Privacy Policy

Last updated: 6 March 2026

1. Introduction

Welcome to Dune Well Being (“we,” “us,” or “our”). We operate the website www.dunewellbeing.com (the “Site”), where visitors can learn about our coaching services, book appointments, or register interest in workshops and events.

This Privacy Policy explains how we collect, use, and protect your personal information when you use our Site. It covers only information collected through the Site and related forms. It does not cover what may occur once you actually participate in coaching sessions or other services.

By using our Site, you agree to the terms of this Privacy Policy.

2. Information We Collect

We may collect and process the following kinds of personal information when you interact with our Site:

• Contact details such as your name and email address.
• Booking information provided when scheduling a coaching appointment.
• Information provided for waiting lists or pre-registration (for workshops, group events, or other offerings).
• Payment information (if you choose to pay for a service through an integrated payment system). We do not store full credit-card details ourselves; payment information is processed securely through our payment partner.
• Communications you send to us (for example through contact forms or email).
• Technical and usage data, such as IP address, browser type, pages visited, and cookies or similar technologies (see our Cookie Policy).

3. How We Collect Your Information

We collect information when you:

• Complete a form on our Site (for example, a booking, contact, or pre-registration form).
• Interact with our Site or emails (automatically via cookies and similar technologies).
• Use an integrated service such as a calendar booking tool or payment processor.

4. How We Use Your Information

We use your information for the following purposes:

• To allow you to book and manage coaching appointments.
• To process payments (if applicable) and send booking confirmations or reminders.
• To manage waiting lists and pre-registrations, and to contact you about upcoming workshops or events you’ve expressed interest in.
• To respond to your inquiries or messages.
• To send you marketing updates or newsletters only if you have opted in.
• To maintain our business operations, improve the Site, and comply with legal obligations.

Legal bases under GDPR:

• Performance of a contract (for confirmed bookings).
• Consent (for pre-registration, marketing, or optional cookies).
• Legitimate interest (for communication about requested services or future events, and for Site improvement).
• Legal obligation (for record-keeping or tax requirements).

5. Sharing and Disclosure

We do not sell your personal information. We may share it only with:

• Service providers who help us operate the Site or deliver communications (e.g., booking platform, payment processor, email system). These providers act under written agreements and are required to keep your data secure.
• Legal or regulatory authorities if required by law.
• Successors in the event of a business transfer or restructuring, under the same protections.

If data is transferred outside the EEA, we ensure appropriate safeguards such as Standard Contractual Clauses or other lawful mechanisms.

6. Data Retention

We keep your personal information only for as long as necessary for the purposes described above, or as required by law. The below retention periods may be shorter if you contact us and request deletion.

• Coaching booking data: retained as long as you continue to engage coaching services, and then retained 12 months after the relationship ends or last contact.
• Workshop booking data: retained for 12 months after the event occurs.
• Payment data: retained as needed for records or legal obligations (for example, tax compliance).
• Waiting-list or pre-registration data: retained until 30 days after the relevant event occurs.
• Marketing or newsletter data: retained until you unsubscribe or withdraw consent, or after 24 months of inactivity.
• Ad hoc contact forms: retained for 6 months after last contact.

After these periods, your information is securely deleted or anonymized.

7. Your Rights

If you are located in the EU/UK (GDPR):

You have the right to:

• Access your personal information.
• Correct inaccurate or incomplete data.
• Request deletion (“right to be forgotten”).
• Restrict or object to certain processing.
• Receive a copy of your data in portable format.
• Withdraw consent at any time (for marketing or pre-registration communications).

If you are a resident of California (CCPA/CPRA):

You have the right to:

• Know what personal information we collect, use, and disclose.
• Request deletion of your personal information, subject to legal exceptions.
• Opt out of the sale or sharing of your data (we do not sell data).
• Not be discriminated against for exercising your rights.

To exercise any of these rights, please contact us using the details below.

8. Security

We take reasonable technical and organizational measures to protect your personal information against loss, unauthorized access, misuse, or disclosure. However, no system is completely secure, and we cannot guarantee absolute protection.

9. Children

Our Site is intended for adults. We do not knowingly collect personal data from children under 18 without parental consent. If you believe we have collected data from a minor, please contact us and we will remove it.

10. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in law or in our practices. Updates will be posted on this page with a new “Last updated” date.

11. Contact Us

If you have a specific individual data inquiry, please use the contact form below. 

If you have other questions, concerns, or requests about this Privacy Policy or how we handle your data, please contact:

Dune Well Being

Email: dunewellbeing+privacy [at] gmail [dot] com