishment, exercise, or defense of a legal claim.

If you provide your email address to Healbright, you will always have the opportunity to opt out of receiving email newsletters and promotions through the unsubscribe link in the email communications or by logging into and changing the preferences for your user account. We may send you other types of transactional and relationship e-mail communications, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt out of receiving them. Please note that changing information in your account, or otherwise opting out of receipt of promotional email communications will only affect future activities or communications from us. If we have already provided your information to a third party (such as a credit card processing partner) before you changed your preferences or updated your information, you may have to change your preferences directly with that third party.

You have the right to object, on grounds relating to your particular situation, at any time to Healbright's processing of your PII if the processing is based on, for example, legitimate interests. If you object to such processing, Healbright will no longer be entitled to process your PII based on such legal basis, unless Healbright can demonstrate compelling legitimate grounds for the processing which overrides your interests, rights, and freedom or if it is conducted for the establishment, exercise, or defense of a legal claim.

You have, under certain conditions, the right to receive the PII concerning you and which you have provided to Healbright, in a structured, commonly used and machine-readable format and have the right to transmit such PII to another data controller without Healbright trying to prevent this, where Healbright's processing of your PII is based on a contract or consent and the processing is carried out by automated means. In such case you have the right to request that the PII shall be transmitted from Healbright directly to another data controller, where technically feasible.

You also have the right to withdraw your consent, if applicable. If you withdraw your consent, please note that this does not affect the lawfulness of the processing based on your consent before its withdrawal and that Healbright may, under certain circumstances, have another legal ground for the processing and therefore may be entitled to continue the processing.

If you would like to exercise your rights, you may contact us on the contact details provided at the bottom of this Privacy Policy.

If you are unhappy with our processing of your PII or of an alleged infringement of the General Data Protection or other applicable data privacy laws, you may lodge a complaint with a competent supervisory authority, for example in the country of your habitual residence, place of work.

Our Policy Concerning Children

As stated in our Terms of Use, our website and Services are offered and available only to you if are 18 years or older, or if you are between 13 and 18 years old and have obtained the consent of a parent or legal guardian prior to accessing the website, registering an account, or using the Services. If you do not meet this eligibility requirement, you may not use our website or Services. Healbright does not knowingly collect or store any personal information from or about children under the age of 13. We will delete such information if we become aware that it has been submitted through our website. Parents or legal guardians who believe that Healbright might have any information from or about a child under the age of 13 may submit a request to Contact@Healbright.com and request that such information be removed.

Securing Your Information

Healbright takes a range of security measures designed to protect your PII and keep it confidential (unless it is non-confidential by nature) and free from any unauthorized alteration. For example, only authorized employees are permitted to access personal information, and they may do so only for permitted business functions. In addition, we use encryption in the transmission of financial information between your system and ours, and we use firewalls to help prevent unauthorized persons from gaining access to your personal information.

Where we have given you (or where you have chosen) a password for access to certain parts of our website, you are responsible for keeping this password confidential. As the safety and security of your information also depends on the precautions you take, we ask you not to share your password with anyone.

Third Parties and Other Information Collectors

Except as otherwise expressly included in this Privacy Policy, this document only addresses the use and disclosure of information we collect from you. To the extent that you disclose your information to other parties through our website, whether between Instructor and Student or other Users or individuals, different rules may apply to their use, collection, and disclosure of the personal information you disclose to them. Since we do not control the information use, collection, or disclosure policies of third parties, you are subject to their privacy policies.

Our website may include links to third party websites. Once you have used these links to leave our website, you should note that we do not have any control over third party websites. We are not responsible for the content of such websites or the protection and privacy of any information which you provide while visiting such sites. Third-party websites are not governed by this Privacy Policy. You should exercise caution and look at the privacy policies applicable to the websites in question.

Do-Not-Track Procedures

Note that any Do-Not-Track instructions from your browser or similar mechanism will not affect our collection of the data that you voluntarily provide to Healbright through such means as browsing our website, signing up for any of the Services or any Courses, entering PII into information fields on our website, or posting on any of our forums or blogs. Be advised that third parties are free to collect any information that you volunteer to Healbright that is visible to the public. Therefore, please do not provide Healbright with any information that you do not want collected.

Users Outside of the United States

The Services are hosted in the United States and are governed by the laws of the United States. If you are using the Services outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States where Healbright’s servers and databases are located. By using the Sites, you consent to the transfer of information to countries outside your country of residence.

Transfer of personal information to countries outside the EU/EES

Healbright is incorporated and based in the United States of America. Your PII is therefore transferred outside the European Union ("EU") and European Economic Area ("EEA"). Such transfer is necessary for the performance of the contract between you and Healbright (article 49.1 (b) of the GDPR).

The Instructors and Schools may also be established in countries outside the EU/EEA. Such transfers are necessary for the performance of the contract between you and Healbright (article 49.1 (b) of the GDPR).

Your PII is also transferred to and processed by third party payment providers (such as Stripe and Paypal) and your bank. Such transfers are necessary for performance of the contract between you and Healbright (article 49.1 (b) of the GDPR).

Some of the third parties identified above may also be located outside the EU/EEA, in which case we will take all necessary steps required under applicable law in order for such transfer of information across borders to be compliant with applicable law. For example, in cases where there is no adequacy decision by the Commission, this may include the use of EU model clauses (under Article 46.2 of the GDPR) or ensuring that the recipient is certified under the US-EU Privacy Shield Framework (under Article 45 of the GDPR). You may receive a copy of the relevant safeguards by contacting Healbright using the contact details set forth below in this Privacy Policy.

Our Vendors / Sub-Processors

Each of our Vendors / Sub-Processors will have an executed DPA to ensure compliance under the EU GDPR requirements. An audited minimum relevant set of data is shared with each vendor:

  • Stripe/Paypal/ThriveCart -- payment data is maintained here.
  • MailChimp -- user data for email marketing is maintained here.
  • Mixpanel -- user data for analytics purposes is maintained here.
  • Google Analytics -- user data for analytics purposes is maintained here.
  • Google -- user, employee and applicant data is maintained here through products like Gmail or Drive.
  • Wistia -- user video analytics from weekly wellness data is maintained here.
  • Segment – sends user analytics data to mixpanel.
  • Zapier – sends user data to third party applications (Google Drive and Mail Chimp).
  • Teachable -- the bulk of user data is hosted here ; user enrollment, course progression, and payment data.

  • No Rights of Third Parties

    This Privacy Policy does not create rights enforceable by third parties or require disclosure of any personal information relating to users of the website.

    Changes to this privacy policy

    Company has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the bottom of this page. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

    Your acceptance of these terms

    By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.

    Contact Us

    If you have questions or concerns regarding this Privacy Policy or Healbright's processing of your PII or if you would like to exercise your rights described in this Privacy Policy you may contact us at:

    Healbright, LLC

    1415 Park Ave W

    Denver, Colorado 80205

    Email: Contact@Healbright.com

    Last Modified: [5/24/2018]

    Sign up for free sample videos and guided meditations

    FREE COURSE SAMPLE!

    Sign up for our newsletter
    View Course Sample

    Log in to Healbright

    Individual Account
    - or -
    Corporate Account