top of page

Privacy Policy

LAST UPDATE · JUNE 2026

Your privacy and your trust matter deeply to us, especially given the intimate nature of this work. This policy explains what personal information we collect, why, how we use and share it, how we protect it, and the rights and choices you have. It applies to amyann.art and to our Offerings (courses, classes, communities, sessions, retreats, and more).

1. Who we are (data controller)

Amyann · Embodiment Arts ("Amyann", "we", "us") is the controller responsible for your personal information under this policy. We operate as a sole undertaking (no separate incorporated entity), and our contact details are in Section 23.

2. Scope

This policy covers personal information we process about visitors, subscribers, customers, applicants, and participants. It does not cover third-party sites or services that have their own privacy practices (Section 20), or information that has been anonymised so it can no longer identify you.

3. Information we collect

  • Identity & contact: Name, email, phone (if provided), postal/billing address, account username.

  • Account & profile: Login credentials, preferences, course progress, communication history with us.

  • Transaction & billing: Purchases, order history, coupons/credits used. Card payments are processed by our payment providers; we do not store full card numbers on our servers.

  • Content you share: Messages, replies, application answers, survey responses, testimonials, and anything you post in community spaces.

  • Technical & usage: IP address, device and browser type, operating system, pages viewed, referring pages, time on site, and approximate (city/region) location derived from IP.

  • Marketing data: Email opens/clicks, subscription status, and how you found us.

  • Connected accounts: Limited profile data if you choose to connect or log in via a third-party service.

A note on sensitive topics: Our work concerns sexuality and intimacy, and you may choose to share sensitive personal experiences with us (for example, in an application, message, or session). We do not require you to share more than you wish, we treat such information with particular care, and we only use it to provide and improve the Offering you have asked for. Please don't share sensitive details in public community spaces unless you're comfortable doing so.

4. Where your information comes from

  • Directly from you: when you opt in, create an account, purchase, apply, book, message us, or participate.

  • Automatically through cookies and similar technologies as you use the site (Section 5).

  • From service providers such as our payment, email, scheduling, and analytics providers, who share limited data needed to deliver their service.

5. Cookies & tracking technologies

We use cookies and similar technologies to operate the site, remember your preferences, keep you logged in, understand usage, and (where you allow it) measure marketing. These include: strictly necessary cookies (required to run the site and process orders), analytics cookies (to understand how the site is used), and marketing cookies (to measure campaigns). You can manage non-essential cookies through any on-site consent banner and through your browser settings; blocking some cookies may affect how the site works. Where required, we ask for consent before setting non-essential cookies. We honour browser-level opt-out signals (such as Global Privacy Control) where legally required.

6. How we use your information

  • To deliver your free practices, courses, memberships, communities, sessions, and retreats, and to manage your account and access.

  • To process payments and send order confirmations, receipts, and essential service notices.

  • To provide customer support and respond to your messages.

  • To send you marketing emails you've opted into (our letters, practices, and offerings) and to personalise and recommend relevant Offerings, you can opt out any time.

  • To operate, secure, analyse, troubleshoot, and improve the Services.

  • To run surveys, gather feedback, and (with permission) feature testimonials.

  • To detect, prevent, and address fraud, abuse, and security issues.

  • To comply with legal, tax, and accounting obligations and to enforce our terms.

7. Legal bases for processing (EEA/UK)

Where the GDPR applies, we rely on: contract (to deliver what you bought and manage your account); consent (for marketing emails and non-essential cookies, you can withdraw consent at any time); legitimate interests (to run, secure, analyse, and improve our business and prevent fraud, balanced against your rights); and legal obligation (to meet tax, accounting, and other legal duties). Where we process special-category data you choose to share, we rely on your explicit consent or another lawful basis.

8. How & with whom we share information

We share personal information only as needed, with categories of recipients such as:

  • Service providers/processors who run our website and course platform, email marketing, payment processing, scheduling/booking, file storage, customer support, and analytics under contracts that require them to protect your data and use it only on our instructions. Our current providers include our website, online-course, booking, and email-marketing platform (Wix), our payment processors (Stripe, Wix Payments, and PayPal, which also handle card payments), our community platform (Telegram), and our analytics provider.

