Privacy Policy

Bertone Integrative Mind Body Clinic

Website Privacy Policy

Last Updated and Effective as of October 1, 2022

Please read this Privacy Policy carefully before you use www.drzacbertone.com (the “Website”). The terms “you” or “yours” refer to the visitor or user of the Website. Your privacy is important to Zachary Bertone, Ph.D. doing business as Bertone Integrative Mind Body Clinic (“Bertone Integrative Mind Body Clinic,” “we,” “our,” or “us”), the owner of this Website and the products and services offered on this Website. This Website is designed to provide online services and products including online courses and programs, videos, blogs, and downloadable meditations, among other things (collectively “our Services”). This Privacy Policy describes the types of information we may collect from you or that you may provide when you visit the Website and purchase or use our Services, the ways in which we use, maintain, protect and disclose that information, and your rights with respect to such information. 

By visiting, accessing or using this Website, you consent to this Privacy Policy and the data collection practices described herein, whether or not you have read it. If you do not agree to these terms, please do not access or use the Website or our Services. 

This Privacy Policy applies to information we collect on and through this Website including in any electronic messages between you and the Website. It does not apply to any information you may provide to us or that we may collect offline and/or through other means (for example, at a live event, via telephone, through the mail or as a patient/client of Bertone Integrative Mind Body Clinic). For avoidance of doubt, if you are a patient/client of Bertone Integrative Mind Body Clinic, it does not apply to your personal health information which is protected and stored in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Changes to our Privacy Policy

We may need to, and we reserve our right to, change this Privacy Policy from time to time, in which case the updated Privacy Policy will be posted on this page, and we will update the Effective Date at the top of the Privacy Policy to reflect the date of such change(s). By continuing to use the Website after we post any such changes, you accept the Privacy Policy as modified, so please check this Privacy Policy from time to time to be aware of any modifications.

Children’s Online Privacy Protection Act

This Website and our Services offered herein are not intended for children under eighteen (18) years of age, and we do not knowingly collect personally identifiable information from children. If we learn we have collected or received any information from anyone under the age of eighteen, we will delete that information. If you believe we might have any information from or about a child under eighteen, please contact us at info@drzacbertone.com.

Information We Collect and How We Collect It

When you access the Website, its content and its services, we will learn certain information about you during your visit. We collect this information:

• Directly from you when you provide it to us.
• Automatically as you navigate through the Website. Information collected automatically may include usage details, IP addresses and  information collected through cookies, web beacons and other tracking  technologies.
• From third parties, for example, our business partners.

Information You Provide to Us. 

We collect and maintain information that you voluntarily submit to us during your use of the Website and our Services (collectively, “personal information”). For example:

• when you register for and purchase a course, program, downloadable meditation or any other product or service sold through this Website, you may provide us and we may      collect certain information including your name, address, e-mail address, billing      information such as credit card information, and details of purchase transactions you carry out;
• if you sign-up to receive our newsletter or a free opt-in, if that is offered, you may provide us your name and e-mail address;
• if you fill out any type of form on the Website, including a contact form or e-mail us for customer support or questions, we collect your contact information that you provide such as      your name, e-mail, phone number, any comments, or messages you provide, and      records and copies of your correspondence together with your e-mail  address and our responses.

You are not required to provide any personal information to merely access or visit the Website. 

If you are located in the European Economic Area (EEA), this means we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as data controller of that personal information for the purposes of those laws.

Information We Collect Through Automatic Data Collection Technology

As you visit and navigate through the Website, we may use automatic data collection technologies such as “cookies” (small files saved on your hard drive by your web browser) like Google Analytics or the Facebook ad pixel to collect certain nonpersonal information about your equipment, browsing actions and patterns. This nonpersonal information will generally include information about your location, your traffic pattern through our Website, and any communications between your computer and our Website. Among other things, we may collect data about your computer hardware and software, your Internet connection, your IP address, your operating system, your browser type, domain names, access dates and times, referring website addresses, and information about the areas of the Website you visit and search terms you use on this Website and about the links you may select from within this Website to other areas of the Internet. We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking) such as the websites you visited just before and just after this Website. 

Any such information collected automatically is used for statistical data and will not include personal information. We use such technologies and the information collected by them to improve the Website and our service as it enables us to analyze Website performance, estimate our audience size, track usage patterns, save information from your previous visits about your preferences to customize your experience and speed up your searches and recognize you when you return to our Website. 

If we use cookies, we will ask for your consent to allow us to use cookies. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if we use cookies and you select this setting, you may be unable to access certain parts of our Website. 

We also reserve the right to use technological equivalents of cookies, including social media pixels. These pixels allow social media sites to track visitors to outside websites so as to tailor advertising messages users see while visiting that social media website. We reserve the right to use these pixels in compliance with the policies of the various social media sites.​

If your browser sends a "Do Not Track" signal, only a generic cookie will be placed on your device while the Website is accessed.

To the extent that you voluntarily provide personal information to us, our systems will associate the automatically collected information with your personal information.

Google Analytics 

This Website may also use Google Analytics so that we can understand and analyze the usage trends and preferences of visitors in order to improve our service and develop new features and functionalities. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Website. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. To learn more about Google Analytics and how they may collect and use your data, please visit: "How Google uses data when you use our partners' sites or apps," located at:

https://policies.google.com/technologies/partner-sites. 

You can opt-out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on available here: https://tools.google.com/dlpage/gaoptout/. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visitors activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information, in the ways described below or described at the time that the information is collected. In general, we use the information we collect about you as necessary or appropriate to:

• administer your account when you register for one of our Services;
• register you and provide you access to the Website or our Services;
• respond to your inquiries or requests that you direct to us or provide you with information you request from us;
• fulfill orders, complete customer transactions, and process payments if you make a payment or purchase directly form Bertone Integrative Mind Body Clinic through this website;
• send you e-mails when you sign up for our e-mail newsletter if we offer that;
• send communications and administrative e-mails about  the Website or our Services;
• personalize and better tailor the features, performance, and support of the Website and our Services for your use;
• send you promotional/marketing information, offers or other information regarding opportunities and functionality that we think would be of particular interest to you;
• improve the quality of the Website and our Services;
• analyze, benchmark and conduct research on, user data and user interactions with the Website and our Services so that we can  improve the quality and performance of the Website and our Services; and
• carry out our obligations and enforce our rights arising from any agreements entered into between you and us.

Email Policies and CAN-SPAM Act

We are committed to keeping your e-mail address confidential. We do not sell, rent, or lease your personal information to third parties, and we will not disclose your e-mail address to any third parties except as allowed in the section of this Privacy Policy titled Disclosure of Your Information: Who We Share Your Information With. We will maintain the information you send via e-mail in accordance with applicable federal law.

In compliance with the CAN-SPAM Act, all e-mails sent from Bertone Integrative Mind Body Clinic will clearly state who the e-mail is from and provide clear information on how to contact the sender. In addition, all e-mail messages from us provide the opportunity to opt-out of receiving future communications from us by clicking on the unsubscribe link located at the bottom of any such e-mail at any time. After unsubscribing, we will discontinue sending the messages as soon as technically feasible.

Who Has Access to Your Data Within Bertone Integrative Mind Body Clinic

Within Bertone Integrative Mind Body Clinic, access to your data is limited to those persons who require access in order to provide you with the Services you purchase from us, to contact you, and to respond to your inquiries.  Employees and contractors of Bertone Integrative Mind Body Clinic, if any, will only have access to data on a “need to know” basis.

How We Disclose Information to Third Parties

Bertone Integrative Mind Body Clinic respects your privacy and we do not sell, rent, lease, trade or otherwise transfer any information collected, whether automatically or through your voluntary action, to third parties (beyond what is necessary for the basic functionality of an online service or for fulfilling a customer transaction if applicable) without your consent. 

We may disclose personal information that we collect, including that you provide, as described in this Privacy Policy:

• To our subsidiaries and affiliates.
• To third parties including, for example: contractors, service providers and ‘data processors’ as described below, that we use to support our business and our Website. All such third parties will always be bound by contractual obligations to keep personal information      confidential and use it only for the purposes for which we disclose it to them. 
• To a third party, including a lawyer or collection agency, when necessary to enforce any other applicable terms of use, terms & conditions or agreement between you and Bertone Integrative Mind Body Clinic, including for billing and collection purposes.
• To any successor in interest in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of  Bertone Integrative Mind Body Clinic’s assets and/or business.
• If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Bertone Integrative Mind Body Clinic, other users of the Website or the general public. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
• To comply with any  legal obligations such as court order, law or legal process, including to respond to any government or regulatory request and when compelled by a court or other governmental entity to do so. 
• For any other purpose disclosed by us when you provide the information.
• With your consent.

As previously noted, if you are located in the European Economic Area (EEA), this means we are the ‘data controller” under the General Data Protection Regulation of any personal information collected through the Website, and we determine the purposes for which and the manner in which any personal information is used and processed. However, we pay for the services of third party ‘data processors’ who hold and/or process personal information of users of the Website on our behalf. We may have multiple data processors at any given time, including, but not limited to:

• our email marketing and email management software service provider;
• our Website hosting and platform service provider; 
• payment merchants for purchases directly through our Website;
• Google;
• Facebook;
• Instagram, and other social  media sites.

Note that, while the above entities act as data processors on our behalf, some or all of them may also act as data controllers in their own rights. For example, if you purchase a product or service directly through our Website, payment merchants decide which information they need from our customers in order to process their payments correctly. The payment merchants or other data processing entities may also exercise control over the other purposes that a customer's data is used for, for example direct marketing of their products and services, which is not within our control. The payment merchants or other data processing entities also have legal requirements of their own to meet, such as regulations relating to the use and retention of payment card data or other personal data. And, finally, each data processor has its own terms and conditions and privacy policies that apply directly to our Website users.

Use and Transfer of Your Information Out of the European Economic Area (EEA), the UK and Switzerland

The General Data Protection Regulation (GDPR) requires certain safeguards when transferring personal data from outside the European Economic Area (EEA), the United Kingdom (UK) and Switzerland to "third countries," which are all countries outside these protected areas, including the United States. This Website is operated in the United States, and third parties with whom we might share your personal information as explained above are also located in the United States and Canada. If you are located in the EEA, the UK, Switzerland or elsewhere outside of the United States or Canada, please be aware that any information you provide to us will be transferred to the United States and Canada. By using this Website, participating in any of our Services and/or providing your information, you consent to this transfer.

The United States and Canada do not have the same data protection laws as the EEA, United Kingdom and Switzerland. While the European Commission has not given a formal decision that United States or Canada provide an adequate level of data protection similar to those which apply in the EEA, the UK and Switzerland, any transfer of your personal information will be subject to the derogation in Article 49 permitting non-repetitive transfers that concern only a limited number of data subjects, as permitted by Article 49 of the General Data Protection Regulation that is designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information.

If you would like further information, see How to Contact Us below. We will not otherwise transfer your personal data outside of the EEA, the UK or Switzerland, or to any organization (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

How Long Your Personal Information Will Be Kept

We will retain all non-client or customer personal information until you let us know you would like for us to delete it or unsubscribe from our e-mail contacts, which you are free to do at any time. However, if you make a purchase from our Website, we will hold personal data in our files for six years as advised by the IRS. 

How We Protect Your Information: Data Security and Information Storage

We employ commercially reasonable methods to ensure the security of the information you provide to us and the information we collect automatically. This includes using standard security protocols and working only with reputable third-party vendors. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.

If Bertone Integrative Mind Body Clinic collects sensitive personal information (such as credit card data), that information is encrypted and transmitted to Bertone Integrative Mind Body Clinic in a secure way. Customers can verify this by looking for a closed lock icon at the bottom of their web browser or looking for “https” at the beginning of the address of the web page.

However, please note that unfortunately no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website.  You acknowledge that (a) there are security and privacy limitations of the Internet which are beyond our control; (b) the security, integrity, and privacy of any and all information and data exchanged between you and us through this Website cannot be guaranteed; and (c) any such information and data may be viewed or tampered within transit by a third party. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

We will notify you and any applicable authorities of a suspected data security breach where we are legally required to do so.

Passwords to Access Purchased Products and Services 

To use certain features of our Website, you may be issued a unique or group username and password, which you will receive through your registration and/or purchase process. You are responsible for maintaining the confidentiality of the password and account and are responsible for all activities (whether by you or by others) that occur under your password or account.

You are not permitted to share your username and/or password with anyone. If you share your username and/or password with another person, we reserve the right to immediately terminate your access to the Website or Service. We cannot and will not be liable for any loss or damage arising from your failure to protect your password or account information. You are responsible for activities that take place using your password(s) and within your account. If you share your password(s) with anyone, they may be able to obtain access to your personal information at your own risk. 

By using this Website, you agree to enter true and accurate information as part of the registration, purchase process and otherwise. If you enter a false email address, or other false or inaccurate information, we have the right to immediately inactivate your account or block your participation in any feature or Service delivered on or through this Website. 

Third-party Use of Cookies and Other Tracking Technologies

Some content or applications on the Website may be served by third parties, content providers and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions, you should contact the responsible provider directly.

Third-Party Links 

We may provide links to third-party websites, products, or services on this Website. This Privacy Policy applies solely to information collected by us through the Website or our Services and does not apply to the privacy practices of such third parties. We do not monitor, control, or endorse the information collection or privacy practices of any third parties. Third-party websites may or may not have separate and independent privacy policies. When you access another website or purchase products or services from a third-party website, use of any information you provide is governed by the privacy policy of the operator of the website you are visiting or the provider of such products or services. We strongly encourage you to become familiar with the privacy practices of every website you visit and to contact them if you have any questions about their respective privacy policies and practices. We, therefore, have no responsibility or liability for the content and activities of these third-party linked websites or their privacy policy (or lack thereof).

Facebook

As advertisers on Facebook and through our Facebook page, we (not Facebook) may collect content or information from a Facebook user and such information may be used in the same manner specified in this Privacy Policy. You consent to our collection of such information.

We abide by Facebook’s Data Use Restrictions.

• Any ad data collected, received or derived from our Facebook ad (“Facebook advertising data”) is only shared with someone acting on our behalf, such as our service provider. We are  responsible for ensuring that our service providers protect any Facebook advertising data or any other information obtained from us, limit our use of all of that information, and keep it confidential and secure.
• We do not use Facebook advertising data for any purpose (including retargeting, commingling data across  multiple advertisers’ campaigns, or allowing piggybacking or redirecting  with tags), except on an aggregate and anonymous basis (unless authorized      by Facebook) and only to assess the performance and effectiveness of our      Facebook advertising campaigns.
• We do not use Facebook advertising  data, including the targeting criteria for a Facebook ad, to build, append  to, edit, influence, or augment user profiles, including profiles      associated with any mobile device identifier or other unique identifier that identifies any particular user, browser, computer or device.
• We do not transfer any Facebook  advertising data (including anonymous, aggregate, or derived data) to any ad network, ad exchange, data broker or other advertising or monetization  related service.

Your Rights: Accessing, Correcting and Deleting Your Information

As noted above, if you want to unsubscribe from receiving e-mails from Bertone Integrative Mind Body Clinic, you may do so at any time. Each e-mail from Bertone Integrative Mind Body Clinic includes instructions for unsubscribing from these e-mail communications.

You may send us an e-mail to info@drzacbertone.com in order request access to, correct or delete any personal information that you have provided to us. 

Please note that we may retain some or all of the information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

You may also decline to share certain personal information with us, in which case we may not be able to provide you with some of the features and functionality of our Services. 

If you place an order through the Website, we will maintain your order information for our records unless and until you ask us to delete this information. We are required to keep some basic information about our customers including transaction data for tax and legal purposes and therefore there is some information that cannot be deleted.

If you are located within the European Union, you are entitled to certain information and have certain rights under the General Data Protection Regulation. Those rights include:

· Fair processing of information and transparency over how we use your use personal information

· Access to your personal information and to certain other supplementary information that this Privacy Policy is already designed to address

· Require us to correct any mistakes in your information which we hold

· Require the erasure of personal information concerning you in certain situations

· Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations

· Object at any time to processing of personal information concerning you for direct marketing

· Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you

· Object in certain other situations to our continued processing of your personal information

· Otherwise restrict our processing of your personal information in certain circumstances

· You may also have the right to claim compensation for damages caused by our breach of any data protection laws.

We hope that we can resolve any question or concern you raise about our use of your information.

If you are covered by the General Data Protection Regulation, you may lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred. 

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation, available at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

We require only the information that is reasonably required to enter into a contract with you. We will not require you to provide consent for any unnecessary processing as a condition of entering into a contract with us.

If you would like to exercise any of those rights, please:

· Email us at info@drzacbertone.com

· Provide us enough information to identify you (e.g., name, e-mail address, or other information, as applicable) and verify proof of your identity

· Provide us with the information to which your request relates.

California Online Privacy Protection Act

The California Online Privacy Protection Act (CalOPPA) is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates a website collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

Pursuant to CalOPPA we agree to the following:

· Users can visit our Website anonymously

· There is a link to our Privacy Policy on our home page or at a minimum on the first significant page after entering our Website.

· Our Privacy Policy link includes the word ‘Privacy’ and can be easily be found on the page specified above.

· Users will be notified of any changes to our Privacy Policy:

• On our Website Privacy Policy page

· Users are able to change their personal information:

• By emailing us
• By logging into their account on our Website if they have one

As noted above, if your browser sends a "Do Not Track" signal, only a generic cookie will be placed on your device while the Website is accessed.

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA) took effect on January 1, 2020 and is intended to protect the personal information of California residents. The CCPA has certain threshold requirements which a company must meet in order to be required to comply with its provisions.  Upon information and belief, we do not meet those thresholds.  In the event of a change in our status, and if the data that you provide in the course of your use of the Website is governed by CCPA, we will abide by the relevant portions of the CCPA.

• If you are a resident of the state of California, you may have the right to: request disclosure of the personal information we have collected about you and the types of third parties with whom it has been shared; request a portable copy of your information; opt out from marketing messages or the sale of your information to third parties; and request deletion of your personal information. To make these requests, please contact us at info@drzacbertone.com.

Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at info@drzacbertone.com.