Sanjeevani Chandak

1. Who We Are

This website is operated by Sanjeevani Chandak, also conducting business under the brand Samattvam Wellness. We offer online yoga classes, private sessions, wellness coaching, and yoga retreats. In this Privacy Policy, “we”, “us”, and “our” refer to Sanjeevani Chandak / Samattvam Wellness.

Website: https://sanjeevanichandak.com

Contact: yogawithsc@gmail.com

2. What Personal Data We Collect and Why

2.1 Enquiries and Contact Forms

When you fill in a contact or enquiry form on our website, we collect your name, email address, and any message or information you voluntarily provide. We use this data solely to respond to your enquiry and, where you have consented, to send you information about our services.

2.2 Booking and Registration

When you register for a yoga class, private session, retreat, or training programme, we collect:

  • Full name
  • Email address
  • Phone / WhatsApp number
  • Country of residence
  • Any health information or injury disclosures you share voluntarily for instructional safety

This information is used to manage your booking, communicate class schedules and updates, and provide the service you have purchased.

2.3 Payment Information

We do not store your card details, bank account numbers, or other sensitive financial data on our servers. Payments are processed through third-party payment processors including:

  • Razorpay (India)
  • PhonePe (India)
  • Bank Transfer / UPI

Each processor operates under its own privacy and data-security policy. By making a payment, you also agree to the terms of the relevant payment processor. We receive only a confirmation of payment and, where applicable, a transaction reference number. We strongly encourage you to review the privacy policies of these processors before transacting.

2.4 Website Analytics

Our website may use analytics tools (such as Google Analytics) to collect anonymised data about how visitors use the site, including pages visited, time spent, and browser type. This data does not identify you personally and is used only to improve our website and services. You may opt out of analytics tracking through your browser settings or relevant browser extensions.

2.5 Cookies

Our website uses cookies for the following purposes:

  • Session / login cookies: set when you log in; expire when your session ends or within two days.
  • Preference cookies: save your display settings for up to one year.
  • Anti-spam detection: used when visitors leave comments; collects IP address and browser user agent string.

You can control or delete cookies through your browser settings. Disabling cookies may affect certain website functionality.

2.6 Blog Comments

If you leave a comment on our blog, we collect the data shown in the comment form (name, email, website), along with your IP address and browser user agent string, to help with spam detection. Approved comments and their metadata are retained indefinitely so we can recognise and approve follow-up comments automatically.

2.7 Embedded Content

Pages on this website may include embedded content from third-party platforms (e.g. YouTube videos, social media widgets). Embedded content behaves exactly as if you had visited that third-party website. Those platforms may collect data about you, use cookies, and track your interactions if you are logged in to their services. We are not responsible for the data practices of third-party platforms.

 

3. Legal Basis for Processing (India – DPDPA 2023)

We process your personal data under the Digital Personal Data Protection Act, 2023 (DPDPA). Our legal bases are:

  • Consent: you have provided your data voluntarily when filling a form, registering, or making a purchase.
  • Contract performance: processing is necessary to deliver the service you have purchased.
  • Legitimate interests: improving our website and preventing fraud, where these interests do not override your rights.
  • Legal obligation: where we are required to retain records by applicable law.
  •  
4. Legal Basis for Processing (International Clients – GDPR)

If you are located in the United Kingdom or European Economic Area, we process your personal data under the UK GDPR or EU GDPR respectively. Our lawful bases mirror those above: consent, contract performance, legitimate interests, and legal obligation. You have additional rights under GDPR including the right to lodge a complaint with your local supervisory authority.

 

5. How long we retain your data for
  • Enquiry / contact data: retained for up to 12 months from your last interaction, unless you have enrolled in a programme.
  • Booking and client records: retained for a minimum of 7 years to comply with applicable tax and financial regulations.
  • Payment transaction records: retained as required by the payment processor and applicable tax law.
  • Blog comments: retained indefinitely unless you request deletion.
  • Analytics data: anonymised and aggregated; not linked to you personally.
  •  
6. Who we share your data with

We do not sell, rent, or trade your personal data. We may share it with:

  • Payment processors: Razorpay, PhonePe – only to the extent required to process your transaction.
  • Communication platforms: Zoom (for live sessions); Google (for email and forms).
  • Spam detection services: visitor comments may be checked through an automated spam detection service.
  • Legal / regulatory bodies: if required by law or to protect our legal rights.

All third-party processors are required to handle your data securely and in accordance with applicable data protection law.

7. Your Rights

Depending on your location, you may have the following rights:

  • Right to access the personal data we hold about you
  • Right to correct inaccurate data
  • Right to request deletion of your data (‘right to be forgotten’)
  • Right to withdraw consent at any time, without affecting the lawfulness of processing before withdrawal
  • Right to data portability (where applicable under GDPR)
  • Right to object to processing based on legitimate interests

To exercise any of these rights, please contact us at yogawithsc@gmail.com. We will respond within 30 days. Please note we may need to verify your identity before processing a request.

 

8. How We Protect Your Data

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption on our website
  • Password-protected access to administrative systems
  • Use of reputable, PCI-DSS compliant payment processors so card data never passes through our servers

While we take data security seriously, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

 

9. Data Breach Procedures

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify affected individuals and, where required by applicable law, the relevant data protection authority, within the time period prescribed by law (72 hours under GDPR; as directed under DPDPA). We will document all breaches and the steps taken to address them.

10. Children’s Privacy

Our services are not directed at children under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the ‘Effective Date’ at the top of this page. Continued use of our website or services after any change constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

12. Contact Us

For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact:

Sanjeevani Chandak / Samattvam Wellness

Website: https://sanjeevanichandak.com

Email: yogawithsc@gmail.com