Our Privacy Policy
At Bubbling Lotus we value data protection....
-
We are an ICO-registered organisation
-
We only collect data about you that's required in order to deliver our products & services
-
We never retain data for any longer than is required
-
We will never sell your data to a 3rd party
​
A summary of the data we collect and how it is stored & used is as follows. You can also find our full Privacy Notice further down this page.
What is my data being used for?
​
Bubbling Lotus stores and processes data to help us maintain your account, provide our products & services, process and store transaction details, offer customer support and send newsletters and offer details.
​
What will happen to my data?
​
Bubbling Lotus may use your data to send you information, updates and offers for Bubbling Lotus services we think you’ll be interested in. You can unsubscribe from our newsletter at any point and you can also request removal from any other mailing lists we hold. Simply contact us to make these requests or use the unsubscribe link at the bottom of our newsletter.
​
What data will be kept and stored?
​
Bubbling Lotus stores account registration details, transaction details, usage information and any information about your web preferences on our website.
We will also store any information provided by you when you complete a pre-course assessment form. This may include details of any mental or physical conditions that you choose to make us aware of prior to attending either an in-person or online course as well as your reasons for attending the course. Please note that provision of this additional (pre-course) information is voluntary and does not prohibit you from purchasing or using our services.
​
What data will be shared with others?
​
We only share your data with regulators or government bodies if requested in order to comply with legal or regulatory requirements.
​
How long will my data be kept for?
​
Bubbling Lotus will store your data for a period of 7 years after your last attempted login. After this period, your account will be deleted.
​
You can also request your account to be deleted at any time.
​
Please note that financial & transactional data will be kept for a period of time no less than that required to comply with tax legislation.
​
Who will be able to access my data?
​
Bubbling Lotus will never sell or share your data to any third-party, unless you grant us your explicit permission to do so.
​
How will my data be kept and made secure?
​
The Bubbling Lotus platform is built on Wix. The following statement is from Wix:
“Wix has servers all over the world, including Europe and the United States, as well as backup servers in multiple locations.
If the Processing of the User Customer Data involves transfer of such data outside of the European Economic Area (EEA) and the European data protection regulations apply to the transfers of such data, these transfers will be conducted in compliance with all applicable data protection regulations.”
​
We also use Calendly.com as a 3rd party calendar booking system within the website. You can find their Privacy Policy here.
​
In addition, Bubbling Lotus will use administrative systems, such as an accountancy system, to store and process financial transaction information which may include details such as names and addresses on invoices. These systems have been carefully selected to ensure that data privacy principles (including those outlined by the GDPR) are adhered to. Some of these systems may back-up or transfer data to locations outside of the EEA.
​
Privacy Notice
Last Updated: 30th November 2023
Bubbling Lotus takes your privacy seriously. That is why we will only use your personal information to provide you with the products and services you have requested, as well as to administer your account. We will not sell or share your information with third-parties unless you grant us explicit permission to do so, and we will never use your personal data for any reason other than the reasons described within this policy.
​
About our privacy policy
Our privacy policy outlines your relationship with our company and explains in detail how we use the information that you provide us with.
​
About Bubbling Lotus
Bubbling Lotus is the trading name of Bubbling Lotus Ltd, which is registered in the United Kingdom and registered with the UK’s Information Commissioner’s Office under the Data Protection Act 2018. Our data controller is Gary Reynolds, and we encourage you to get in touch with any questions you may have about Bubbling Lotus.
You can reach us by:
-
Website: www.bubblinglotus.online
Changing your preferences
If you’d like to change your web, contact or marketing preferences, you can do so at any time. Simply use the Cookies functionality on the website or contact us at contact@bubblinglotus.online to request the necessary amendments.
