Privacy Policy

01

Overview

Sapna Patel LLC ("we," "us," "our") is committed to protecting your personal information. This Privacy Policy explains what information we collect, how we use it, how we protect it, and your rights regarding your personal data.

This policy applies to all personal information collected through our website, email communications, and any services purchased through our platform. By using our website or services, you consent to the practices described in this policy.

02

Information We Collect

• Name and email address — collected when you sign up for our newsletter, download the free Energy Hygiene Protocol PDF, join the webinar waitlist, or submit the contact form.
• Payment information — collected when you purchase a service. Payment card details are processed by Kajabi's secure payment infrastructure. We do not store your card number, expiration date, or CVV.
• Contact form submissions — including your name, email, and message content when you use the contact form on our website.
• Session booking information — including your name, email, and any pre-session information you voluntarily share when booking a Sai Shakti healing session.
• Optional wellness information — any information you voluntarily share about your health or wellbeing in the context of a healing session. This information is held in strict confidence and used only to personalize your session.

• Usage data — including pages visited, time on site, and referring URLs, collected through standard web server logs and analytics tools.
• Device information — including browser type, operating system, and device type, collected automatically when you visit our website.
• IP address — collected automatically for security and fraud prevention purposes.
• Cookies and similar tracking technologies — see Section 6 for full details.

We do not collect sensitive personal information such as race, ethnicity, religion, political views, biometric data, or precise geolocation data. We do not collect information from or about children under the age of 18 (see Section 11).

03

How We Use Your Information

We use the personal information we collect for the following purposes:

• Service delivery — to process your purchase, provide access to digital products, and deliver session bookings.
• Email communications — to send you the free PDF you requested, newsletters you subscribed to, and updates about services you have purchased.
• Customer support — to respond to your questions, contact form submissions, and service inquiries.
• Session preparation and follow-up — to personalize your healing session experience and provide post-session guidance.
• Webinar and event communications — to notify you when the Resonance Webinar or other events you have expressed interest in become available.
• Legal compliance — to comply with applicable laws, regulations, and legal obligations.
• Security and fraud prevention — to protect our website and services from unauthorized access, fraud, and abuse.

We will not use your information for any purpose not listed above without first obtaining your consent, except as required by law.

04

Sharing Your Information

We do not sell, rent, or trade your personal information to any third party for their marketing or commercial purposes.

We share your personal information only in the following limited circumstances:

• Service providers — we share information with third-party companies that help us operate our business (see Section 5 for full list). These providers are contractually bound to protect your data and use it only as instructed by us.
• Legal requirements — we may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights or the safety of others.
• Business transfers — in the event of a merger, acquisition, or sale of substantially all our assets, your information may be transferred. We will notify you before your data becomes subject to a different privacy policy.

05

Third-Party Processors

We use the following third-party services that may process your personal information:

Our course delivery platform and payment processor. Kajabi processes your name, email, and payment information when you purchase a digital product or membership. Kajabi is GDPR-compliant and processes data under their own Privacy Policy. Learn more at kajabi.com/policies/privacy.

We use an email marketing platform (such as ConvertKit or a similar provider) to manage our newsletter list, deliver free downloads, and send practice invitations. Your name and email address are stored with this provider. You can unsubscribe from any email at any time using the unsubscribe link in any email we send.

Our website is hosted by Netlify or a similar hosting provider, which processes IP addresses and usage data through standard web server logs.

We may use web analytics tools to understand how visitors use our website. Any analytics data is used in aggregate and not linked to personally identifiable information where possible.

We review our third-party service providers periodically and only work with providers who maintain appropriate data protection standards.

06

Cookies & Tracking

Our website uses cookies — small text files stored on your device — to enable certain website functions and improve your experience.

• Essential cookies — required for the website to function (e.g., session state, page navigation). These cannot be disabled without breaking site functionality.
• Analytics cookies — used to understand how visitors use our site (page views, traffic sources). These are anonymized where possible.
• Third-party cookies — set by Kajabi and our email platform when you interact with embedded forms or checkout pages on our site.

Most browsers allow you to control cookies through their settings. You can set your browser to refuse all cookies or to indicate when a cookie is being sent. Note that disabling cookies may affect the functionality of certain parts of our website.

For EU/UK users: We obtain your consent for non-essential cookies in accordance with GDPR requirements. You may withdraw your consent at any time by adjusting your browser settings or contacting us.

07

Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law.

• Newsletter subscribers — retained until you unsubscribe, at which point your email is removed from active lists within 30 days.
• Purchase records — retained for 7 years to comply with US tax and accounting requirements.
• Session notes — retained for up to 2 years after your last session, then securely deleted.
• Contact form submissions — retained for up to 12 months unless there is an ongoing support issue.

You may request deletion of your personal information at any time (see Section 14). Please note that we may retain certain information for legal compliance purposes even after your deletion request.

08

Data Security

We take the security of your personal information seriously. We implement reasonable technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

These measures include SSL/TLS encryption for data in transit, secure third-party payment processing that is PCI-DSS compliant, and access controls limiting who within our organization can access personal data.

However, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the event of a data breach that affects your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

09

Your Rights — EU & UK Users (GDPR)

If you are located in the European Union or United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) or UK GDPR:

Our legal basis for processing your personal data is primarily contract performance (to deliver services you purchased), legitimate interests (newsletter communications to subscribers), and consent (where we have obtained it).

To exercise any of these rights, please contact us at hello@sapnapatel.com. We will respond to all verified requests within 30 days. You also have the right to lodge a complaint with your local data protection authority.

10

Your Rights — California Users (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with the following rights:

• Right to Know — the right to know what personal information we collect, use, disclose, and sell.
• Right to Delete — the right to request deletion of your personal information, subject to certain exceptions.
• Right to Opt-Out — the right to opt out of the sale of your personal information. We do not sell personal information.
• Right to Non-Discrimination — the right not to receive discriminatory treatment for exercising your privacy rights.
• Right to Correct — the right to request correction of inaccurate personal information.
• Right to Limit Use of Sensitive Personal Information — we do not collect sensitive personal information as defined by CCPA.

To submit a CCPA request, contact us at hello@sapnapatel.com. We will verify your identity and respond within 45 days, with an extension of up to 45 additional days when reasonably necessary.

11

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from anyone under the age of 18. If we discover that we have inadvertently collected personal information from a minor, we will promptly delete it.

If you believe a minor has provided us with personal information, please contact us immediately at hello@sapnapatel.com.

12

International Data Transfers

Sapna Patel LLC is based in the United States. If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country.

For users in the European Economic Area (EEA) or United Kingdom: We transfer personal data to the United States under applicable legal transfer mechanisms. Our third-party processors who receive your data maintain Standard Contractual Clauses or other approved transfer mechanisms as required by GDPR.

By using our services, you consent to the transfer of your information to the United States and its processing there.

13

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by updating the "Last Updated" date at the top of this page and, where appropriate, by sending an email notification to active subscribers.

We encourage you to review this Privacy Policy periodically. Your continued use of our services after any changes constitutes your acceptance of the updated policy.

14

Contact & Data Requests

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority. EU/UK users may contact their national supervisory authority. US users may contact the Federal Trade Commission (FTC) at ftc.gov.