Privacy Policy
This Privacy Notice describes how and why Holistic Heart Centers collects, uses, stores, and shares your personal information when you visit our website, contact us, or engage with our services — and the privacy rights and choices available to you.
This Privacy Notice for Holistic Heart Centers (doing business as Holistic Heart Center of Long Island — “we,” “us,” or “our”) describes how and why we might access, collect, store, use, and/or share (“process”) your personal information when you use our services (“Services”), including when you:
- Visit our website at holisticheartcenters.com, or any website of ours that links to this Privacy Notice
- Engage with us in other related ways, including any marketing or events
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have questions, contact us at admin@holisticheartcenter.com.
◆Summary of key points
This summary provides key points from our Privacy Notice. You can find more detail on any topic using the table of contents.
01What information do we collect?
Personal information you disclose to us
We collect personal information that you voluntarily provide when you express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.
Personal Information Provided by You. The information we collect depends on the context of your interactions with us and the Services. It may include:
- Names
- Phone numbers
- Email addresses
- Contact preferences
- Debit/credit card numbers
Sensitive Information. We do not process sensitive information.
Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number and security code. All payment data is handled and stored by Stripe. You may view their privacy notice at stripe.com/privacy.
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes.
Information automatically collected
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, and information about how and when you use our Services. This is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting.
Like many businesses, we also collect information through cookies and similar technologies. The information we collect includes log and usage data, device data, and location data.
02How do we process your information?
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
- To deliver and facilitate delivery of services to the user.
- To respond to user inquiries and offer support and solve potential issues with the requested service.
- To send administrative information — details about our products and services, changes to our terms and policies, and other similar information.
- To fulfill and manage your orders, payments, returns, and exchanges made through the Services.
- To request feedback and to contact you about your use of our Services.
- To send you marketing and promotional communications, in accordance with your preferences (you can opt out at any time).
- To deliver targeted advertising tailored to your interests and location.
- To protect our Services, including fraud monitoring and prevention.
- To identify usage trends and understand how our Services are used so we can improve them.
- To determine the effectiveness of our marketing and promotional campaigns.
- To save or protect an individual’s vital interest, such as to prevent harm.
03What legal bases do we rely on to process your information?
If you are located in the EU or UK, the GDPR and UK GDPR require us to explain the valid legal bases we rely on. We may rely on the following: consent; performance of a contract; legitimate interests; legal obligations; and vital interests.
If you are located in Canada, we may process your information if you have given us specific permission (express consent) or in situations where your permission can be inferred (implied consent). In some exceptional cases we may be legally permitted to process your information without your consent, as allowed by applicable law.
05Do we use cookies and other tracking technologies?
We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some online tracking technologies help us maintain the security of our Services, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.
We also permit third parties and service providers to use online tracking technologies for analytics and advertising, including to help manage and display advertisements, to tailor advertisements to your interests, or to send abandoned shopping cart reminders. To the extent these are deemed a “sale”/“sharing” under applicable US state laws, you can opt out as described in section 11.
06How long do we keep your information?
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible, securely store your personal information and isolate it from any further processing until deletion is possible.
07How do we keep your information safe?
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Although we will do our best to protect your personal information, transmission to and from our Services is at your own risk. You should only access the Services within a secure environment.
08Do we collect information from minors?
We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor’s use of the Services. If we learn that personal information from users less than 18 has been collected, we will deactivate the account and take reasonable measures to promptly delete such data. If you become aware of any data we may have collected from children under 18, please contact us at admin@holisticheartcenter.com.
09What are your privacy rights?
In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure, (iii) to restrict the processing of your personal information, (iv) if applicable, to data portability, and (v) not to be subject to automated decision-making.
Withdrawing your consent
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time by contacting us using the details in section 13.
Opting out of marketing communications
You can unsubscribe from our marketing communications at any time by clicking the unsubscribe link in our emails, replying “STOP” or “UNSUBSCRIBE” to SMS messages, or contacting us. You will then be removed from the marketing lists, though we may still communicate with you for service-related purposes.
If you have questions or comments about your privacy rights, you may email us at admin@holisticheartcenter.com.
10Controls for Do-Not-Track features
Most web browsers and some mobile operating systems and applications include a Do-Not-Track (“DNT”) feature you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals.
Global Privacy Control
We recognize and honor Global Privacy Control (GPC) signals. If you use a browser or extension that supports GPC, we will treat this as a valid request to opt out of the sale or sharing of your personal information for targeted advertising under applicable state privacy laws. For more information, visit globalprivacycontrol.org.
