Privacy Policy

Overview

This Privacy Policy covers how YMAA School shares, collects, records, communicates, and otherwise discloses or uses any personal information submitted or action taken by you on this website. YMAA School values your privacy and will strive to ensure that it is protected. Should you submit any personally identifiable information to us when using this website, it will be used to the minimum extent necessary according to the terms below.

Please note and expect that this Privacy Policy will evolve and change over time. At any given moment, the version in full effect will be the one published on this website. We will put forth reasonable efforts in informing visitors about any changes deemed to be significant but will ultimately not be responsible for anybody who accesses or uses this site without being aware of such changes made. Usage of this website implies that you expressly agree with and consent to the most current version of this Privacy Policy.

You must be at least 13 years of age to access and use this website. YMAA School does not knowingly collect personal information from children under 13 years of age. If you are under 13 years of age and would like to use this website, you will need your legal parent or guardian to contact us.

What We Collect

All web requests from all website visitors are naturally visible to the webserver. Consequently, this information is also visible to YMAA School and recorded for purposes described in this Privacy Policy. Included in each web request you generate is your IP address (which can be used to determine your location, or your proxy's location), referrer, ISP, browser type, screen resolution, operating system, and other data relating to the technology and equipment used to access this website. This information is anonymous unless you are logged in, in which case the requests will be associated with the logged in user account.

To open a user account, users must provide their email, name, address, and telephone number. Additionally, a hashed (encrypted) version of your password is stored in the database. Because the password is hashed, we do not know what your password is. We are only able to try matching it to any entered passwords when trying to login. If you forget your password, we can reset it but not recover it. The password is stored in this way so that we never have to know your exact password, adding an extra layer of security to your account. Any payments, credit card or otherwise, are processed by PayPal and therefore no credit card information is stored by us.

In addition to data collected from our webservers, we also gather information about website visits through Google Analytics, a web analytics service provided by Google, Inc. ("Google"), and information related to email tracking. Emails sent by us may contain a web beacon, pixel tag, or other method to log and track which emails are read, what links are clicked, and where certain message may be forwarded to.

Please remember that if you click on an external link that takes you to a different website, this Privacy Policy will no longer applies. This Privacy Policy applies only to YMAA School, and if you arrive at an external website through a hyperlink from our website, you will be bound to the policy and terms of the other website.

What We Do With Your Information

Your email and name are used for all communications with you regarding your account, past purchases, customer support, and other inquiries. Our system requires a unique email address per user. Consequently, your email address is what uniquely identifies your user account, you and your usage of our system. The name and physical address you submit are used to confirm your credit card payments as well are your location. We do not verify this information, but PayPal may do so in order to confirm payments. If you decide to use an alias, alternate address, or different phone numbers, your purchases may not go through. Your name, address, and telephone numer are stored in our database to create user profiles which are used primarily to: 1) maintain a customer record, 2) confirm your identity, 3) invoice orders. Saved addresses can be selected using a dropdown menu during checkout. Address information can be edited in your User Profile. You will only be contacted by telephone if there is an urgent matter regarding your account and we cannot reach by email. Your physical address will be used for correspondence as a very last resort to send "snail" mail through regular postal services.

Promotions

We may periodically send you email about new promotions, products, special offers, or other information and announcements. Occasionally, we may also use your email to contact you for market research purposes, such as to take a survey or poll. Such information may be used to customize or tailor the website, products, or services according to the best interests of the majority. An option to unsubscribe or opt-out will always be presented at the bottom of all such emails. You can also alternatively submit an unsubscribe request using any of our other contact options.

Analytics

Information gathered are generally used to monitor traffic for any abuse, fraud, or potential threats. Traffic must be monitored for illegitimate use by bots, spammers, or hackers. It is also used to find broken or problematic links and pages, to trace errors and fix bugs, and to ensure consistent overall website functionality. As visitors can use a multitude of browsers and platforms to access this website, traffic data is also analyzed to determine how to account for certain setups, devices, systems, or any combination of the above for better compatibility, security, and optimization. Aside from the above, this same information may also be used at times for business analysis, to plan for product development, improve upon existing services, and personalize content.

Sharing With Third Parties

Collected data may be shared with third party services, companies, or affiliates for purposes of fulfilling orders or improving our services. One such service is Google's reCAPTCHA v3 service, which is used to fight spam and abuse on our website. Each partner or affiliate has their own Privacy Policy and Terms of Use and you are subject to them when using those services on our website. To the furthest extent of our knowledge, any information passed to third parties will only be for the intended and stated purposes, and we will keep such information confidential, never sell it for profit, and never pass it to additional third parties without your knowledge. Anytime there are third party services involved for any product or service, it will be clearly labelled.

Other data gathered includes anonymous website traffic, which may be shared but without any personally identifiable information. At times we may share anonymous data with consultants, contractors, or other parties for the purposes of maintaining, optimizing, and improving functions such as navigation, layout, and formatting, or to monitor advertising campaigns, announcements, promotions, or offers. This includes information from web beacons, pixel tags, and other email tracking technology. Personal information, such as your name, address, telephone number, and email, will never be shared unless it is absolutely necessary, such as to complete a transaction fulfilled by a partner or affiliate (e.g. PayPal).

Data Security

We will do all that we can to keep your information secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. Your information is shared for the sole objective of fulfilling the purposes outlined in this policy. We will not sell, distribute, or lease your personal information without your express written consent or unless we are required to do so by law.

Cookies

A cookie is a small file that browsers must accept in order to be stored on your hard drive. Most web browsers accept cookies by default. Cookies do not give us access to your computer. They contain data about the way you access and use the website, typically browser information, device information, preference settings, visit times, and what sections you browse. Cookies can also be used to remember information about your likes and dislikes. Generally, users disable cookies because they find the data too personal. However, cookies must be accepted in order to enable full functionality on this website, due to the features of the underlying content management systems (CMS). This website uses cookies to manage website traffic and navigation, logins, and some user settings. They are used for the main website areas, store pages, and the online course portal.

Our website uses Google Analytics to generate reports and statistics for our website, which also uses cookies. They are transmitted to and stored by Google on its servers. Google uses this information for the purpose of evaluating how visitors use this website, compiling reports on website activity and Internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. Google Analytics reports have no personally identifiable information and are only shared to trusted third parties according to the same policy as described above: anonymously and not-for-profit.

Data Retention

We retain collected data only for the purposes explained in this Privacy Policy, namely, for as long as you have an active account. Data that is no longer relevant or applicable is scheduled for deletion. Inactive user accounts and any associated data will be deleted after 5 years of inactivity. However, some data may be retained longer if necessary to resolve disputes, enforce user agreements, or to comply with technical and legal requirements and constraints related to the security, integrity and operation of the business, such as for tax reporting purposes.

General Data Protection Regulation (GDPR)

On May 25, 2018, the European Union began enforcing the GDPR, a regulation that governs the protection, storage, and management of personal user data. In accordance with the GDPR, you have the options of: 1) requesting a copy of all personal data we store about you, 2) requesting deletion of that personal data. At any point in time, there will be a designated Data Protections Officer assigned to handle such matters.

Summary

YMAA School is committed to conducting its business in accordance with the aforementioned Privacy Policy in order to ensure that the confidentiality, safety, and privacy of personal information is protected and maintained. All data is currently processed on webservers residing in the United States, stored with reasonable industry-standard safeguards and procedures, and strictly limited in access.