YogaDetox Electronic Transactions and Data Storage Policy

Purpose
This policy provides guidelines for managing electronic transactions and safeguarding customer data at YogaDetox. It aims to ensure the secure handling, processing, and storage of sensitive information to protect our customers' privacy and comply with relevant data protection laws.

1. Scope

This policy applies to all electronic transactions conducted through YogaDetox’s website, applications, and any other electronic means of collecting, storing, or transmitting customer data. It covers payment processing, customer information, and data storage protocols, and applies to all YogaDetox employees, contractors, and third-party providers handling this data.

2. Electronic Transactions

YogaDetox is committed to providing secure and reliable electronic transaction services. Our practices include:

  1. Payment Security:

    • All payments made through YogaDetox are processed using trusted third-party payment processors (such as Square, PayPal, or Stripe) that comply with industry standards, including PCI-DSS (Payment Card Industry Data Security Standard).

    • YogaDetox does not store credit card information on its servers. Payment details are securely processed by our payment partners and are subject to their privacy and security policies.

  2. Encryption of Data in Transit:

    • Sensitive data transmitted during transactions is encrypted using SSL/TLS encryption to protect it from unauthorized access.

  3. Customer Notification:

    • Customers receive confirmation for each transaction made through YogaDetox’s systems. YogaDetox may also send follow-up communications related to payments and services.

  4. Refunds and Disputes:

    • Refunds and transaction disputes are managed according to YogaDetox’s Refund Policy, which is available on our website or upon request.

3. Data Storage and Retention

To maintain data security and ensure privacy, YogaDetox adheres to the following data storage and retention practices:

  1. Data Minimization:

    • Only necessary customer information (such as name, contact details, and course preferences) is collected and stored to fulfill business and regulatory requirements.

  2. Storage Security:

    • Customer data is stored securely in encrypted databases, which are protected by firewalls, access controls, and secure authentication protocols.

    • Access to customer information is restricted to authorized personnel who require access to perform specific job functions.

  3. Retention Period:

    • YogaDetox retains personal data only for as long as needed to fulfill the purpose for which it was collected or as required by law. Upon expiration of this period, data will be securely deleted or anonymized.

  4. Third-Party Data Processors:

    • YogaDetox may use reputable third-party providers for data storage or processing (e.g., cloud service providers) who comply with relevant data protection standards.

    • All third-party providers are reviewed for compliance with data protection regulations before engagement and are contractually obligated to maintain data confidentiality and security.

4. Customer Data Protection and Privacy

  1. Privacy Compliance:

    • YogaDetox complies with data privacy laws, including the Australian Privacy Act (1988), and ensures that personal information is handled in accordance with these laws.

  2. Customer Rights:

    • Customers have the right to request access to, correction of, or deletion of their personal data stored by YogaDetox. Requests can be made by contacting us at [Contact Email or Phone Number].

  3. Data Breach Response:

    • In the event of a data breach that could compromise customer data, YogaDetox will promptly notify affected customers and take necessary steps to contain and mitigate the breach, in accordance with relevant laws.

5. Employee Responsibilities and Training

  1. Employee Access:

    • Only employees with specific roles requiring data access are authorized to handle customer information, and all employees must follow YogaDetox’s data security policies.

  2. Training:

    • All YogaDetox employees are regularly trained on data protection, electronic transaction security, and privacy laws to ensure customer data is protected at all times.

  3. Confidentiality Agreements:

    • Employees with access to sensitive information are required to sign confidentiality agreements as part of their employment terms with YogaDetox.

6. Policy Updates

YogaDetox reserves the right to modify this policy as required to ensure compliance with evolving data protection laws, technological advancements, and security best practices. Customers will be notified of any significant changes to this policy through YogaDetox’s website or direct communication.

Contact Information
If you have questions about this policy or require assistance with electronic transactions or data-related inquiries, please contact us at:

  • Email: admin@yogadetox.com.au