Privacy policy.

Effective Date: 23 May 2025

Kindful respects your right to privacy and is committed to safeguarding your personal information. This Privacy Policy outlines how we collect, use, store, and disclose your personal and sensitive information in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth).

By using our website or engaging with our services, you consent to the terms of this policy.

1. Collection of Personal and Sensitive Information

We may collect the following types of information:

Personal information:
This includes your name, email address, postal address, phone number, and payment details.

Sensitive information (as defined under the Privacy Act):
This may include health or psychological information you choose to share in forms, assessments, or retreat applications. We only collect sensitive information with your explicit consent and when necessary to deliver a service.

We collect information when you:

  • Subscribe to our mailing list or download resources

  • Register for an event, retreat, or workshop

  • Purchase a product or service

  • Contact us through forms or email

  • Use our self-assessment tools

2. Purpose of Collection

We collect personal information to:

  • Deliver services, resources, and products you request

  • Send updates, newsletters, and marketing materials (only if you opt in)

  • Process payments and registrations

  • Understand your needs and improve our offerings

  • Comply with legal and regulatory obligations

We will not use your information for any other purpose without your consent, unless required or authorised by law.

3. How We Store and Protect Your Information

We take reasonable steps to ensure your information is protected from misuse, loss, unauthorised access, modification, or disclosure.

Email marketing (Flodesk):
Email addresses are stored securely in Flodesk, which uses industry-standard encryption and complies with global data privacy requirements. You can unsubscribe at any time via the link in our emails.

Website hosting (Squarespace):
Forms submitted through our website are transmitted over encrypted (SSL) connections. Squarespace employs security protocols to protect data, but no online service can guarantee 100% security.

Payment processing (Stripe/PayPal):
All payments are processed securely via third-party providers Stripe and PayPal. Kindful does not store credit card or payment details. These platforms are PCI-DSS compliant and use encryption and secure authentication methods.

4. Disclosure of Personal Information

We will not share your personal or sensitive information with third parties unless:

  • You have provided consent

  • It is necessary to deliver the service (e.g., payment processing)

  • We are legally required to do so

In some cases, third-party service providers may be located outside Australia. When this occurs, we take reasonable steps to ensure they comply with the APPs or are subject to equivalent privacy obligations.

5. Access and Correction

You have the right to:

  • Access personal information we hold about you

  • Request corrections if the information is inaccurate, out of date, or incomplete

To request access or correction, please contact us at the email below. We may require verification of your identity before processing the request.

6. Complaints

If you have a concern about how your personal information has been handled, please contact us at [insert email]. We take privacy concerns seriously and will respond promptly.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
https://www.oaic.gov.au/privacy/privacy-complaints/

7. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. The latest version will always be available on our website.

8. Contact Us

If you have any questions about this policy or the way we handle your data, please contact: hello @ kindful.com.au