Privacy Policy

Aware Presence Privacy and Cookies Policy

Aware Presence Limited understands that your privacy is important to you and that you care about the use of your personal data. We respect and value the privacy of our members and participants; this privacy statement explains what personal data or information we collect from you and from people who visit our website, and how we use it. We would encourage you to read the information below.

Who Are We?

Aware Presence is a Limited Company registered in England under company number: 07921678. Our registered address is: 171 Crescent Road, Oxford, OX4 2NX. Aware Presence Limited is a registered Data Controller (ICO registration number ZA799318).

What Is Personal Data?

“Personal data” is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data means, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

What Personal Data or Information Do We Collect?

We may collect personal data about members, event participants, newsletter subscribers, volunteering applicants, scholarship applicants, individuals enquiring about our offering, our current and former associates, and our suppliers. The personal information we collect may include your name, address, email address, IP address, and information regarding what pages you access on this website and when.

How Do We Collect Data or Information From You?

We collect personal information about you when you:

  • Make an enquiry via our website or via the telephone
  • Attend one of our retreats or events, online or in person
  • Subscribe to our newsletter or daily quotes
  • Sign up for an account on our website
  • Choose to store your credit card information with us
  • Make a purchase via our website
  • Use our website
  • Post messages to the discussion board on the website
  • Enquire about volunteering or job opportunity with the organisation
  • Work for or with the organisation as an associate or volunteer
  • Exchange business cards with a member of the organisation
  • Communicate with us via email
  • Invite Rupert Spira to speak at your event

How Is Your Information Used?

We collect your personal data or information to operate our business effectively and to provide you with a high-quality service. We may use your information:

  • To deliver our range of services to you
  • To answer enquiries that you make prior to any purchase or application
  • To respond to invitations for Rupert Spira to speak at events
  • To process an application to volunteer with us
  • To process an application for a scholarship from us
  • To process credit card payments using your stored credit card
  • To fulfil our obligations as a business
  • To manage the organisation of our events and retreats
  • To promote our events on social media
  • To maintain security of our IT infrastructure
  • To share daily quotes with you, if you have subscribed to receive them.
  • To share our newsletter with you, if you have subscribed to receive it.
  • To track payments you make, or payments made to you

We believe that all these purposes are justified on the basis of our legitimate interests in running and promoting the business, our contractual requirements to deliver services you have requested or purchased from us, our legal obligations as a limited company and responsible business, and consent to store your credit information. If you would like to know more, please read below:

  • Event Attendees
  • Website Members
  • Newsletter Subscribers
  • Daily Quote Subscribers
  • Enquirers
  • Event organisers inviting Rupert Spira to Speak
  • Associates
  • Applicants, Our Current and Former Volunteers
  • Applicants, Our Current and Former Scholarship ‘Winners’
  • Suppliers

Event Attendees

This applies to anyone attending one of our retreats or events in person or online.

When you attend one of our retreats in person, we will hold the following information about you:

  • Name, Gender and contact information
  • Demographic information, such as postcode
  • Information relating to the event organisation, such as your dietary requirements and special requests relating to your accommodation.
  • Information relating to any relevant medical conditions or vulnerabilities we need to be aware of while you’re attending our event.
  • Your emergency contact name and phone number
  • Communications with you relating to the event you’re attending
  • Information about any purchase you make during the event, e.g. recordings
  • Your photograph or image (via recordings).
  • Your payment information i.e. invoice or credit card transactions.

When you attend one of our online events, we will hold the following information about you:

  • Name, Gender and contact information
  • Demographic information, such as postcode
  • Information relating to the event organisation, such as your membership subscription information.
  • Communications with you relating to the event you’re attending
  • Information about any purchase or pre-orders you make during the event, e.g. recordings
  • Your photograph or image (via recordings).
  • Your payment information i.e. invoice or credit card transactions.

We store your information in our website content management system, which uses secure servers based in the UK. We also use the Google Suite of products to store and edit documents relating to our events and email communications with participants. Access to this information is restricted to Associates of Aware Presence, as required for their role in managing and hosting the event. Paper versions of the attendee lists are used by event organisers while the event is happening and are destroyed once the event is finished. Any information you disclose to us about your health or vulnerabilities will be stored in confidence and collected with your consent.

We do record our events to make recordings available to attendees and take photographs of events to use in our marketing and social media posts. We will always ask you for your permission at the point you book onto the course. If you choose not to give your permission, please do speak with our event organiser to discuss how we can accommodate you.

We will retain information about your attendance at our event for the duration of our relationship with you, then a maximum of 10 years afterwards. We will retain financial records for 6 years, following the end of the current financial year as required by law.

