Soma+Soul, LLC (“Soma+Soul”) respects your privacy and is committed to protecting it through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit the website, www.somaandsoul.co and our practices for collecting, using, maintain, protecting, and disclosing that information.
This policy applies to information we collect:
It does not apply to information collected by:
Soma+Soul also complies with the U.S.-EU Privacy Shield and the U.S. Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce at https://www.privacyshield.gov/US-Businesses regarding the collection, use, and retention of personal data from the European Union member countries and Switzerland. Soma+Soul complies with the seven (7) Privacy Shield Principles, including notice; choice; accountability for onward transfer; security; data integrity and purpose limitation; access; and recourse, enforcement, and liability.
Acting As a Processor on Behalf:
When acting in the capacity of a processor on behalf, Soma+Soul acts only on the instructions of the “data controller” clients and does not control or share such data without direction from the client. For such processing, Soma+Soul enters into appropriate agreements with the clients, providing that the client is the data controller for the purpose of the EU Data Directive and is in compliance with the applicable data protection laws.
Acting as a Data Controller:
When acting in the capacity of a data controller, Soma+Soul must comply with all the principles of the EU-US Privacy Shield and the US-Swiss Safe Harbor. When collecting information from EU data subjects, Soma+Soul gives notice that the personal information will be used and will be transferred to third parties. When Soma+Soul receives personal information from the EU to the US, Soma+Soul must have contractual provisions with the EU data controller that the personal information has been provided in accordance with the applicable EU Member State data protection laws to ensure that individuals have been provided with appropriate notice regarding how their information will be used.
Soma+Soul complies with the Notice and Choice principles for all data disclosed or transferred to a third party. In the event that Soma+Soul utilizes data processors to perform tasks on behalf of and/or under the instruction of Soma+Soul, Soma+Soul requires its data processors to enter into a written agreement with Soma+Soul which requires them to provide the same level of protection that Soma+Soul provides.
Our Website is not intended for children under 13 years of age. No one under age 13 may provide any personal information to the Website. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website or on or through any of its features/register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at:
We collect several types of information from and about users of our Website, including information:
We collect this information:
The information we collect on or through our Website may include:
You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking), including Google Analytics. Please consult our privacy settings for information on how you can opt out of behavioral tracking on this website and how we respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking.
The information we collect automatically is statistical data and (or does not) may include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
The technologies we use for this automatic data collection may include:
We use information that we collect about you or that you provide to us, including any personal information:
We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you. If you do not want us to use your information in this way, please contact Soma+Soul at email@example.com
We may use the information we have collected from you to enable us to display advertisements to our advertisers’ target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.
We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.
We may also disclose your personal information:
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
We do not control third parties’ collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website.
As referenced above, Soma+Soul complies with the EU-US Privacy Shield and the US-Swiss Privacy Shield. As such, Soma+Soul agrees to honor requests, opt-outs, and setting changes regarding the data of citizens of the European Union. Individuals shall have the opportunity to opt out of providing information that will be disclosed to a third party (unless the third party is acting as an agent on behalf of the organization), if the data is used in a materially different way than its original purpose. For sensitive information, Soma+Soul agrees to obtain affirmative express consent before disclosure or using the data in a materially different way.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, destruction, and disclosure. Soma+Soul uses SSL certificates to securely encrypt information.
The safety and security of your information also depends on you. Soma+Soul uses password encryption to ensure the security of your account. Where we have given you or where you have chosen a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.
Unfortunately, the transmission of information via the internet is not completely secure. Soma+Soul makes no representations or warranties as to the security of your data. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
Consistent with the EU-US Privacy Shield and the US-Swiss Privacy Shield, Soma+Soul takes reasonable steps to ensure that the information received or provided is accurate, complete, current, reliable, and is compatible with the purposes for which it was originally collected. Soma+Soul agrees to adhere to this for as long as it retains such information. Data may be retained for as long as it serves its purpose. Such circumstances may include customer service, compliance, legal considerations, auditing, security and fraud prevention, or other purposes that may be reasonable within the circumstances.
You can review and change your personal information by logging into the Website and visiting your account profile page. EU citizens are also granted access to personal information regarding them and are able to correct, amend, or delete that information if it is not accurate or if it has violated the EU-US Privacy Shield or the US-Swiss Safe Harbor, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
You may also send us a message to firstname.lastname@example.org to request access to, correct, or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
Effective privacy protection must include robust mechanisms for assuring compliance with the laws, recourse for those who do not comply with the laws, and consequences for the organization when they do not adhere to the EU-US Privacy Shield or the US-Swiss Safe Harbor.
Soma+Soul provides an independent mechanism by which individuals can lodge complaints and disputes are investigated expeditiously, at no cost to the individual. Please email us at email@example.com to lodge any complaints.
Soma+Soul has follow-up procedures for verifying the assertions made regarding the privacy practices.
When Soma+Soul receives requests from outside organizations, including EU Member State Authorities, the company will comply with requests for compliance and will respond to investigations to resolve the complaint.
Organizations must arbitrate claims, provided that the individual has invoked binding arbitration.
If Soma+Soul has received an onward transfer of data, it has responsibility for processing the information and transferring it to the third party.
If the company becomes subject to an FTC or court order based on non-compliance, the organization shall make public any relevant Privacy Shield-related sections of any compliance or assessment report submitted to the FTC, to the extent consistent with confidentiality requirements.
California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us at: