SENSEI WELLNESS PRIVACY POLICY
Thank you for visiting our website (“Site”). Sensei Wellness Holdings, Inc., on behalf of itself and its affiliates (“Sensei,” the “Company,” “we,” “us” or “our”) is providing this Privacy Policy to describe the Personal Information (as described herein) that Sensei collects, stores and uses through our interactions with you and through our resorts, retreats, products, services, events and programs – including our Sites, mobile applications and digital platforms (each a “Service,” and collectively, the “Services”). This Privacy Policy, together with our Terms of Use and any other policies we refer to in this Privacy Policy describes how Sensei collects and uses your Personal Information, and how you can exercise certain rights with respect to your Personal Information.
If you are a California resident, this Privacy Policy also outlines additional information applicable to our collection and use of your Personal Information, and how you can exercise your rights under California law, which can be found here.
If you are a resident of the European Economic Area (“EEA”) or the United Kingdom (UK) this Privacy Policy also outlines additional provisions applicable to our collection and processing of your Personal Information, which can be found here. Non-EEA countries do not have the same data protection laws as the EEA. We will, however, take steps to ensure that any transfer of personal information will be secure and complies with applicable data protection laws.
By submitting your Personal Information to us, you agree to the processing set out in this Privacy Policy. If there are any additional uses of your Personal Information that are not described in this Privacy Policy, then we will provide you with the necessary information and consult you on such additional uses in accordance with applicable law.
Introduction
Personal Information We Collect
Sensitive Information We Collect
Information from Business Partners
How We Use Personal Information
How We Share and Disclose Data
Cookies and Similar Technologies
Security of Data
Third Party Sites and Services
Children and Parents
Storing Data
California Privacy Rights
Additional Policies for Residents of EEA and UK
Changes to This Privacy Policy
How to Contact Us
This Privacy Policy describes how Sensei collects, uses, and shares Personal Information of our guests, visitors to our Site at www.sensei.com, and individuals who contact us to request information. The Site and our other programs and services are referred to in this Privacy Policy as the “Services.” This Policy describes how we collect and use Personal Information (information which can be used to identify a specific individual) and anonymous data (which cannot be used to identify a specific individual).
Region specific provisions. Certain provisions of this Policy, which are clearly labelled, apply only to users who are citizens or residents of particular regions (for example, the European Economic Area or California). Otherwise, this Policy applies to all users of our Services, regardless of location.
Children. Our Services are not directed to children. See Protecting children’s privacy below.
For purposes of this Privacy Policy, “Personal Information” means information (whether stored electronically or in a paper based filing systems) relating to a living individual who can be identified from that data, or from that data and other information in our possession.
When you interact with us through the Services, we may collect Personal Information from you or from other sources. This data may be information that you directly provide to us, such as Personal Information you provide when you visit our retreats, or information we collect when you use the devices we offer, or from your browser or mobile device. When you use the wearable devices we offer as part of the Services, we collect a variety of medical information discussed below in “Sensitive Information We Collect.” We also collect Personal Information from our affiliates, partners, vendors, data brokers and public sources.
The table below describes the categories of Personal Information we may collect:
Category | Description |
Identifiers | Name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number or state identification card number, passport number, or other similar identifiers |
Protected Classes | Race, age, gender, religion, citizenship, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information |
Commercial Information | Records of personal property, purchasing or consuming histories or preferences |
Biometric Information | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to obtain identifying information, such as fingerprints, face prints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data |
Internet Activity | Browsing history, search history, IP address, website interactions |
Geolocation Data | GPS coordinates, location history or movements |
Sensory Data | Audio, electronic, visual, thermal, olfactory, or similar information |
Professional Data | Current or past job history or performance evaluations |
Education Data | Educational background, grades, scores |
Other Data | Financial information, medical information, health insurance information |
Inferences | Profiles drawn from other Personal Information reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
The examples given in this table are not meant to provide an exhaustive list, but are examples of the kinds of data included in each category. We do not collect all of this data, and we specify the categories of information we do collect below.
In addition to the Personal Information described above, we may collect Sensitive Information from or about you. In this Privacy Policy, “Sensitive Information” means Personal Information that is subject to heightened legal protection in certain jurisdictions. Sensitive Information may include:
We collect the Sensitive Information that you voluntarily provide to us directly or indirectly, including through the use of our Services, any Sensei Site or portal, an electronic tracking or monitoring device or use of an instrument or equipment, or any third-party website or software application connected to Sensei. We will only use your Sensitive Information with your explicit consent or as authorized by law.