Website Members

In order to engage with our digital content, make purchases or book onto one of our events, we ask you to set up an account on our website. In addition, you may subscribe to specific communications from within your account (e.g. Newsletter, Daily Quote – see below). As a Website Member, we may hold the following information about you:

  • Name, gender, address and contact information
  • Demographic information, such as postcode
  • The image you choose for your profile, which may be a photograph of you.
  • Online identifiers, such as IP address, location data, login credentials
  • Usage information, such as when you created your account or last logged into the account
  • Details about your active and previous subscriptions, such as free or paid-for digital content or attendance at events.
  • Messages or discussions you participate in on the public discussion board, available on the website
  • Your payment information i.e. invoice or credit card transactions.

We store your information in our website content management system, which uses secure servers based in the UK. We use WorldPay to process financial transactions on our behalf; they have secure servers based in the USA, which means your data is transferred outside of the UK and European Economic Area (EEA). We require you explicit consent to store your credit card details within our system.

We retain financial information relating to payments for 6 years, after the end of the current financial year as required by financial regulations.

Newsletter Subscribers

As a subscriber to our newsletter, you will have signed up for a member account on our website and opted-in to receive the newsletter. We may hold the following information about you:

  • Name, Gender and contact information
  • Demographic information, such as postcode
  • The image you choose for your profile, which may be a photograph of you.
  • Online identifiers, such as IP address, location data, login credentials
  • Usage information, such as when you created your account or last logged into the account

We store your information in our website content management system, which uses secure servers based in the UK. We use Mailchimp to manage the distribution of the newsletter; their servers are based in the USA, which means your data is transferred outside of the UK and European Economic Area (EEA).

We will continue to send you the newsletter until you unsubscribe. If you do unsubscribe, we will retain minimal personal data about you (name and email) within Mailchimp to manage our suppression list. The suppression list allows us to check we are not marketing to people who have opted-out or withdrawn consent.

Daily Quote Subscribers

As a subscriber to our Daily Quote email, you will have signed up for a member account on our website and opted-in to receive our Daily Quote in your inbox. We may hold the following information about you:

  • Name, Gender and contact information
  • Demographic information, such as postcode
  • The image you choose for your profile, which may be a photograph of you.
  • Online identifiers, such as IP address, location data, login credentials
  • Usage information, such as when you created your account or last logged into the account

We store your information in our website content management system, which uses secure servers based in the UK. We use Mailchimp to manage the distribution of the daily quote; their servers are based in the USA, which means your data is transferred outside of the UK and European Economic Area (EEA).

We will continue to send you the Daily Quote email until you unsubscribe. If you do unsubscribe, we will retain minimal personal data about you (name and email) within Mailchimp to manage our suppression list. The suppression list allows us to check we are not marketing to people who have opted-out or withdrawn consent.

Enquiries

When you make an enquiry to one of the team about our events or services, we may hold the following information about you:

  • Name and contact information.
  • Information you provide within your initial enquiry
  • Communications with you relating to your enquiry, prior to any booking you make or services you request.

We store your information in our website content management system, which uses secure servers based in the UK. We also use the Google Suite of products to manage our communications with prospective, current and previous members. We will retain enquiry information for a period of 10 years.

Event Organisers inviting Rupert Spira to speak

When you invite Rupert Spira to speak at an event you are organising, we may hold the following information about you:

  • Name and contact information
  • Information about the event that you are organising
  • Communications with you relating to the invitation, and organisation of the event if Rupert Spira is able to attend.

We use the Google Suite of products to manage our business, and your information will be stored within them. Google uses secure servers in Europe and in the USA, so your personal data may be transferred outside of the UK and EEA. We will retain your personal details for the period of time that the invitation or organisation of the event is ongoing, and delete 10 years after the event has taken place.

Current and Former Associates

We have a number of trusted Associates who support the smooth operation of our business. When you work for us as an Associate, we may hold the following information about you:

  • Name, business name and contact information
  • Information relating to your qualifications and experience
  • Demographic information, such as postcode
  • Information about your work with us, including our communications with you
  • Financial information, such as bank details, chargeable rates

We use the Google Suite of products to manage our business, and your information will be stored within them. Google uses secure servers in Europe and in the USA, so your personal data may be transferred outside of the UK and EEA. We will retain your personal data for the duration of your relationship with us as an Associate, and for a period of 7 years after any such relationship ends. We retain financial information for 6 years after the end of the current financial year, in line with accounting requirements.

Scholarship Applicants and Scholarship Awards

Each year, we have a number of Scholarship Tickets available for our retreats. When you apply for a Scholarship Ticket, we may hold the following information about you:

  • Name and contact information.
  • Demographic information such as postcode
  • Information relating to your financial circumstances and other factors contributing to the request for financial support
  • Information relating to the event you wish to attend, as well as notes of any previous retreats or events you may have attended.
  • Communications with you relating to your Scholarship application
  • Our decision to award a Scholarship Ticket or not

We use the Google Suite of products to manage our business, and your information will be stored within them. Google uses secure servers in Europe and in the USA, so your personal data may be transferred outside of the UK and EEA. Your information will only be accessed by a limited number of people who need to see your information to manage the scholarship process. We will retain your personal data relating to the application process and successful award of a scholarship ticket for a period of 6 years after the current financial year, in line with our accounting requirements. We may store the information about successful and completed Scholarship ticket grants for a longer period, up to 10 years, in order to identify multiple applications and ensure fairness.

