Privacy Policy
Introduction
At HeartCore, we deeply respect your privacy and hold your information as sacred as we do our community trust. This policy explains how we collect, use, and protect your information across all HeartCore services, including our website, workshops, and HeartCore Haven community.
Information We Collect
Personal Information
- Name and email address
- Contact information
- Payment details for transactions
- Profile information you choose to share
- Workshop and community participation data
Technical Information
- Browser and device information
- IP address
- Website usage data
- Cookies and similar technologies
How We Use Your Information
We use your information to:
- Provide our services and support
- Process your payments securely
- Send you important updates
- Deliver workshop materials
- Facilitate community connections
- Improve our services
How We Protect Your Information
- Secure hosting and data storage
- Encrypted payment processing
- Limited access to personal data
- Regular security reviews
- Secure backup systems
Data Storage & Sharing
Storage
- Information stored securely in the UK
- Data retained only as long as necessary
- Regular data review and cleaning
- Secure backup protocols
Sharing
We never sell your personal information. We only share your information:
- When you explicitly agree
- To process payments securely
- If legally required
- To protect community safety
Your Rights
You have the right to:
- Access your personal information
- Update your details
- Request data deletion
- Opt-out of communications
- Understand how your data is used
Community Confidentiality
Workshop Participation
- Session recordings for participant use only
- Participant information is kept confidential
- Personal shares not used without permission
- Safe space protocols enforced
HeartCore Haven Community
- Member privacy is strictly protected
- Community shares stay within the Haven
- Personal stories remain confidential
- Safe sharing guidelines enforced
Cookie Policy
What Are Cookies?
Cookies are small text files stored on your device when you visit our website. They help us improve your experience and our services.
Cookie Types We Use
- Essential cookies for website function
- Performance cookies to improve service
- Session cookies for secure login
- Analytics cookies to understand usage
Cookie Control
- Choose which cookies to accept
- Manage preferences anytime
- Clear cookies through your browser
- Opt-out of non-essential cookies
Communication Preferences
You control how we communicate with you:
- Choose email frequency
- Select notification types
- Update preferences anytime
- Opt-out of promotional content
Changes to Policy
- Policy updates notified by email
- Changes effective 30 days after notice
- Previous versions available on request
- Right to reject changes reserved
Contact Information
For any privacy or data concerns:
- Email: [email protected]
- Phone: +44 7756466249
- Response within 48 hours
Data Protection Officer
Debbie Debonaire
HeartCore
- Email: [email protected]
- Phone: +44 7756466249International Data Handling
Data Location
- All data primarily stored and processed in the UK
- Secure servers compliant with UK data protection laws
- GDPR compliance for EU members
International Transfers
If you access HeartCore services from outside the UK:
- Your data is still protected under UK standards
- Information travels across international borders securely
- All international data transfers follow appropriate safeguards
- Third-party services (like payment processors) meet international security standards
Regional Rights
- UK and EU residents protected under GDPR
- International clients' data protected to equivalent standards
- Local privacy rights respected and upheld
- Right to data portability across borders
International Communications
- All communications secured regardless of location
- Time zones and regional differences respected
- Support available across international time zones
- Regional privacy laws acknowledged and followed
Let me help clarify the legal requirements for international data handling in your privacy policy. When operating from the UK with potential international clients, you're legally required to include:
1. Cross-border Data Transfers
- How data moves between countries
- What safeguards are in place
- Which countries data might be transferred to
2. International Payment Processing
- How international payments are handled
- Which payment processors you use
- Security measures for financial data
3. GDPR Compliance Statement (this is crucial as you're UK-based)
- How you comply with GDPR
- Rights of EU/UK customers
- How international customers' data is protected to these standards
Cross-border Data Transfers
Your personal information is primarily stored and processed in the UK. When international transfers are necessary (for example, through payment processing or email services), we ensure:
- Appropriate security measures are in place
- Data transfers comply with UK and EU regulations
- Standard contractual clauses are used where required
Payment Processing
International payments are processed through Stripe who:
- Maintain the highest security standards
- Comply with international banking regulations
- Process data under UK/EU requirements
Data Protection Standards
- All data handling complies with UK GDPR requirements
- International clients receive the same level of data protection
- Security measures meet international standards
GDPR Compliance
Your Data Rights
Under UK GDPR, you have the right to:
- Access your personal data
- Correct any inaccurate information
- Request deletion of your data
- Restrict how we use your data
- Object to certain data processing
- Transfer your data (data portability)
- Withdraw consent at any time
Legal Basis for Processing
We process your data based on:
- Contract fulfilment (membership services)
- Legal obligations (financial records)
- Legitimate interests (community safety)
- Your explicit consent (marketing)
Data Processing Principles
We ensure your data is:
- Processed lawfully and transparently
- Collected for specific, legitimate purposes
- Limited to what's necessary
- Accurate and kept up to date
- Stored only as long as needed
- Secured against unauthorized access
Data Protection Measures
We protect your data through:
- Secure data storage systems
- Regular security assessments
- Staff data protection training
- Breach detection and reporting
- Third-party security verification
Community Data Handling
For HeartCore Haven community interaction:
- Member posts and shares stored securely
- Private messages accessible only to participants
- Community content viewable only by members
- Personal shares not used for marketing
- Members can delete their content anytime
Workshop & Recording Storage
- Workshop recordings stored securely for 12 months
- Access is limited to registered participants
- Recording sharing is strictly prohibited
- Personal shares edited from public versions
- Participants notified before recording
- Option to participate without being recorded
Payment Processing
- Payments processed through secure platforms
- Subscription management systems protected
- Payment details not stored on our servers
- Receipts and transactions logged securely
- Financial records kept for 7 years (legal requirement)
Marketing Communications
- Opt-in required for marketing emails
- Easy unsubscribe option in every message
- Preferences updateable anytime
- Marketing separate from essential communications
- Member stories used only with explicit permission
Third-Party Services
We use trusted services for:
- Payment processing
- Email communications
- Website Hosting
- Community platform
- Data storage
All third-party providers meet UK GDPR requirements.
Policy Updates
- Regular review every 12 months
- Updates based on service changes
- Members notified of significant changes
- 30-day notice of material updates
- Previous versions available on request
This represents a complete Privacy & Confidentiality Policy tailored for HeartCore's operations.
