PRIVACY POLICY

Effective Date: May 5, 2026

Last Updated: May 5, 2026

Contact: contact@somaticshaking.com

1. OVERVIEW

Your privacy is important to us. This Privacy Policy explains how somaticshaking.com (“Company,” “we,” “us,” or “our”) collects, uses, discloses, and protects your personal information when you visit our website, use our services, or purchase digital products and programs.

This policy complies with the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws.

2. INFORMATION WE COLLECT

We collect information in the following categories:

Personal Data

Name and email address
Payment information (name, billing address, transaction history)
Phone number (optional, if provided)
Program enrollment details and participant information
Any information you voluntarily provide through contact forms or communications

Technical Data

IP address and geolocation data
Browser type, device type, and operating system
Pages visited and time spent on site
Referral source and traffic patterns
Cookies and similar tracking technologies

Communication Data

Email correspondence and support requests
Feedback, testimonials, or survey responses
Attendance and engagement records in programs

3. HOW WE USE YOUR DATA

We use your information for the following purposes:

Service Delivery

Processing and fulfilling your purchases and program enrollments
Delivering digital products, courses, and content
Sending order confirmations, receipts, and program access details
Managing your account and login credentials

Communication

Responding to customer inquiries and support requests
Sending important service updates or changes to our policies
Providing educational content related to your purchased programs

Marketing & Engagement (with your consent)

Sending newsletters, promotional offers, and updates about new programs
Sharing relevant content, tips, and somatic practices
Inviting you to webinars, workshops, or special events

Site Improvement & Analytics

Analyzing user behavior to improve our website and user experience
Testing new features and optimizing performance
Measuring the effectiveness of marketing campaigns
Preventing fraud and ensuring platform security

Legal & Compliance

Fulfilling legal obligations and responding to lawful requests
Maintaining records for accounting and tax purposes
Protecting our legal rights and preventing misuse

4. LEGAL BASIS FOR PROCESSING (GDPR)

We process your personal data based on the following lawful grounds:

Contract Performance

Processing your data is necessary to enter into and fulfill our agreement with you (e.g., delivering your digital product or program).

Consent

We process data for marketing communications and optional services only with your explicit consent. You can withdraw consent anytime.

Legitimate Interests

We process data to improve our services, enhance security, prevent fraud, and understand how users interact with our platform. These interests do not override your rights.

Legal Obligation

We may process data to comply with applicable laws, regulations, and lawful government requests.

5. DATA RETENTION

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy:

Payment and transaction records: Retained per tax and accounting requirements (typically 7 years)
Customer account information: Retained while your account is active, plus 2 years after
Email communications: Retained per legitimate business needs
Marketing data: Retained until you unsubscribe or withdraw consent
Technical/analytics data: Retained for up to 12 months

You may request deletion of your personal data at any time by contacting us at contact@somaticshaking.com. We will delete your data within 30 days, unless legal obligations require retention.

6. DATA SECURITY

We implement appropriate technical, administrative, and organizational measures to protect your personal data against unauthorized access, alteration, loss, or disclosure:

Security Measures

Secure HTTPS encryption for data transmission
Password-protected accounts with secure authentication
Regular security updates and monitoring
Access restrictions to authorized personnel only
Confidentiality agreements with all staff

Payment Security

Payment information is processed exclusively through secure, PCI-DSS compliant third-party payment processors (e.g., Stripe, PayPal). We do not store full credit card details on our servers.

Limitations

While we implement industry-standard security practices, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we maintain reasonable and appropriate safeguards.

7. SHARING OF DATA

We do not sell, rent, trade, or share your personal data with third parties for marketing purposes.

Limited Sharing

We may share your information only with:

Service Providers: Trusted partners who assist in delivering our services (e.g., email platforms, payment processors, hosting providers, customer support tools). These providers are bound by confidentiality agreements.
Legal Requirements: Law enforcement, government agencies, or courts if required by law or to protect our legal rights.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction (you will be notified).

8. YOUR PRIVACY RIGHTS

Depending on your location, you have the following rights regarding your personal data:

GDPR Rights (EU Residents)

Right of Access, Rectification, Erasure (“Right to be forgotten”), Restriction, Data Portability, and Objection.
Right to Withdraw Consent and Lodge a Complaint with a data protection authority.

CCPA Rights (California Residents)

Right to Know, Delete, Opt-Out, Correct, Limit Use, and Non-Discrimination.

To exercise any of these rights, contact us at contact@somaticshaking.com.

9. INTERNATIONAL DATA TRANSFERS

If you are located outside the United States, your data may be transferred to, stored in, and processed in the United States or other countries where we operate. We ensure such transfers comply with applicable law, including through Standard Contractual Clauses (for GDPR).

10. COOKIES & TRACKING TECHNOLOGIES

We use cookies to enhance your experience. You can control cookies through your browser settings. Disabling cookies may affect site functionality. We use Google Analytics to understand user behavior; you can opt-out using the Google Analytics Opt-out Browser Add-on.

11. THIRD-PARTY LINKS & SERVICES

Our website may contain links to third-party sites. We are not responsible for the privacy practices of these external sites and encourage you to review their policies.

12. CHILDREN’S PRIVACY

Our services are not intended for individuals under 18 years of age. If we become aware that we have collected data from a minor, we will delete it promptly.

13. DATA PROTECTION OFFICER & RESPONSIBLE PARTY

For questions about our privacy practices or to exercise your privacy rights:

Email: contact@somaticshaking.com

Website: somaticshaking.com

14. UPDATES TO THIS POLICY

We may update this Privacy Policy periodically. Significant changes will be communicated via email or a notice on our website. Your continued use of our services constitutes acceptance of the updated policy.

15. CONTACT US

If you have questions about this Privacy Policy: