Personal Information We Collect
Sensitive Information We Collect
Information from Business Partners
How We Use Personal Information
How We Share and Disclose Data
Cookies and Similar Technologies
Security of Data
Third Party Sites and Services
Children and Parents
California Privacy Rights
Additional Policies for Residents of EEA and UK
How to Contact Us
Region specific provisions. Certain provisions of this Policy, which are clearly labelled, apply only to users who are citizens or residents of particular regions (for example, the European Economic Area or California). Otherwise, this Policy applies to all users of our Services, regardless of location.
Children. Our Services are not directed to children. See Protecting children’s privacy below.
2. Personal Information We Collect
When you interact with us through the Services, we may collect Personal Information from you or from other sources. This data may be information that you directly provide to us, such as Personal Information you provide when you visit our retreats, or information we collect when you use the devices we offer, or from your browser or mobile device. When you use the wearable devices we offer as part of the Services, we collect a variety of medical information discussed below in “Sensitive Information We Collect.” We also collect Personal Information from our affiliates, partners, vendors, data brokers and public sources.
The table below describes the categories of Personal Information we may collect:
||Name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number or state identification card number, passport number, or other similar identifiers
||Race, age, gender, religion, citizenship, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information
||Records of personal property, purchasing or consuming histories or preferences
||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to obtain identifying information, such as fingerprints, face prints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data
||Browsing history, search history, IP address, website interactions
||GPS coordinates, location history or movements
||Audio, electronic, visual, thermal, olfactory, or similar information
||Current or past job history or performance evaluations
||Educational background, grades, scores
||Financial information, medical information, health insurance information
||Profiles drawn from other Personal Information reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
The examples given in this table are not meant to provide an exhaustive list, but are examples of the kinds of data included in each category. We do not collect all of this data, and we specify the categories of information we do collect below.
3. Sensitive Information We Collect
- Identifiers: social security number, driver’s license, state identification card, or passport number.
- Protected Classes: Racial or ethnic origin, religious or philosophical beliefs, or union membership, or information concerning a consumer’s sex life or sexual orientation.
- Biometric Information: Genetic data, or any biometric information processed for the purpose of uniquely identifying a consumer.
- Internet Activity: The contents of email and text messages, unless Sensei is the intended recipient of the communication.
- Geolocation Data: Your precise location.
- Other Sensitive Information: Most data in this category includes sensitive Personal Information, such as health information and data, account log-ins, financial account information, debit or credit card numbers in combination with any required security or access code, password, or credentials allowing access to an account.
We collect the Sensitive Information that you voluntarily provide to us directly or indirectly, including through the use of our Services, any Sensei Site or portal, an electronic tracking or monitoring device or use of an instrument or equipment, or any third-party website or software application connected to Sensei. We will only use your Sensitive Information with your explicit consent or as authorized by law.
4. Information from Business Partners
Sensei collects Personal Information from its vendors and business partners. Sensei collects that information in the course of our business dealings:
- If you or the company you work for are our customer or supplier.
- If you or the company you work for uses the Services.
- If you are someone, or you work for someone, to whom we advertise or market the Services, or seek to do so.
- From your employer in connection with the work you do for your employer and how that relates to the Services.
- From third parties Sensei works with, such as business partners, and through introductions from other individuals or companies.
When you or the company you work for interacts with Sensei (for example, when providing technical services to us), we may collect the following types of Personal Information:
- Contact information: such as your email address, phone number and any other information you provide relating to your work or to you personally (for example, your name, job title or other information in your email signature).
- Information relating to our dealings with you or the company you work for: such as information used to administer your company account, verify financial transactions, details of goods or services that Company has exchanged with you, information about events to which you are invited and preferences related to managing those events (for example dietary information) and information that you give us or we otherwise obtain when you interact with Company.
5. How We Use Personal Information
We use the Personal Information we collect for the following purposes:
- Operating our business. We use the Personal Information we collect to operate our business, including providing and improving the Services. Specifically:
- To fulfill transactions that you request, including managing your bookings and activities at our Retreats.