​
How we do business
Bubbling Lotus is committed to upholding and maintaining your personal rights. We operate our business in-line with the European Union’s General Data Protection Regulation (GDPR) and observe your rights to change or withdraw your opt-in options at any time. As part of our ongoing commitment to uphold your rights, Bubbling Lotus will also extend advice on how you can issue formal complaints to relevant authorities, such as the Information Commissioner’s Office should you request it.
​
Sensitive data
Bubbling Lotus does not need to collect sensitive data about you. Sensitive data refers to (but is not limited to) information about your race or ethnic background, religious or political affiliations, trade union affiliations, sexual orientation, criminal background or health background.
However, our pre-course assessment forms do ask whether you wish to make us aware of any mental health or physical health conditions prior to joining one of our courses. Providing this information allows us to tailor our courses to better-suit participants. Provision of this data is entirely voluntary and if you choose to provide this data, Bubbling Lotus will obtain your explicit consent for processing this sensitive data.
​
You can still attend our courses even if you choose not to provide information on any mental or physical health conditions.
​
Who our privacy policy applies to
This privacy policy has been developed to inform users of Bubbling Lotus how we use their data. Bubbling Lotus is a provider of meditation and mindfulness-based products & services, and we need to process the data of individuals to offer these products and/or services. Bearing that in mind, our privacy policy applies to any and all individuals registered with us as a user, customer, administrator or in any other capacity.
​
What information this policy applies to
There is a lawful basis for processing your data, and this section of our privacy policy outlines how this applies to the personal information you provide us with or allow us to collect.
​
The information this policy applies to includes information that you:
-
Provide as part of any registration process (either to register as a website user or via a pre-course assessment form)
-
Provide as part of any campaign creation activity, such as subscribing to our newsletter
-
Provide in the form of numerical data, metadata or communications
-
Give us as part of our ongoing relationship
This policy also applies to information that we:
-
Collect relating to how you interact with our website
-
Must process to complete purchases and other transactions
Consent
Please note that when you submit personal data on our website, you are giving Bubbling Lotus your explicit consent that we can use that data in line with our privacy policy.
​
Opting-out
After giving Bubbling Lotus your consent, you are free to amend your consent or withdraw your consent at any time. You have the right to object to the processing of your data. To opt-out, change your preferences or revoke your consent, simply contact us by emailing dataprotection@bubblinglotus.online or using the contact page on our website.
Data processing, storage & security
Bubbling Lotus stores data in accordance with Wix data storage policies, summarised as follows:
"Wix has servers all over the world, including Europe and the United States, as well as backup servers in multiple locations.
If the Processing of the User Customer Data involves transfer of such data outside of the European Economic Area (EEA) and the European data protection regulations apply to the transfers of such data, these transfers will be conducted in compliance with all applicable data protection regulations."
​
We will store your data in line with the following timeframes:
-
Account information will be stored for a period of 7 years after your last recorded login attempt unless otherwise noted and explicitly stated.
-
Data relating to transactions, payments and orders will be stored for a period of 7 years. This period may be extended under certain circumstances as part of our ongoing commitment to comply with UK and international law.
-
Data related to any high-level mental or physical health information you choose to voluntarily make us aware of will be stored for a period of 1 year.
​
We use Calendly.com as a 3rd party calendar booking and management component within our website. You can find the calendly.com privacy policy here. This component collects and processes name and contact details, such as your email address and mobile phone number.
​
We use carefully selected and recognised third-parties to help us take payments, provide commerce services and manage company accounts. Some of these third-parties may operate outside the European Union.
Bubbling Lotus may process your data based on more than one legal ground or legitimate basis. Circumstances under which we may be required to process your data under more than one legal ground or legitimate basis may include:
​
Reason: Customer registration
Data Type: Identity and contact information
Basis: To carry out a contract we’ve made with you or to provide a product or service.
Retention Period: 7 years
​
Reason: Processing and/or delivering your order
Data Type: Identity, contact information, financial information, financial and transactional data
Basis: To carry out a contract we’ve made with you, to provide a product or service and to exercise our legitimate interests to recover debts owed.