Volunteer Applicants and Volunteer List

We also work with amazing Volunteers who help us ensure that our events and retreats run smoothly. When you apply / are invited to be a Volunteer or are a Volunteer for us, we may hold the following information about you:

  • Name and contact information (email).
  • Information relating to your experience and relevant skills
  • Information relating to events you have volunteered at
  • Communications with you relating to your volunteering activities

We use the Google Suite of products to manage our business, and your information will be stored within them. Google uses secure servers in Europe and in the USA, so your personal data may be transferred outside of the UK and EEA. Your information will only be accessed by a limited number of people who need to see your information to organise our events. We will retain your personal data for the duration of your time as a Volunteer with us, and for a period of 7 years after you no longer wish to / are available to volunteer for us. If we receive an unexpected application to be a volunteer with us, we will hold onto your details for a period of up to 2 years in case an opportunity becomes available.

Suppliers

When you work with he firm as a supplier, we may hold the following information about you:

  • Name and business contact information.
  • Information relating to your business activities
  • Information and documents relating to the services or products you offer, including our communications with you.
  • Financial information, such as invoices, payments and bank details.

We use the Google Suite of products to manage our business, and your information will be stored within them. Google uses secure servers in Europe and in the USA, so your personal data may be transferred outside of the UK and EEA. We also use Xero to manage our accounts; information relating to invoices and payments will be stored in Xero. They use secure servers based in the USA, so your personal data will be transferred outside of the UK and EEA.

We will retain your information for the duration of our relationship with you and for 5 years after the last purchase we made with you. We retain financial information for 6 years after the end of the current financial year, in line with accounting requirements.

Who Has Access to Your Information?

We limit access to your personal data to those Associates, Volunteers and third-party processors (see below) who have a legitimate need to know and ensure that they are aware of their duty of confidentiality.

We do not sell or rent your personal data or information to any third party or share your information with third parties for their marketing purposes.

In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

We may pass information about you to other parties as required to provide requested services to you. For example, we will need to provide information to the venue where we host our retreats to manage your accommodation and/or dietary requirements.

We may pass your information on to third party service providers for the purposes of completing a task or providing services to you on our behalf. However, we disclose only the personal information necessary to deliver that service and have a contract in place that requires them to keep your information secure and not to use it for other purposes.

We currently use third-party service providers in the following areas of our business:

Service Provider

Activity Carried Out

Sector

Location

Online Payment System (data processor)

Processing online payments

Financial

USA

Bookkeeper (data processor)

Monthly accounting

Financial

UK

Accounting Software (data processor)

Provision of accounting software

Information Technology (software)

USA

Event and Marketing Automation Tools (data processor)

Provision of marketing automation tools used to communicate with customers and prospective clients.

Information Technology

USA

Digital Marketing (data processor)

Provision of digital marketing and social media support

information Technology

UK

Website Design & Hosting

Website hosting, design and support

Information Technology

UK & EEA

Website Content Management System (data processor)

Website content and membership management

Information Technology

UK & EEA

Webinar Software (data processor)

Webinar hosting platform

Information Technology

USA

If any of your personal data are shared with a third party, as described above, we will take steps to ensure that your personal data are handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law, as described above.

Transfers Outside of the UK and European Economic Area

We may store or transfer some or all of your personal data in countries that are not part of the European Economic Area (the “EEA” consists of all EU member states, plus Norway, Iceland, and Liechtenstein). These are known as “third countries” and may not have data protection laws that are as strong as those in the UK and/or the EEA. This means that we will take additional steps in order to ensure that your personal data are treated just as safely and securely as they would be within the UK and under our Data Protection Legislation as follows:

  • We share your data with external third parties, as detailed in the table above, that are based outside of the UK & EEA. The following safeguards are applied to such transfers:
  • We will only transfer your personal data to third countries whose levels of data protection are deemed ‘adequate’ by the European Commission. More information is available from the European Commission.
  • We use specific contracts with external third parties that are approved by the European Commission for the transfer of personal data to third countries. These contracts require the same levels of personal data protection that would apply under the Data Protection Legislation. More information is available from the European Commission.
  • Where we transfer your data to a third party based in the US additional steps have been taken to ensure your personal data will be treated as securely and safely as it would be in the UK and under the GDPR. We have signed Data Processing Agreements with our data processors based on model contract clauses provided by the European Commission (also known as ‘standard contract clauses’), which impose suitable data protection standards on a contractual basis.