- To provide you, and assist others in providing you, health and wellness information, including targeting treatments and therapies.
- To deliver location-based Services and comply with territorial restrictions.
- To diagnose and fix problems with the Services and providing other customer support services.
- For analytical purposes to better understand our clients, customers and guests, and how they use the Services, which allows us to continually improve and expand the Services.
- To build predictive models, which allow us to tailor the Services based on the data we have about how our clients, customers and guests use the Services.
- To communicate with you, including responding to your requests or inquiries, such as responding to your requests, providing information about your use of the Services or transactions with us, to deliver news, updates and other types of communications, according to your subscriptions, alerts and other preferences..
- Marketing and advertising. We use the data we collect for marketing and advertising purposes, on behalf of ourselves, as well as our partners and other parties. Specifically:
- To send you promotional messages and deliver advertisements about products, services, programs or events that may be of interest to you. These may be offered by, or on behalf of, Sensei, or by our partners and other third parties with whom we have a relationship.
- The promotional messages and advertisements that you see may be determined by data that we collect or receive about you, such as your demographic data, location data, usage data, interests and preferences. We refer to this as “interest-based advertising”.
- Security, compliance and enforcement. We use the data we collect for security, compliance and enforcement purposes. Specifically:
- To protect the safety and security of our Services.
- To detect and prevent abuse, fraud or other unlawful or unauthorized activities.
- To resolve disputes.
- To enforce our agreements, including our policies and terms of service that govern your use of the Services.
6. How We Share and Disclose Data
There are times when we share Personal Information with other companies. We share Personal Information for the following purposes:
- As part of a change in business structure. In the event of a sale, merger, acquisition, reorganization or similar event, or in contemplation of such an event (e.g., due diligence), your data may be among the transferred assets.
- When necessary under certain circumstances. We may disclose your Personal Information when we believe that disclosure is necessary to:
- Comply with applicable law or respond to valid legal process.
- Protect the safety and security of the Services.
- Prevent fraud, abuse or other unlawful or unauthorized activities.
- Protect the rights or property of us or third parties, including enforcing the terms of our agreements.
We may also share your Personal for others purpose that we disclose at the time we collect the Personal Information, or when at other times that you give us your consent.
7. Cookies and Similar Technologies
- Cookies. Cookies are small text files that are unique to your device or browser. They can either be session-based (i.e., lasting only while your browser is open and automatically deleted when you close your browser) or persistent (i.e., lasting until you delete them or they expire).
- Locally stored objects. Locally stored objects, also commonly called “Flash cookies,” are stored on your device or browser to provide Services that use Adobe Flash technology.
- Web beacons. “Web beacons” or clear GIFs are small pieces of code placed on a Service to collect data about users of that Service.
- Software development kits. Mobile Software Development Kits (“SDKs”) are bits of computer code used by mobile app developers to enable or enhance various features of a mobile app. For example, an app developer may include an SDK within a mobile app that enables advertisements to be shown, data to be collected, and related services or analytics to be performed in connection with the mobile app.
We use Tracking Technologies for the following purposes:
- Sign-in/authentication. When you sign into your account to use the Services, we use Tracking Technologies to store your sign-in information. This allows the Services to remember your user preferences and give you a more tailored experience based on those preferences. It also allows you to use the Services without having to sign-in on each page or each time you return. We use Tracking Technologies to help detect fraud and abuse of the Services, including attempts to access the Services without authorization.
- Usage and Performance Data. We use Tracking Technologies to gather usage and performance data about the Services, including counting the number of unique visitors to a particular Service.
- User Interaction. We use Tracking Technologies to track how users use and react to our website and mobile applications.
- Tailoring the Services. We use Tracking Technologies to collect information about how you use the Services so that we can tailor your experience based on what is most relevant to your interests. In some cases, we may work with third parties (for example, third party operators of the Services) to synchronize our unique, anonymous identifiers (such as those associated with Tracking Technologies) with the third party’s own identifiers. This enables us to better achieve each of the purposes described above.
