Privacy Policy

1. Introduction and Overview

Otho Upton respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website or use our services. We operate in full compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws within the European Union and the Netherlands.

This policy applies to all information collected through our website, contact forms, email communications, and any related services. By accessing or using our website, you acknowledge that you have read and understood this Privacy Policy. We encourage you to review this policy regularly as we may update it periodically to reflect changes in our practices or legal requirements.

2. Data Controller Information

Otho Upton operates as the data controller for all personal information collected through this website. For any questions regarding this Privacy Policy or our data practices, you can contact us using the following information:

• Business Name: Otho Upton Wellness
• Address: Herengracht 69-C, 1015 BD Amsterdam, Netherlands
• Email: privacy@othoupton.com
• Phone: +31 20 345 6789
• Chamber of Commerce: Registration pending

3. Information We Collect

We collect different types of information depending on how you interact with our website and services. The categories of personal data we may collect include:

3.1 Information You Provide Directly

When you fill out our contact form or communicate with us via email, we collect the information you voluntarily provide. This may include your full name, email address, phone number, and any details you share about your wellness goals or inquiries. We only collect information that is necessary to respond to your requests and provide our services effectively.

3.2 Automatically Collected Information

When you visit our website, certain information is collected automatically through cookies and similar technologies. This includes your IP address, browser type, operating system, referring URLs, pages viewed, and the dates and times of your visits. This technical data helps us understand how visitors use our website and allows us to improve user experience.

4. How We Use Your Information

We use the collected information for specific, legitimate purposes related to providing and improving our wellness services. The primary uses include:

• Communication: Responding to your inquiries, sending information about our services, and maintaining ongoing client relationships.
• Service Provision: Scheduling consultations, preparing personalized wellness plans, and delivering the services you have requested.
• Website Improvement: Analyzing usage patterns to enhance website functionality, content relevance, and user experience.
• Legal Compliance: Meeting our legal obligations, resolving disputes, and enforcing our agreements.
• Marketing: With your explicit consent, we may send newsletters or promotional materials about our services.

5. Legal Basis for Processing

Under GDPR, we must have a legal basis for processing your personal data. We rely on the following legal grounds:

• Consent: When you explicitly agree to our processing of your data, such as when subscribing to newsletters or accepting cookies.
• Contract: Processing necessary to fulfill our contractual obligations when you purchase our services.
• Legitimate Interests: Processing necessary for our legitimate business interests, provided these do not override your rights.
• Legal Obligation: Processing required to comply with applicable laws and regulations.

6. Cookies and Tracking Technologies

Our website uses cookies to enhance your browsing experience. Cookies are small text files stored on your device that help us recognize you and understand how you use our website. We use the following types of cookies:

• Essential Cookies: Required for the website to function properly, such as maintaining your session.
• Analytical Cookies: Help us understand visitor behavior and improve our website performance.
• Preference Cookies: Remember your settings and preferences for future visits.

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our website. By continuing to use our site, you consent to our use of cookies as described in this policy.

7. Data Sharing and Third Parties

We respect your privacy and do not sell your personal information to third parties. We may share your data only in the following limited circumstances:

• Service Providers: Trusted third parties who assist us in operating our website and conducting our business, subject to strict confidentiality agreements.
• Legal Requirements: When required by law, court order, or governmental regulation to disclose information.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate safeguards for your data.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, secure server infrastructure, access controls, and regular security assessments. While we strive to use commercially acceptable means to protect your information, no method of transmission over the internet is 100% secure.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. When determining retention periods, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use, and applicable legal requirements. Once the retention period expires, your data is securely deleted or anonymized.

10. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights regarding your personal information:

• Right to Access: Request copies of your personal data that we hold.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data under certain circumstances.
• Right to Restrict Processing: Request limitation on how we use your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or direct marketing.
• Right to Withdraw Consent: Withdraw previously given consent at any time.

To exercise any of these rights, please contact us using the information provided in Section 2. We will respond to your request within one month as required by GDPR.

11. International Data Transfers

As our business is based in the Netherlands, your data is primarily stored and processed within the European Economic Area (EEA). If we ever need to transfer your data outside the EEA, we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to protect your privacy rights.

12. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately, and we will take steps to remove such information from our systems.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any significant changes will be communicated to you via email or through a prominent notice on our website. The updated policy will indicate the effective date of the revisions. We encourage you to review this page periodically to stay informed about how we protect your information.