Privacy Policy
Last Updated: Nvember 1, 2025
We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and protect your data when you use our online courses and website.
1. Who We Are
Business Name : Indaba Group, LLC
Contact : connect [at] yogaressa [dot] com
Location : 7901 4th St N, Suite 300, St. Petersburg, FL, 33702, USA
For EU/UK Residents : We are the data controller responsible for your personal information.
2. What Information We Collect
Information You Give Us:
Account Information: Name, email address, password
Payment Information: Billing details (processed securely by our payment processor; we don’t store full credit card numbers)
Profile Information: Any optional information you provide (e.g., experience level, interests, phone number)
Communications: Messages you send us, feedback, or support requests
Information Collected Automatically:
Usage Data: Which courses you access, progress through modules, time spent
Device & Browser Information: IP address, browser type, device type, operating system
Cookies & Similar Technologies: We may use cookies to improve your experience (see Section 8)
Information We Don’t Collect:
We don’t collect sensitive health information unless you voluntarily share it with us in communications.
3. How We Use Your Information
We use your information to:
Provide Our Services:
● Create and manage your account
● Deliver course content and track your progress
● Process payments and send receipts
Improve Our Services:
● Understand how students use our courses
● Fix technical issues
● Develop new features and content
Communicate With You:
● Send course updates and important information
● Respond to your questions and requests
● Send occasional emails about new courses (you can opt out anytime)
Legal & Security:
● Comply with legal obligations
● Prevent fraud and protect our services
● Enforce our Terms & Conditions
4. Legal Basis for Processing (GDPR)
If you’re in the EU/UK/EEA, we process your data based on:
● Contract: To provide the courses you’ve enrolled in
● Legitimate Interests: To improve our services, ensure security, and communicate about our courses
● Consent: For marketing emails (you can withdraw consent anytime)
● Legal Obligation: To comply with tax, accounting, and legal requirements
5. How We Share Your Information
We don’t sell your personal information. We only share it in these limited circumstances:
Service Providers: We work with trusted companies that help us operate our business:
● Payment Processors: [e.g. Stripe, PayPal] to process payments securely
● Email Services: [e.g. Mailchimp, HighLevel ] to send course communications
● Hosting Services: [e.g. HighLevel, YouTube, Bluehost] to host our website and courses
● Analytics: [e.g. Google Analytics] to understand website usage (anonymized where possible)
These providers are contractually obligated to protect your data and only use it for specified purposes.
Legal Requirements: We may disclose information if required by law, court order, or to protect our rights and safety.
Business Transfers: If we’re acquired or merged with another company, your information may be transferred to the new owners.
With Your Consent: We’ll share information for other purposes only with your explicit permission.
6. International Data Transfers
For EU/EEA/UK Residents: Your information may be transferred to and processed in countries outside the EU/EEA/UK, including the United States. When we do this, we ensure appropriate safeguards are in place:
● Standard Contractual Clauses approved by the EU Commission
● Service providers certified under relevant data protection frameworks
● Your data receives equivalent protection regardless of location
7. Your Privacy Rights
You Have the Right To:
● Access: Request a copy of your personal information
● Correct: Update inaccurate or incomplete information
● Delete: Request deletion of your account and data (subject to legal retention requirements)
● Opt-Out: Unsubscribe from marketing emails (service emails may still be necessary)
Additional Rights for EU/EEA/UK Residents (GDPR):
● Restrict Processing: Limit how we use your data in certain circumstances
● Data Portability: Receive your data in a machine-readable format
● Object: Object to processing based on legitimate interests
● Withdraw Consent: Withdraw consent for marketing or other consent-based processing
● Lodge a Complaint: File a complaint with your local data protection authority
Additional Rights for California Residents (CCPA):
● Know: What personal information we collect, use, and share
● Delete: Request deletion of your personal information
● Opt-Out: Opt-out of the “sale” of personal information (we don’t sell data)
● Non-Discrimination: Exercise rights without discrimination
How to Exercise Your Rights: Email us at: connect [at] yogaressa [dot] com with your request. We’ll respond within 30 days (or as required by applicable law).
8. Cookies & Tracking Technologies
What Are Cookies? Small text files stored on your device that help websites function and remember your preferences. The information does not usually directly identify you, but it can give you a more personalized web experience.
How We May Use Cookies:
● Essential Cookies: Required for login, course access, and security (cannot be disabled)
● Analytics Cookies: Help us understand how you use our site (e.g., Google Analytics)
● Preference Cookies: Remember your settings and preferences
Your Cookie Choices:
● Most browsers let you block or delete cookies through settings
● Blocking essential cookies may affect course functionality
9. Data Security
We take security seriously and implement appropriate measures:
● Encryption (SSL/TLS) for data transmission
● Secure password storage
● Limited employee access to personal data
● Secure payment processing (PCI-DSS compliant processors)
However, no system is 100% secure. You’re responsible for keeping your password confidential.
10. Data Retention
How Long We Keep Your Data:
Account Data: As long as your account is active, plus 7 years after closure for legal/business purposes
Payment Records: As required by tax and accounting laws (typically 7 years)
Marketing Data: Until you unsubscribe or request deletion
Usage Data: Typically 2-3 years for analytics purposes
We’ll delete or anonymize data when no longer needed.
11. Children’s Privacy
Our services are not directed at children under 16 (or under 13 in the US). We don’t knowingly collect information from children. If you’re a parent and believe your child has provided us with information, please contact us, and we’ll delete it.
12. Third-Party Links
Our website may link to external sites. We’re not responsible for their privacy practices. Please review their privacy policies.
13. Changes to This Privacy Policy
We may update this policy occasionally to reflect changes in our practices or legal requirements. We’ll notify you of significant changes via:
● Email to your registered address
● Notice on our website
Continued use after changes indicates acceptance of the updated policy.
14. Contact Us
Questions?
Email: connect [at] yogaressa [dot] com
For EU/EEA/UK Residents:
You also have the right to lodge a complaint with your supervisory authority:
UK: Information Commissioner’s Office (ico.org.uk)
EU: Your country’s data protection authority
Find your authority: https://edpb.europa.eu/about-edpb/board/members_en
Your use of the services offered by Indaba Group, LLC, including the purchase of any course or product, constitutes your acceptance of these Terms & Conditions and the Privacy Policy.