Bloomuiremoveex
Last updated:

Privacy Policy

This Privacy Policy explains how Bloomuiremoveex collects, uses, stores, and protects personal data when you visit our website or use our mindful eating coaching services.

1. Data Controller

The data controller responsible for your personal information is:

Bloomuiremoveex
240 Powell St
San Francisco, CA 94102
United States
Email: hello@bloomuiremoveex.world
Phone: +1 415-948-7366

For any questions regarding this Privacy Policy or the processing of your personal data, you may contact us using the details above. We will respond to privacy-related inquiries within thirty days of receipt, in accordance with applicable data protection regulations.

2. Data We Collect

We collect personal data only when necessary for the purposes described in this policy. The categories of data we may collect include:

2.1 Information You Provide Directly

  • Contact form data: Your name, email address, and message content when you submit an inquiry through our contact form.
  • Coaching enrollment data: Name, email, phone number, billing address, and payment information when you register for coaching programs or purchase educational products.
  • Session notes and reflections: Information you voluntarily share during coaching sessions or through reflection tools, which may include descriptions of eating habits and personal observations.
  • Communication records: Content of emails, phone call summaries, and other correspondence between you and our team.

2.2 Information Collected Automatically

  • Technical data: IP address, browser type and version, operating system, device type, and screen resolution.
  • Usage data: Pages visited, time spent on pages, referral source, click patterns, and interaction with site features.
  • Cookie data: Information stored through cookies and similar technologies as described in our Cookie Policy.

2.3 Information from Third Parties

We may receive limited information from payment processors to confirm transaction completion. We do not purchase personal data from data brokers or third-party marketing lists.

Under the General Data Protection Regulation (GDPR) and comparable privacy frameworks, we process personal data based on the following legal grounds:

  • Consent: When you submit a contact form, accept non-essential cookies, or voluntarily provide information for coaching services, you consent to the processing described at the point of collection.
  • Contractual necessity: Processing required to deliver coaching services, educational products, or respond to inquiries you initiate.
  • Legitimate interests: Website security monitoring, service improvement, fraud prevention, and internal record-keeping, balanced against your privacy rights.
  • Legal obligation: Retention of financial records and compliance with tax, accounting, or regulatory requirements.

4. Purpose of Data Usage

We use collected personal data exclusively for the following purposes:

  • Responding to contact form submissions and general inquiries
  • Delivering mindful eating coaching sessions and educational programs
  • Processing payments and managing billing records
  • Providing access to digital reflection tools and educational materials
  • Sending service-related communications such as appointment confirmations and program updates
  • Improving website functionality and user experience through anonymized analytics
  • Complying with legal, regulatory, and tax obligations
  • Protecting the security and integrity of our website and services

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects. We do not sell your personal information to third parties.

5. Data Retention Period

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Contact form inquiries: Retained for twelve months from the date of submission, then securely deleted unless an ongoing coaching relationship is established.
  • Coaching client records: Retained for the duration of the coaching relationship plus three years following the final session, to support continuity of care and respond to potential inquiries.
  • Payment and billing records: Retained for seven years in accordance with U.S. tax and accounting requirements.
  • Analytics data: Anonymized usage data retained for twenty-six months, after which it is aggregated or deleted.
  • Cookie consent preferences: Stored locally on your device until you clear browser storage or update your preferences.
  • Marketing communications data: Retained until you withdraw consent or unsubscribe, after which your contact details are removed from active mailing lists within thirty days.

When retention periods expire, data is securely deleted or irreversibly anonymized. Backup copies may persist for up to ninety additional days before automatic purging.

6. Data Sharing and Third Parties

We share personal data with third parties only when necessary and under appropriate safeguards:

  • Payment processors: To process transactions securely. These providers operate under their own privacy policies and PCI-DSS compliance standards.
  • Hosting and infrastructure providers: To maintain website availability and data storage, bound by data processing agreements.
  • Analytics providers: Only when you have consented to analytics cookies, and only with anonymized or pseudonymized data where possible.
  • Legal authorities: When required by law, court order, or governmental regulation.

All third-party service providers are contractually obligated to process data only according to our instructions and applicable privacy laws. We do not authorize third parties to use your data for their own marketing purposes.

7. Security Measures

We implement technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

  • HTTPS encryption across all website pages to protect data in transit
  • Encrypted storage for sensitive client records and payment-related data
  • Role-based access controls limiting employee access to personal data on a need-to-know basis
  • Regular security assessments and software updates for all systems handling personal data
  • Secure password policies and multi-factor authentication for administrative accounts
  • Employee training on data protection practices and confidentiality obligations
  • Incident response procedures for detecting, reporting, and addressing data breaches within seventy-two hours as required by GDPR

While we take reasonable precautions, no method of electronic transmission or storage is completely secure. We encourage you to use strong passwords and protect your account credentials.

8. Your Rights Under GDPR and Applicable Laws

Depending on your location, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete personal data.
  • Right to erasure: Request deletion of your personal data when it is no longer necessary or when you withdraw consent.
  • Right to restriction: Request that we limit processing of your data under certain circumstances.
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Withdraw consent at any time without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: File a complaint with your local data protection authority if you believe your rights have been violated.

To exercise any of these rights, contact us at hello@bloomuiremoveex.world. We will verify your identity before processing requests and respond within thirty days. In complex cases, we may extend this period by an additional sixty days with prior notification.

9. International Data Transfers

Bloomuiremoveex is based in the United States. If you access our website or services from the European Economic Area, United Kingdom, or other regions with data transfer restrictions, your personal data may be transferred to and processed in the United States.

We ensure appropriate safeguards for international transfers, including Standard Contractual Clauses approved by the European Commission, and we work only with service providers that maintain adequate data protection standards.

10. Children's Privacy

Our website and coaching services are intended for individuals aged eighteen and older. We do not knowingly collect personal data from children under sixteen. If we become aware that we have collected data from a child without appropriate parental consent, we will take steps to delete that information promptly. Parents or guardians who believe their child has provided personal data to us should contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. The date at the top of this page indicates when the policy was last revised. Material changes will be communicated through a notice on our website or, where appropriate, by direct email to registered clients. We encourage you to review this page regularly.

12. Contact Information

For privacy-related questions, data subject requests, or concerns about our data handling practices, please contact:

Privacy Inquiries — Bloomuiremoveex
240 Powell St, San Francisco, CA 94102, United States
Email: hello@bloomuiremoveex.world
Phone: +1 415-948-7366