11Do United States residents have specific privacy rights?
The table below shows the categories of personal information we have collected in the past twelve (12) months.
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Contact details, such as real name, alias, postal address, telephone number, unique personal identifier, online identifier, IP address, email address, and account name | YES |
| B. Personal information (CA Customer Records statute) | Name, contact information, education, employment, employment history, and financial information | NO |
| C. Protected classification characteristics | Gender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic data | YES |
| D. Commercial information | Transaction information, purchase history, financial details, and payment information | NO |
| E. Biometric information | Fingerprints and voiceprints | NO |
| F. Internet or other similar network activity | Browsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems, and advertisements | NO |
| G. Geolocation data | Device location | NO |
| H. Audio, electronic, sensory, or similar information | Images and audio, video or call recordings created in connection with our business activities | NO |
| I. Professional or employment-related information | Business contact details in order to provide you our Services at a business level or job title, work history, and professional qualifications if you apply for a job with us | NO |
| J. Education Information | Student records and directory information | NO |
| K. Inferences drawn from collected personal information | Inferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics | YES |
| L. Sensitive personal Information | — | NO |
We may also collect other personal information outside of these categories through instances where you interact with us in person, online, or by phone or mail in the context of:
- Receiving help through our customer support channels;
- Participation in customer surveys or contests; and
- Facilitation in the delivery of our Services and to respond to your inquiries.
We will use and retain the collected personal information as needed to provide the Services or for:
- Category A — As long as the user has an account with us
- Category C — As long as the user has an account with us
- Category K — As long as the user has an account with us
Sources of personal information
Learn more about the sources of personal information we collect in “What information do we collect?” above.
How we use and share personal information
Learn more about how we use your personal information in the section “How do we process your information?” above.
Will your information be shared with anyone else? We may disclose your personal information with our service providers pursuant to a written contract between us and each service provider. We may use your personal information for our own business purposes, such as for undertaking internal research for technological development and demonstration. This is not considered to be “selling” of your personal information.
We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We will not sell or share personal information in the future belonging to website visitors, users, and other consumers.
Your rights
You have rights under certain US state data protection laws. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law. These rights include:
- Right to know whether or not we are processing your personal data
- Right to access your personal data
- Right to correct inaccuracies in your personal data
- Right to request the deletion of your personal data
- Right to obtain a copy of the personal data you previously shared with us
- Right to non-discrimination for exercising your rights
- Right to opt out of the processing of your personal data if it is used for targeted advertising (or sharing as defined under California’s privacy law), the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects (“profiling”)
Depending upon the state where you live, you may also have rights to access the categories of personal data being processed, obtain a list of categories of third parties or specific third parties to which we have disclosed or sold personal data, review and correct how personal data has been profiled, limit the use and disclosure of sensitive personal data, and opt out of the collection of sensitive data and personal data collected through the operation of a voice or facial recognition feature — as permitted by the applicable law in your state.
How to exercise your rights
To exercise these rights, you can contact us by visiting concierge@holisticheartcenter.com, by emailing us at admin@holisticheartcenter.com, by calling toll-free at 1-877-511-5166, or by referring to the contact details at the bottom of this document. We will honor your opt-out preferences if you enact the Global Privacy Control (GPC) opt-out signal on your browser.
Under certain US state data protection laws, you can designate an authorized agent to make a request on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with applicable laws.
Request verification
Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. We will only use personal information provided in your request to verify your identity or authority to make the request. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes. If you submit the request through an authorized agent, we may need to collect additional information to verify your identity before processing your request and the agent will need to provide a written and signed permission from you to submit such request on your behalf.
Appeals
Under certain US state data protection laws, if we decline to take action regarding your request, you may appeal our decision by emailing us at admin@holisticheartcenter.com. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may submit a complaint to your state attorney general.
12Do we make updates to this notice?
We may update this Privacy Notice from time to time. The updated version will be indicated by an updated “Revised” date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.
13How can you contact us about this notice?
If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO) by email at admin@holisticheartcenter.com, by phone at 877-511-5166, or contact us by post at:
Holistic Heart Centers
Data Protection Officer
1410 Northern Blvd, #1106
#1106
Manhasset, NY 11030
United States
14How can you review, update, or delete the data we collect?
Based on the applicable laws of your country or state of residence in the US, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please visit: concierge@holisticheartcenter.com.
We’re here to help.
If you have questions or concerns about this notice, or you’d like to review, update, or delete your personal information, reach out and our team will respond in accordance with applicable data protection laws.