- Data Protection Officer
- The personal data we collect
- The sensitive personal data we collect
- What we do with your personal data
- Sharing your personal data
- Third-party disclosure
- Your rights
- Subject Access Request
- Data security
- Contact information
WellbiiON is a service created for an easy search, buying and viewing pre-recorded workshops by best practitioners, therapists, healers from Kuwait and the region.
We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.
2. Data Protection Officer
WellbiiON has appointed the Data Protection Officer for you to contact if you have any questions or concerns regarding Wellbion’s personal data policies or practices. The Wellbion data protection officer’s name and contact information are as follows:
Mohammed Al Ragom
108 West 13th St
3. The personal Data We collect
The personal data we collect depends on your user’s role. For the business owner’s role we are collecting your name, email, phone number, the name of your business, for the payment purpose: the bank name, your IBAN, address. For the user’s role we are collecting: name, email. We are not collecting user’s payment info – we are redirecting users to the 3rd party payment systems for the security reasons. We appreciate personal security and data safety.
4. The sensitive personal data we collect
We do NOT collect any sensitive personal data. According to GDPR, Sensitive personal data is a specific set of “special categories” that must be treated with extra security. These categories are:
Racial or ethnic origin;
Religious or philosophical beliefs;
Trade union membership;
Genetic data; and
Biometric data (where processed to uniquely identify someone).
Wellbiion is a space for mentors, teachers and passionate learners. All races, ethnic groups, religions, genders have the same rights to use our service.
5. What we do with your personal data
As a service-providers we are storing your data in the MySQL DB which is encrypted to keep your data safe.
We process personal data for a number of purposes, some examples being:
- to be able to communicate to users;
- to be able to provide services;
- to be able to assign courses and classes exactly to the user bought it;
- to be able to protect you and other users from abuse or harm from indecent courses or workshops providers;
- to be able to collect and answer to complaints;
- to improve the analytic and service we provide;
- to be able to confirm your identity;
- to be able to keep you logged in (cookies);
- to be able to collect information about visitor behavior on our website, telling us which pages are visited;
- to send you emails and marketing letters from our site.
The principles we have while collecting your personal data:
- used fairly and lawfully
- used for limited, specifically stated purposes
- used in a way that is adequate, relevant and not excessive
- kept for no longer than is absolutely necessary
- handled according to people’s data protection rights
- kept safe and secure
- not transferred outside
6. Sharing your personal data
We do NOT share any personal data with the other parties except of:
- data that business role users need to provide you with a service
7. Third-party disclosure
WellbiiON uses 3rd-party services to improve the service work. The Google Analytics uses the info of user’s behaviour on a site (what pages do users visit).
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
We redirect our users to 3rd-party payment systems such as TAP (for more info about the policy of TAP payment system, please, visit https://www.tap.company/). While using the mobile application, a user sharing his info with the Apple Store or Google Play Market by his own choice. By using our application, the user accepts that:
He/she is informed that “payments will be processed through the Google Play or iTunes app store from which you originally downloaded the application.”
He/she is also informed that he/she can access “the applicable “in-app” purchase rules and policies directly from the app stores.”
8. Your rights
According to this policy the user has rights to:
- To access personal information
- To rectify / erase personal information
- To restrict the processing of your personal information
- To transfer your personal information
- To object to the processing of personal information
- To object to how we use your personal information for direct marketing purposes
- To obtain a copy of personal information safeguards used for transfers outside your jurisdiction
- To lodge a complaint with your local supervisory authority
If you wish to access any of the above-mentioned rights, we may ask you for additional information to confirm your identity and for security purposes, in particular before disclosing personal information to you.
We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
You can exercise your rights by sending us an email firstname.lastname@example.org. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly or inform you if we require further information in order to fulfill your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others or if we are legally entitled to deal with the request in a different way.
9. Subject access request
Users have well-defined rights under the GDPR when it comes to having access to their personal data. By submitting a user access request, also known as a Subject Access Request (or SAR), we provide the following information free of charge:
- What personal information pertaining to the user is being processed
- Why this information is being processed
- Who has access to this personal information about the user
- How this personal information is being used in automated decisions
- What processes are using this information
A user access request will be completed within 30 days and include a copy of the personal information.
Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
We use just one cookies type: session cookies. We use Session Cookies to operate our Service.
11. Data Security
We have implemented and maintain appropriate technical and organizational security measures, policies and procedures designed to reduce the risk of accidental destruction, or loss, or unauthorized disclosure or access to such information appropriate to the nature of the information concerned, including:
- (where appropriate) password protection, encryption, and use of secure communication transmission software (known as “secure socket layering” or “SSL”) to protect our Sites;
- placing confidentiality requirements on our employees and service providers;
- destroying or permanently anonymising personal information if it is no longer needed for the purposes for which it was collected; and
- following strict security procedures in the storage and disclosure of your personal information to prevent unauthorized access to it. Whilst we take appropriate technical and organizational measures to safeguard your personal information, no transmission over the Internet can ever be guaranteed to be secure. Therefore, we cannot guarantee the security of any personal information that you transfer over the Internet to us and any such transmission is at your own risk.
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
12. Contact information
If you have any questions, concerns or complaints regarding our compliance with this Policy, the information we hold about you or if you wish to exercise your rights, we encourage you to first contact us by email@example.com. We will investigate and attempt to resolve complaints and disputes and make every reasonable effort to honor your wish to exercise your rights as quickly as possible and in any event, within the timescales provided by data protection laws.