Please contact us using the contact details provided below for further information about the particular data protection mechanisms used when transferring your personal data to a third country.

What Are Your Rights?

Under Data Protection Legislation, you have the following rights, which we will always work to uphold:

  • The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the contact details provided at the end of this policy.
  • The right to access the personal data we hold about you. The section “How Can I Access My Personal Data?” will tell you how to do this.
  • The right to have your personal data rectified if any of your personal data held by us are inaccurate or incomplete. Please contact us using the contact details provided at the end of this policy.
  • The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold, in certain circumstances. Please contact us using the contact details provided at the end of this policy to find out more.
  • The right to restrict (i.e. prevent) the processing of your personal data.
  • The right to object to us using your personal data for a particular purpose or purposes.
  • The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
  • The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data are processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
  • Rights relating to automated decision-making and profiling. We do not use your personal data in this way.

For more information about our use of your personal data or exercising your rights as outlined above, please contact using the contact details provided at the end of this policy.

It is important that your personal data are kept accurate and up-to-date. If any of the personal data we hold about you change, please keep us informed for as long as we have those data.

Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first using the contact details provided at the end of this policy.

How Can You Update Your Information?

The accuracy of your information is important to us. If you change your contact details or if you want to update any of the information we hold on you, you can email us at: website@rupertspira.com or by post at: 171 Crescent Road, Oxford, United Kingdom, OX4 2NX.

In addition, if you have an online account, you can update your details directly through logging into your account and updating your profile.

How Can You Access Your Personal Data?

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.

All subject access requests can be made in writing, either via email or via the postal addresses shown below, or verbally, either in person or on the phone.

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data, within that time. In some cases, however, particularly if your request is more complex, more time may be required, up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.

You also have the right to lodge a complaint about our processing of your personal data with the UK’s Information Commissioner’s Office

Keeping Your Data Secure

The security of your personal data is essential to us, and to protect your data, we take a number of important measures, including the following:

  • Limiting access to your personal data to those associates, volunteers and third-party processors with a legitimate need to know and ensuring that they are subject to duties of confidentiality.
  • Procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so.
  • Adhering to OWASP Standards, including scanning for malicious attacks, encrypting data at rest and in transit.
  • Adhering to our policies and processes including, physical security, back-up, encryption, access control and password protocols.

Contacting Us via Email

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government standards. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

Cookie Information for Visitors to Our Website

What Are Cookies?

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

How Do We Use Cookies?

Cookies provide information about individuals’ usage of the website, which may identify you as the same individual even if we do not know your name, we can identify location, IP address and device information. As such, we make sure you have a choice about the cookies that are placed on your device for our statistical purposes by Google Analytics, which help us to understand more about the ways in which people use our website. We would appreciate it if you opt-in to accept these cookies when the website asks you, as it will help us to improve it over time.

What Cookies do We Use?

We use first-party cookies (Cookies set by Aware Presence) and third-party cookies (cookies set by other providers, e.g. analytics providers such as Google or video hosting providers such as Vimeo).

Cookie

Name

Purpose

More information

Necessary Cookies: Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies. No consent is required for Necessary cookies.

PHPSESSIONID

Session ID

A session ID allocated by the webserver, which preserves user session state across page requests.

nailsrememberme

“Remember me” Token

A cookie set by the website’s framework which stores a token used to preserve the user's session state should it expire.

cart_token

Cart Token

Stores the user’s current cart token if they are not logged in

rupertspira_cookieconsent

Cookie Consent

Stores the user’s cookie consent preferences

default_currency

Default Currency

Stores the user’s preferred currency for payment if they are not logged in

Non-essential cookies: Non-essential cookies have a range of functions, from allowing the website owner to understand how users are moving around and using their website (Statistical) to third-party cookies which look to build a profile of individuals that can inform their online marketing decisions (Marketing). Non-essential cookies require a user to ‘opt-in’ to accept the cookie onto their device.

_ga

_gid

_gat

Google Analytics

(Statistical)

These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information, including IP address, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

Click here for an overview of privacy at Google.

collect

Google Analytics (Marketing)

Used to send data to Google Analytics about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels.

Click here for an overview of privacy at Google.

Facebook Pixel

(Marketing)

Used to track visitor across devices and marketing channels, particularly in response to Facebook Ads.

Click here for more details about Facebook Pixel

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.

Links to Other Websites

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third party site.

How Do I Contact You?

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details for the attention of:

Data Protection Lead: Ruth Middleton

Email address: website@rupertspira.com

Postal address: Aware Presence Ltd, 171 Crescent Road, Oxford, United Kingdom, OX4 2NX

Changes to This Privacy Notice

We keep our privacy notice under regular review. This privacy notice was last updated on:

7th May 2021