Sensei collects Personal Information from its vendors and business partners. Sensei collects that information in the course of our business dealings:
When you or the company you work for interacts with Sensei (for example, when providing technical services to us), we may collect the following types of Personal Information:
We use the Personal Information we collect for the following purposes:
We may also use your data in any other manner as disclosed at the time of collection, or when we have otherwise obtained consent. Please also note that this Privacy Policy does not place any limits on what we do with aggregated, pseudonymized or anonymized data.
There are times when we share Personal Information with other companies. We share Personal Information for the following purposes:
We may also share your Personal for others purpose that we disclose at the time we collect the Personal Information, or when at other times that you give us your consent.
We use cookies and similar technologies (collectively, “Tracking Technologies”) to provide the Services and to collect data. In addition, third parties may also use Tracking Technologies when you use the Services; for example, if we engaged a third party to operate the Services, or because the Services contain content delivered by third parties. These Tracking Technologies consist of:
We use Tracking Technologies for the following purposes:
Some browsers have incorporated “Do Not Track” features that send an automated signal to the websites that you visit using that browser. At this time, the Services do not recognize or respond to these signals. However, you can adjust your preferences regarding the data we collect using the tools and methods described above.
We take steps to protect your data from unauthorized access, use and disclosure. These steps take into account the sensitivity of the data we collect and use, as well as the current state of technology. This includes, for example, storing your data on systems that have limited access and are maintained in controlled facilities. We also use, and require our vendors to use, industry standard security protocols when processing any payments for your use of the Services.
It is important to remember that no system can be guaranteed to be completely secure. We recommend that you help us keep your data safe by taking reasonable steps such as keeping your passwords private and not disclosing sensitive Personal Information in places that can be accessed publicly.
We work with a number of third parties to operate the Services. When we engage third parties in connection with operating the Services, those third parties may only collect, use or access your data as needed for them to perform these functions. These third parties include: Cendyn, Oracle Opera, Alice, Book4Time, NetSuite, Asana, PayCom, Navia, Microsoft, OKTA, CARTA, Expensify, TeamPay.
These third parties are only authorized to use your Personal Information as permitted by this Privacy Policy, or as disclosed to you at the time your data is collected. Please note, however, that these third parties may supplement data collected or received in connection with the Services with data they collect or receive through other websites, platforms and services, in accordance with the policies and disclosures posted on those websites, platforms and services. Within the past twelve months, we have disclosed the following categories of Personal Information to third parties: personal identifiers, commercial information, Internet/other electronic network activity information, geolocation data, characteristics of protected classifications, and inferences drawn from this information.
The Services may also contain links to, or integrations with, other websites, platforms or services that are not operated or controlled by Sensei (each a “Third Party Site,” and collectively, the “Third Party Sites”). Please note that this Privacy Policy does not apply to those Third Party Sites. For more information on how those Third Party Sites collect, use and share data, we suggest that you contact the operators of those Third Party Sites directly.
The Services are not directed at children under the age of 16, and our policy is to not knowingly collect Personal Information from children under the age of 13, nor to sell Personal Information of individuals under the age of 16. We encourage parents and guardians to monitor their children’s online behavior, put parental control tools in place, and teach children not to provide their Personal Information through the Services without parental consent. For certain activities in which children are allowed to participate, any request for Personal Information (such as registration data) is intended for and directed to the parent or legal guardian.
If you have reason to believe that a child under the age of 13 has provided Personal Information to us without parental consent, please contact us using any of the methods described in the “How to Contact Us” section of this Privacy Policy, and we will endeavor to delete that data from our systems.
For children located in jurisdictions within the EU, we comply with the age limits applicable in each Member State. In these instances, the references above to the age of 13 will be deemed to be references to the age limits applicable in each Member State. Where this Privacy Policy refers to consent, this will require the consent of a parent or legal guardian in relation to any person under the age limits applicable in each Member State.
