Last updated 09 June 2020
We’ll only use your personal data on relevant lawful grounds as permitted by the EU General Data Protection Regulation (GDPR), the Data Protection Act 2018 and Privacy and Electronic Communications Regulations 2003.
On this page:
Who is Your Virtual Mind Trainer Ltd. (YVMT)?
YVMT specialises in the creation of 360° videos of nature including unique audio recordings focusing on calming and training the mind. These videos are then available via online platforms to end users.
In this policy, whenever you see the words ‘YVMT’, ‘we’, ‘us’, ‘our’, it refers to Your Virtual Mind Trainer Ltd.
If you would like to contact us about this privacy notice or how we use your personal data, please contact us at: Your Virtual Mind Trainer, 22 Eltisley Road, Great Gransden, Sandy, Bedfordshire, SG19 3AR or email us at email@example.com.
YVMT is the data controller of the personal data we process, unless otherwise stated.
What personal data do we collect?
Your personal data is any information which identifies you, or which can be identified as relating to you personally. We’ll only collect the personal data that we need.
We collect some or all of the following personal data from you when you sign up for a subscription through our website:
Last Login Date
We do not collect special category data (sensitive data) through our website unless you enter it into our free text field.
If you do not provide all the information required, we will not be able to contact you or deal with your enquiry.
How we use your personal data
Personal data provided to us will be used for the purpose or purposes outlined in this privacy notice in a transparent manner at the time of collection, in accordance with any preferences you express. If asked by regulatory or government authorities investigating suspected illegal activities, we may need to provide your personal data.
Your personal data will be collected and processed principally to provide our services to you at your request, including to:
Fulfil you order for your monthly or annual subscription
Provide you with information about related services if you have consented to this
Satisfy our legal, accounting or reporting requirements.
ensuring the quality of the products and services we provide to you;
communicating with you; and
If you have provided your information to use our services, our lawful basis is that we entered into a contract with you.
We process your sensitive personal data if you have provided it through our free text field with your explicit consent.
If you consent to hearing from us in the future, we will store your personal data and let you know about other services we provide.
Your personal data kept for 5 years before it is destroyed. If you want us to erase your personal data before this time, please contact us.
We do not currently use automated decision-making including profiling
To secure access to some of our paid content we require you to login to view the paid content. The password you enter cannot be viewed by any YVMT employee.
Disclosure of personal data to third parties
We may share your personal data with the following third parties who perform services on our behalf:
Our company website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
Microsoft Office 365 – Our company uses Microsoft Office 365 as a data processing and storage location.
Security - Office 365 uses a 'defence-in-depth' approach to provide industry-leading security for their datacentres and customer data. Microsoft also give you enterprise-grade user and administrative controls to further secure your data.
Compliance - Microsoft's data processing agreement details the privacy, security, and handling of customer data, which helps you comply with local regulations. A specialist compliance team continuously tracks standards and regulations, to ensure that Office 365 stays up to date with any changes, for example GDPR.
Privacy - When you entrust your data to Office 365, you remain the sole owner of that data: you retain the rights, title, and interest in the data you store in Office 365. Microsoft's policy is to not mine your data for advertising purposes or use your data except for purposes consistent with providing you cloud productivity services.
Data Storage – YVMT Office 365 data is stored either in the UK or EU.
Stripe – YVMT uses Stripe services that enable us to run our business, and to safely conduct online payment transactions. Your Personal Data is only accessible to a limited number of personnel who need access to the information to perform their duties.
PayPal – YVMT uses PayPal as a payment platform to enable us to run our business, and to safely conduct online payment transactions. PayPal maintains technical, physical, and administrative security measures designed to provide reasonable protection for your Personal Data against loss, misuse, unauthorised access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centres, and information access authorisation controls.
Vimeo – YVMT uses Vimeo to allow us to share our videos with you. Vimeo provides online video hosting, sharing and related services through their owned-and-operated websites, including Vimeo.com and Livestream.com, their branded applications for mobile and connected devices, and their embeddable video players. Vimeo uses physical, technical, and organizational security measures to safeguard your data from unauthorized or accidental disclosure
We will only share your personal data when it is necessary to deliver the services detailed and in accordance with the Data Protection Act 2018 and the GDPR.
To fulfil our legal obligations we may be required to provide government bodies such as the police with your personal data.
A 'cookie' is a small text file that is placed on a user's computer hard drive by a website. There are several types of cookie and the most common are often referred to as 'session' cookies. These are used to keep track of information needed by a user as they travel from page to page within a website. These cookies have a short lifetime and expire within a few minutes of the user leaving the site.
Other types of cookies can be used to track internet activity after the user has left a website. These are either sponsored by organisations external to the website being visited (known as 'third party' cookies) or can originate from the website organisation itself ('first party' cookies). These usually have a long lifetime with several months being quite common. They are 'harvested' and 'refreshed' whenever the user visits a page where the same or a similar cookie is being used.
This website uses benign, short lived 'session' cookies and 'first party' cookies to tell whether a website user has logged-in, where to find details that can be used to pre-fill parts of on-line forms and to personalise the user's visit to the website. They are also used to track anonymously which areas of the site are popular and which are not used; this allows us to target carefully our website resources.
Links to third party websites
We recognise the need to ensure that personal information gathered via this website remains secure. We use industry standard Secure Server Software (SSL) for your transactions with us to protect against the loss, misuse and alteration of the personal information under our control. It encrypts all of your personal information, including name and address, so that it cannot be read as the information travels over the Internet. However, you acknowledge that although we exercise adequate care and security there remains a risk that information transmitted over the Internet and stored by computer may be intercepted or accessed by an unauthorised third party.
When personal data is stored on YVMT’s systems we take every care to ensure the security of your personal data. Its information systems are adequately and appropriately protected, by the implementation and maintenance of security controls, against threats to the systems. The implemented security controls are appropriate to the measures of risks and the value of assets, and implemented, used and where relevant tested, correctly, through information security compliance (audit) reviews, to ensure that the required level of security is maintained.
Where we process your data
YVMT holds your personal data in the EU. One of our processors, Wix, may transfer your data to:
Israel, which has a finding of adequacy by the EU for data protection
US, under the EU-US Privacy Shield Framework
Our processor PayPal may transfer your personal data outside the EU under the protection of Binding Corporate Rules or Standard Contractual Clauses.
Our processor Stripe may transfer your personal data outside the EU under either the EU-US Privacy Shield Framework or EU Standard Contractual Clauses.
Our processor Vimeo may transfer your personal data to the US under either the EU-US Privacy Shield Framework or EU Standard Contractual Clauses.
Your rights as a data subject
As a data subject whose personal information we hold, you have certain rights. If you wish to exercise any of these rights, please email or use the information supplied in the About Us section above. In order to process your request, we will ask you to provide two valid forms of identification for verification purposes. Your rights are as follows:
The right of access - You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
The right to data portability - This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. This right only applies if we are processing information based on your consent or under contract and the processing is automated.
The right to object - You have the right to object to processing in certain circumstances if we are able to process your information because the process forms part of our public tasks, or is in our legitimate interests, or if the processing is for direct marketing purposes. The right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
The right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
The right to erasure - You have the right to ask us to erase your personal information in certain circumstances. We will take all reasonable steps to ensure that we erase the data.
Rights related automated decision-making including profiling – You have rights surrounding our use of automated decision-making and profiling. You can object to us using your personal data in such a way at any time.
We will confirm that we have updated, ported, erased, provided or amended your personal data as requested within one month of receipt of your request. If we are unable to meet your request or require an extension to meet the request, we will inform you within one month.
If we are processing your personal data with your consent, then you have the right to withdraw that consent at any time and we will cease processing your personal data without undue delay.
Notification of changes
We may update this policy at any time without notice. Any changes to this policy will be notified by an announcement on this website. Your continued use of this website, following the posting of changes to this policy, will mean you accept these changes.
Should you wish to discuss a complaint, please feel free to contact us using the details provided above. All complaints will be treated in a confidential manner. Should you feel unsatisfied with our handling of your data, or about any complaint that you have made to us about our handling of your data, you are entitled to escalate your complaint to a supervisory authority within the European Union. For the United Kingdom, this is the Information Commissioner’s Office (ICO). Its contact information can be found at https://ico.org.uk/global/contact-us/.