- Managing Tracking Technologies. Most web browsers give you the ability to manage Tracking Technologies used on a website, including blocking or deleting them. Please note that if you choose to block Tracking Technologies, you may not be able to use certain features that depend on those Tracking Technologies (such as keeping you signed in or remembering your preferences). If you choose to delete Tracking Technologies, any settings and preferences that were associated with those Tracking Technologies will also be deleted and may need to be reset.
Some browsers have incorporated “Do Not Track” features that send an automated signal to the websites that you visit using that browser. At this time, the Services do not recognize or respond to these signals. However, you can adjust your preferences regarding the data we collect using the tools and methods described above.
8. Security of Data
We take steps to protect your data from unauthorized access, use and disclosure. These steps take into account the sensitivity of the data we collect and use, as well as the current state of technology. This includes, for example, storing your data on systems that have limited access and are maintained in controlled facilities. We also use, and require our vendors to use, industry standard security protocols when processing any payments for your use of the Services.
It is important to remember that no system can be guaranteed to be completely secure. We recommend that you help us keep your data safe by taking reasonable steps such as keeping your passwords private and not disclosing sensitive Personal Information in places that can be accessed publicly.
9. Third Party Sites and Services
We work with a number of third parties to operate the Services. When we engage third parties in connection with operating the Services, those third parties may only collect, use or access your data as needed for them to perform these functions. These third parties include: Cendyn, Oracle Opera, Alice, Book4Time, NetSuite, Asana, PayCom, Navia, Microsoft, OKTA, CARTA, Expensify, TeamPay.
10. Children and Parents
The Services are not directed at children under the age of 16, and our policy is to not knowingly collect Personal Information from children under the age of 13, nor to sell Personal Information of individuals under the age of 16. We encourage parents and guardians to monitor their children’s online behavior, put parental control tools in place, and teach children not to provide their Personal Information through the Services without parental consent. For certain activities in which children are allowed to participate, any request for Personal Information (such as registration data) is intended for and directed to the parent or legal guardian.
11. Storing Data
We retain Personal Information for as long as necessary to provide the Services and fulfill the transactions you have requested, or for other necessary purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these factors vary for different types of Personal Information, actual retention periods may vary. The criteria we use to determine the appropriate retention periods include:
- How long is the Personal Information needed to provide the Services? This is the baseline for most data retention periods.
- Do users expect that we will retain the Personal Information until they affirmatively remove it? For example, if a user is able to directly access, edit or remove the Personal Information at any time, we may maintain the data until the user affirmatively removes it.
- Is the Personal Information of a sensitive type? If so, a shortened data retention period will generally apply.
- Has the user provided consent for a longer retention period? If so, we will retain the data in accordance with the user’s consent.
- Are we subject to a legal, contractual or similar obligation to retain the Personal Information? If so, we will retain the data in accordance with our obligations.
12. California Privacy Rights
- The categories of Personal Information we collect about you.
- The categories of sources for the Personal Information we collect about you.
- Our business or commercial purpose for collecting, selling or sharing that Personal Information.
- The categories of third parties with whom we share that Personal Information.
- The specific pieces of Personal Information collected about you.
- If we disclosed your Personal Information for a business purpose, a list of the categories of Personal Information we have disclosed in the prior twelve months.
- You have the right to correct any Personal Information we have about you that is inaccurate.
- You also have the right to request that we delete any of your Personal Information. In some circumstances we may not be able to honor your request for deletion – for example, if we need to retain your information to protect the security or functionality of our operations, to service your account, or to comply with legal obligations.
- You have the right to designate an authorized agent to make any of these requests under the CCPA on your behalf.
- CCPA regulations require us to disclose metrics for the previous calendar year regarding the requests we receive. Those metrics are available at firstname.lastname@example.org.
