Legal

Privacy Policy

1. Introduction

Yoga Ashram Costa Rica ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and safeguard your information when you visit our website (https://yoga.co.cr), submit inquiries, book retreats, or use our services.

By using our website and services, you agree to the practices described in this policy. If you do not agree, please do not use our site or services.

2. Information We Collect

We collect the following types of information:

  • Contact information: Name, email address, phone number, and WhatsApp number — collected when you submit an inquiry, booking request, or contact form.
  • Booking details: Retreat category, experience preference, arrival dates, number of guests, room preference, dietary requirements, and optional services requested.
  • Day spa preferences: Selected services, package type, preferred date, and number of participants.
  • Newsletter subscriptions: Email address and optional name for our email updates.
  • Usage data: Pages visited, time spent, referral sources, and click patterns — collected via Google Analytics 4 (anonymized where possible).
  • Device data: IP address, browser type, operating system, and screen size — collected automatically for security and analytics.

3. How We Use Your Information

We use your personal data for the following purposes:

  • Booking and inquiries: To respond to your retreat or day spa inquiries, provide quotes, confirm reservations, and communicate arrival details.
  • Payment processing: To process payments through Stripe for retreats, day spa packages, and add-on services.
  • Communication: To send booking confirmations, pre-arrival information, post-retreat integration resources, and occasional newsletters (if subscribed).
  • Analytics: To understand how visitors use our site and improve user experience through Google Analytics 4.
  • Legal compliance: To comply with applicable laws, regulations, and tax requirements in Costa Rica.
  • Security: To detect and prevent fraud, abuse, or unauthorized access.

4. Cookies and Tracking

We use cookies and similar technologies to improve your browsing experience and analyze site traffic. Specifically:

  • Google Analytics 4: We use GA4 to collect anonymized usage statistics. You can opt out via Google's Analytics Opt-out Browser Add-on.
  • Essential cookies: Required for basic site functionality (e.g., form submissions, package builder state).
  • Third-party widgets: Crisp chat and WhatsApp buttons may set cookies according to their respective policies.

5. How We Store Your Data

Your personal data is stored securely in Supabase (PostgreSQL database hosted in the United States). We implement industry-standard security measures including encryption in transit (HTTPS/TLS), access controls, and regular backups.

We retain your data for as long as necessary to fulfill the purposes outlined in this policy, or as required by law. Booking records are typically retained for 7 years for tax and legal compliance.

6. Third-Party Services

We share limited data with the following trusted third-party services:

  • Stripe: For payment processing. Stripe handles your payment card data according to PCI-DSS standards. We do not store full card numbers.
  • Resend: For transactional and marketing email delivery.
  • Slack: For internal staff notifications about new inquiries (prospect name, email, interest — no payment data).
  • Crisp: For live chat support. Conversations may be stored on Crisp's servers.
  • Google Analytics 4: For anonymized website usage analytics.
  • Netlify: For website hosting and form handling.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we correct inaccurate or incomplete data.
  • Deletion: Request that we delete your personal data (subject to legal retention requirements).
  • Withdrawal of consent: Unsubscribe from newsletters at any time via the link in every email.
  • Data portability: Request your data in a structured, machine-readable format.

To exercise any of these rights, contact us at info@yoga.co.cr.

8. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

9. International Data Transfers

Yoga Ashram is located in Costa Rica. Our database and email services are hosted in the United States. By submitting your personal data, you consent to its transfer to and processing in the United States, which may have different data protection laws than your country of residence.

10. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. The "Last updated" date at the top of this page indicates when the policy was last revised. We encourage you to review this page regularly.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: info@yoga.co.cr

WhatsApp: +1 (954) 908-6544

Address: Guanacaste, Costa Rica