Retention Period: 7 years
​
Reason: To manage our customer relationship with you
Data Type: Identity, contact information, marketing and communications preferences
Basis: To carry out a contract we’ve made with you, to comply with legal obligations and to exercise our legitimate interests to keep our records updated.
Retention Period: 7 years
​
Reason: Assess your suitability for a course
Data Type: Identity and contact information, plus any high-level mental or physical health information you choose to voluntarily make us aware of
Basis:To carry out a contract we’ve made with you or to provide a product or service.
Retention Period: 7 years for identity and contact information, 1 year for high-level mental or physical health information.
Bubbling Lotus has implemented a series of security measures to make sure that your personal data is protected from accidental loss, unauthorised access, alteration or disclosure. Bubbling Lotus limits access to your data only to those employees, agents, contractors or other third parties with a legitimate reason to access that information. Those individuals or organisations will only ever process or access your personal data upon our explicit instructions. They are subject to a duty of confidentiality.
​
Marketing and communications
Bubbling Lotus may send you marketing communications if you have given us your contact details and opted-in to marketing communications. You can opt-out of these marketing communications and manage your preferences at any time. If you need assistance to do this, please contact us.
Our company obligations
As a data controller, Bubbling Lotus is legally responsible for the data you provide us with. In honouring that responsibility, we pledge to uphold our commitments under GDPR and the Data Protection Act 2018.
We will only ever use your data:
-
In ways that are both fair and legal
-
As described within this policy
-
In ways that are necessary for the purposes described
In addition, Bubbling Lotus processes the personal data you submit to us or we collect as a data processor. As part of this role, Bubbling Lotus takes all necessary precautions to secure the personal data we collect, process and store.
We may occasionally use the data you provide us with for marketing, relationship management or account management activities. These activities are designed to ensure you have adequate information about other products and/or services we offer, that we have reason to believe you may be interested in. You have the right to opt-out of these activities at any time.
Third-Parties
Bubbling Lotus never shares your personal data with third-parties unless those parties have been explicitly mentioned within our privacy statement.
​
Bubbling Lotus may be required to share your personal data with carefully selected third-parties for the identified processing purposes. These third parties may include:
​
-
IT or system administration services providers.
-
Professionals providing banking, legal, accounting, consultancy and/or insurance services.
-
Government regulators based in the United Kingdom and other relevant jurisdictions.
-
HM Revenue & Customs.
-
Any existing or future third parties to which Bubbling Lotus may sell, transfer or merge aspects of our business or assets.
All third parties to which we transfer data are required to respect your personal data, keep it secure and process it only for the specified purposes for which it has been collected. Third parties will only ever receive or process your data with our explicit permission.
​
Our security
As part of our ongoing commitment to data protection, Bubbling Lotus will report any security breaches or attempted breaches to the relevant authorities within 24 hours of detection. We will subsequently contact all those affected by the breach within 72 hours of the breach being detected.
​
Legitimate interests
As part of the Data Protection Act 2018, Bubbling Lotus observes the right to share selected information with third-parties that use data for non-marketing purposes. This could include (but is not limited to) organisations that provide credit assessments, identification services and fraud prevention activities.
​
Complaints Procedure
If you are not happy with how your personal data has been processed, you should contact Gary Reynolds (dataprotection@bubblinglotus.online) in the first instance. If Gary Reynolds is unable to satisfy your concerns, you have the right to apply to the Information Commissioner’s Office for a resolution.
You can contact the Information Commissioner’s Office at the following address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
​
Contact us
Bubbling Lotus is committed to upholding your rights. If you have any questions, comments or concerns about this privacy policy or wish to exercise your rights in relation to your personal data, please contact Gary Reynolds by emailing dataprotection@bubblinglotus.online.
​
We will process any request within 20 days. Subject Access Requests are normally performed free of charge, but we may need to charge individuals for excessive or unreasonable data requests.
​