Privacy Policy

Privacy Policy

Effective Date: 1/1/2025
Last Updated: 1/2/2026

GYST Yoga (“GYST Yoga,” “we,” “us,” or “our”) values your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website, sign up for classes, purchase services, or otherwise interact with us.

This policy is intended to comply with:

  • California Consumer Privacy Act (CCPA/CPRA)

  • EU General Data Protection Regulation (GDPR)

1. Information We Collect

A. Personal Information You Provide

We may collect personal information when you:

  • Sign up for classes, workshops, or memberships

  • Subscribe to emails or newsletters

  • Complete a contact or inquiry form

  • Create an account

  • Make a purchase

This information may include:

  • Name

  • Email address

  • Phone number

  • Billing address

  • Payment information (processed by third-party providers)

  • Account login credentials

  • Any information you choose to provide in messages or forms

B. Information Collected Automatically

When you visit our website, we may automatically collect:

  • IP address

  • Browser type and version

  • Device information

  • Pages viewed and actions taken

  • Date and time of visits

  • Referring URLs

This data is collected using cookies and similar technologies.

C. Sensitive Personal Information

We do not intentionally collect sensitive personal information (such as health data). If you voluntarily provide such information, you consent to our processing of it for the purpose you provide it.

2. How We Use Your Information

We use personal information to:

  • Provide and manage classes, events, and services

  • Process payments and bookings

  • Communicate with you about schedules, updates, and promotions

  • Respond to inquiries and customer service requests

  • Improve our website and offerings

  • Maintain security and prevent fraud

  • Comply with legal obligations

3. Legal Bases for Processing (GDPR)

For individuals located in the European Union, we process personal data based on:

  • Consent (e.g., email marketing)

  • Contractual necessity (e.g., class registration and payment)

  • Legitimate interests (e.g., improving services, security)

  • Legal obligations

4. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Enable website functionality

  • Analyze website performance

  • Improve user experience

You can manage cookie preferences through your browser settings.
[If applicable: We use tools such as Google Analytics.]

5. Sharing of Personal Information

We may share personal information with:

  • Service providers (e.g., scheduling software, email platforms, payment processors)

  • Technology vendors who support our website operations

  • Legal authorities when required by law

We do not sell personal information as defined under California law.

6. California Privacy Rights (CCPA/CPRA)

California residents have the right to:

  • Know what personal information we collect and use

  • Request access to their personal information

  • Request deletion of personal information

  • Correct inaccurate personal information

  • Opt out of the sale or sharing of personal information (we do not sell personal data)

  • Not be discriminated against for exercising privacy rights

To exercise your rights, contact us at:
Email: [Insert Privacy Contact Email]

7. European Union Privacy Rights (GDPR)

If you are located in the EU, you have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Request deletion (“right to be forgotten”)

  • Restrict or object to processing

  • Data portability

  • Withdraw consent at any time

  • Lodge a complaint with your local data protection authority

8. Data Retention

We retain personal information only as long as necessary to:

  • Provide our services

  • Fulfill legal and accounting obligations

  • Resolve disputes

  • Enforce agreements

9. Data Security

We use reasonable administrative, technical, and physical safeguards to protect your personal information. However, no system is 100% secure.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites.

11. Children’s Privacy

Our services are not directed to children under 13, and we do not knowingly collect personal information from children.

12. International Data Transfers

If you are located outside the United States, your information may be transferred to and processed in the U.S. We take steps to ensure appropriate safeguards are in place for international transfers.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised effective date.

14. Contact Us

If you have questions or wish to exercise your privacy rights, contact us at:

GYST Yoga
14 Heather Lane

Rensselaer NY 12144
Email: gystyoga@gmail.com