- California consumers have the right to not be discriminated against because the consumer exercised any of the consumer’s rights under the CCPA. That means that a company may not deny goods or services to the consumer, charge different rates for goods or services, or provide a different level or quality of goods or services if the consumer chooses to exercise their rights under the CCPA (unless the different rate or different level or quality is reasonably related to the value to the business of the consumer’s data). We will not deny you any Services or charge you a different price, level or quality of Services because you exercise any of your rights under the CCPA; however, we may not be able to provide the Services if you refuse to provide us the Personal Information that is necessary for us to provide the Services, or if you ask us to delete your Personal Information.
- Submitting a CCPA Data Request:
- To submit a request regarding your Personal Information as described in this section, please contact us by calling this toll free number 866-588-3080, emailing us at email@example.com
- We are required to verify the identity of the individual requesting access to a consumer’s data or requesting deletion of a consumer’s data. To verify your identity, we will rely upon information we have previously collected about you, such as phone calls received from a known phone number or emails received from an known email. We will also rely upon our personal relationship with our clients to verify the identity of a requester.
- Only you, or a person that you authorize to act on your behalf, may make a request related to your personal information. In the case of access and deletion, your request must be verifiable before we can fulfill such request.
- We will only use the personal information that you have provided in a verifiable request in order to verify your request. As stated above, we cannot respond to your request or provide you with personal information if we cannot verify your identity or authority.
- Please note that we may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive, or manifestly unfounded.
We do not sell your Personal Information.
13. Additional Policies for Residents of EEA and UK
“Processor” means any Person Processing Personal Information.
“Person” means a natural person, corporation, association, organization, partnership, or other legal entity.
“Processing” is any activity that involves use of the Personal Information. It includes, without limitation, obtaining, recording or holding the Personal Information, or carrying out any operation or set of operations on the Personal Information including organizing, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring Personal Information to third parties.
The legal basis for processing your Personal Information
In order to comply with the GDPR, we are required to set out the legal basis for the processing of your Personal Information. In accordance with the purposes for which we collect and use your Personal Information, as set out above, the legal basis for processing your Personal Information will typically be one of the following:
- our own legitimate business interests, or the legitimate business interests of our Service Providers or our Third Party partners, promoters, affiliates, distributors, suppliers, vendors, and subcontractors, such as, for example, providing direct marketing to our customers of our products and services that we think would be of interest, permitting prospective employees to search and apply for job opportunities, handling inquiries from our promoters, affiliates, distributors, vendors, and customers, or other instances where we have carried out a legitimate interests assessment and have established an existing legitimate interest;
- the performance of a contract that we have in place with you;
- your consent, where appropriate; or
- compliance with our legal obligations, including to meet national security or law enforcement requirements.
Where we store your Personal Information
The transmission of information via the Internet is not completely secure. Although we take reasonable efforts to protect your Personal Information, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
How long we store your Personal Information
In some cases, there is a legal requirement to keep Personal Information for a minimum period of time. Except in those circumstances, we do not keep your Personal Information for any longer than is necessary for the purposes for which the Personal Information was collected or for which it is to be further processed.
Your rights with respect to your Personal Information
Subject to certain exceptions, you have the following rights with respect to your Personal Information:
- To receive or access a copy of the Personal Information that we hold about you;
- To request that any inaccurate or incomplete Personal Information be corrected or supplemented;
- To have your Personal Information erased, unless we have a legitimate reason to retain the Personal Information (such as if we are required to do so for legal reasons); and
- To ask us not to process your Personal Information for a particular purpose, including for marketing.
All of these rights are subject to certain conditions and exemptions. For example, we are not obligated to erase your Personal Information if we need to retain it to protect ourselves in the event of a legal claim.
To exercise any of these rights, please submit a written request to us using the contact information set forth below. The Company reserves the right to charge a fee in dealing with such a request as permitted by applicable law and regulations. You may also opt out of receiving additional marketing information by using the unsubscribe feature in any marketing email we send you.
15. How to Contact Us
By writing to us at 2800 W. Olympic Boulevard, Suite 200, Santa Monica, CA 90404, attention VP Information Technology.
By sending an email to firstname.lastname@example.org; or
By calling us at 866-588-3080.
Last Updated: May 5, 2023