  • Professional advisers such as accountants and lawyers, where needed.

  • Authorities & others where required by law, court order, or to establish, exercise, or defend legal rights, or to protect the safety of anyone.

  • Business transfers, if we merge with, are acquired by, or sell assets to another entity, your data may be transferred as part of that transaction, subject to this policy.

9. We do not sell your personal information

We do not sell your personal information for money, and we do not "share" it for cross-context behavioural advertising as those terms are defined under California law. If this ever changes, we will update this policy and provide any required opt-out.

10. Marketing communications & your choices

If you opt in, we'll send you our newsletter (The Sacra Letter), practices, and offers. Every marketing email includes an unsubscribe link, which we honour promptly; you can also email us to opt out. Even after opting out of marketing, you may still receive essential transactional or service messages (such as receipts and access information).

11. Data retention

We keep personal information for as long as needed for the purposes in this policy, generally while your account or relationship with us is active and for a reasonable period afterward, and longer where required to meet legal, tax, accounting, or fraud-prevention obligations, or to establish or defend legal claims. When no longer needed, we delete or anonymise it. Criteria we use include the nature of the data, the purpose, and applicable legal requirements.

12. Security

We use reasonable technical and organisational measures designed to protect your information, such as encryption in transit for billing, access controls, and reputable service providers. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. Please protect your account credentials and tell us promptly of any suspected compromise.

13. International data transfers

We and our providers may store and process your information in countries other than where you live (including Canada and the United States, where some of our service providers operate), where data-protection laws may differ from yours. Where we transfer personal information internationally, we put appropriate safeguards in place where required (such as Standard Contractual Clauses or equivalent mechanisms).

14. Your privacy rights

Depending on where you live, you may have some or all of the following rights regarding your personal information: to access it, to correct it, to delete it, to port it, to object to or restrict certain processing, to opt out of marketing, and to withdraw consent. We will not discriminate against you for exercising these rights. See the region-specific sections below and Section 18 for how to make a request.

15. EEA/UK (GDPR) rights

If you are in the EEA or UK, you have the rights of access, rectification, erasure, restriction, objection (including to direct marketing), and data portability, and the right to withdraw consent at any time without affecting prior processing. You also have the right to lodge a complaint with your local supervisory authority (in the UK, the ICO).

16. California (CCPA/CPRA) rights

If you are a California resident, you have the right to: know the categories and specific pieces of personal information we collect, use, and disclose; request deletion; request correction; and opt out of any "sale" or "sharing" (we do neither - Section 9) and to limit use of sensitive personal information. You may make up to two access requests in a 12-month period, free of charge, and you will not be discriminated against for exercising your rights. You may use an authorised agent to make a request on your behalf, with proof of authorisation. If we decline a request, you may appeal by contacting us.

17. Canada (PIPEDA)

If you are in Canada, you may request access to and correction of your personal information and may withdraw consent (subject to legal or contractual limits). You may also contact the Office of the Privacy Commissioner of Canada with concerns. We handle personal information in line with applicable Canadian privacy law.

18. How to exercise your rights

To make a request, email magic@amyann.art with the nature of your request. We may need to verify your identity before acting (and may ask for limited information to do so). We will respond within the timeframe required by applicable law. There is normally no fee, though we may charge a reasonable fee or decline a request that is manifestly unfounded, excessive, or repetitive, as permitted by law.

19. Children's privacy

The Services and Offerings are for adults aged 18 and over only. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information, contact us and we will delete it.

20. Third-party links & services

The Services may link to third-party sites, platforms, and tools that have their own privacy practices. This policy does not cover them, and we are not responsible for their content or practices. Please review their policies before providing information.

21. Automated decision-making

We do not make decisions that produce legal or similarly significant effects about you based solely on automated processing.

22. Changes to this policy

We may update this policy from time to time. The "Last updated" date shows the current version, and we will highlight material changes on this page or notify you where required. Your continued use of the Services after changes take effect means you accept the updated policy.

23. Contact us

For any privacy question or request, contact us at magic@amyann.art. We operate as Amyann · Embodiment Arts. We'll respond as required by applicable law.

bottom of page