Personal Information collected by Sensei may be stored and processed in the region in which it is collected, in the United States, and in any other region where we maintain major operations. We maintain offices in Santa Monica, California, and Lanai, Hawaii. We take steps to ensure that the data we collect under this Privacy Policy is stored and processed in accordance with this Privacy Policy regardless of where the data is located. By providing Personal Information in connection with the Services, you acknowledge and agree that such Personal Information may be transferred from your current location to the offices and servers of Sensei and our authorized third party service providers located in the United States. Our practice when transferring Personal Information is to rely on standard data protection contract clauses or individual consent.
We retain Personal Information for as long as necessary to provide the Services and fulfill the transactions you have requested, or for other necessary purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these factors vary for different types of Personal Information, actual retention periods may vary. The criteria we use to determine the appropriate retention periods include:
This section supplements our Privacy Policy with additional information for California residents only. As noted above, we collect data that you provide directly when you register for or use the Services, user credentials that you supply directly when you register for or update your login information to use the Services, demographic data, payment data, device data, usage data, location data, information about your interests and preferences, third party integrations, and other third party data. In accordance with the California Consumer Privacy Act (“CCPA”), California residents have the right to request that we disclose the following information about our collection and use of Personal Information over the twelve months prior to your request:
We do not sell your Personal Information.
In addition to the other policies described in this Privacy Policy, residents of the EEA and UK are afforded the following additional rights and protections as required by the EU’s General Data Privacy Regulation (“GDPR”) and the UK’s Data Protection Act. The additional rights and protections set forth in this section of this Privacy Policy apply only to residents of the European Union or the EEA. For ease of reference, when we refer to GDPR in this section, we are referring to the UK Data Protection Act, as well as the GDPR. For the purposes of the GDPR, Sensei is a “Controller” which means Sensei determines the purposes for which, and the manner in which, any Personal Information is Processed and used in its business.
GDPR Definitions
The following additional definitions apply to this Section of the Privacy Policy:
“Processor” means any Person Processing Personal Information.
“Person” means a natural person, corporation, association, organization, partnership, or other legal entity.
“Processing” is any activity that involves use of the Personal Information. It includes, without limitation, obtaining, recording or holding the Personal Information, or carrying out any operation or set of operations on the Personal Information including organizing, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring Personal Information to third parties.
The legal basis for processing your Personal Information
In order to comply with the GDPR, we are required to set out the legal basis for the processing of your Personal Information. In accordance with the purposes for which we collect and use your Personal Information, as set out above, the legal basis for processing your Personal Information will typically be one of the following:
Where we store your Personal Information
The data that we collect from you is stored on our servers or on servers provided by cloud service providers. If you are a resident of the EEA, your Personal Information may be transferred within or outside the EEA to areas where privacy laws may be less strict than in the EEA. By submitting your Personal Information, you agree to this transfer, storing, and processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.
The transmission of information via the Internet is not completely secure. Although we take reasonable efforts to protect your Personal Information, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
How long we store your Personal Information
In some cases, there is a legal requirement to keep Personal Information for a minimum period of time. Except in those circumstances, we do not keep your Personal Information for any longer than is necessary for the purposes for which the Personal Information was collected or for which it is to be further processed.
Your rights with respect to your Personal Information
Subject to certain exceptions, you have the following rights with respect to your Personal Information:
All of these rights are subject to certain conditions and exemptions. For example, we are not obligated to erase your Personal Information if we need to retain it to protect ourselves in the event of a legal claim.
To exercise any of these rights, please submit a written request to us using the contact information set forth below. The Company reserves the right to charge a fee in dealing with such a request as permitted by applicable law and regulations. You may also opt out of receiving additional marketing information by using the unsubscribe feature in any marketing email we send you.
We may change this Privacy Policy from time to time to reflect changes in our business, the Services, or our practices and procedures. If we do make changes, we will post any changes on this page and indicate the date on which the Privacy Policy was last revised. We encourage you to review this Privacy Policy periodically, especially before you provide Personal Information directly to us through the Services. Your continued use of the Services after any changes to this Privacy Policy are in effect constitutes your acceptance of the revised Privacy Policy.
Although we strive to make this Privacy Policy as comprehensive as possible, we know you may still have questions or concerns about how we collect, use and share data. If you have a question, concern or complaint regarding our data privacy practices, you may contact us by any of the following methods:
By writing to us at 2800 W. Olympic Boulevard, Suite 200, Santa Monica, CA 90404, attention VP Information Technology.
By sending an email to privacyinfo@sensei.com; or
By calling us at 866-588-3080.
Last Updated: May 5, 2023