We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. By clicking "Accept", you consent to our use of cookies.

Privacy PolicyCookie Policy
For Companies

Privacy Policy

Last updated: 12/3/2025

Introduction

Mindful Family ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and store your personal information when you use our platform at mindful.family (the "Service").

Information We Collect

Personal Information

  • Account information (name, email, username)
  • Profile information (avatar, bio, professional credentials)
  • Contact details for practitioners and venue owners
  • Payment information (processed securely through Stripe)
  • Content you create (posts, comments, recipes, courses)
  • Communications through our messaging system

Automatically Collected Information

  • Device information (IP address, browser type, device type)
  • Usage data (pages visited, actions taken, time spent)
  • Location data (country, region - with your consent)
  • Cookies and similar tracking technologies

How We Use Your Information

We use your personal data for the following purposes:

  • Providing and maintaining our Service
  • Processing your transactions and bookings
  • Verifying practitioner credentials and certifications
  • Facilitating communication between users
  • Sending service-related notifications
  • Improving and personalizing our Service
  • Ensuring platform safety and security
  • Complying with legal obligations

Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract: Processing necessary for the performance of our contract with you
  • Consent: Processing based on your explicit consent
  • Legal Obligations: Processing required to comply with our legal obligations
  • Legitimate Interests: Processing necessary for our legitimate business interests

Data Sharing and Third Parties

We share your information with:

  • Stripe - for payment processing
  • Supabase - for database and authentication services
  • Other users - when you interact through our platform
  • Service providers - for hosting, analytics, and support

We ensure all third-party service providers comply with GDPR and maintain appropriate security measures.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy. When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are legally required to retain certain information.

Your Data Protection Rights

Under GDPR, you have the following rights:

  • Right to access your personal data
  • Right to rectify inaccurate personal data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

Security Measures

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Staff training on data protection
  • Incident response procedures

Children's Privacy Protection

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

COPPA Compliance

We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13 without verifiable parental consent.

Users between 13-17 years old may use our Service with parental consent and supervision. Parents can contact us to review, modify, or delete their child's personal information.

Data Breach Notification

In the event of a data breach that may result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

Notification Process

  • We will notify affected users via email within 72 hours
  • We will provide clear information about the nature of the breach
  • We will explain the likely consequences and measures taken
  • We will provide contact information for further inquiries

International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place through Standard Contractual Clauses and adequacy decisions.

Contact Us & Data Protection Officer

For any questions about this Privacy Policy or to exercise your rights, please contact our Data Protection Officer at:

Data Protection Officer:
Email: privacy@mindful.family
General Support: support@mindful.family
Address: [Your Business Address]
Response Time: We will respond to all inquiries within 30 days

Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not handled your personal data in accordance with applicable data protection laws.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this page. You are advised to review this Privacy Policy periodically for any changes.