The Boring (But Important) Privacy Bits

 

Privacy Policy

Effective Date: September 12, 2025
Last Updated: September 12, 2025

Welcome to www.heartcenteredapprentice.com (the “Website”), owned and operated by Heart-Centered Apprentice, LLC (“Heart-Centered Apprentice,” “we,” “us,” or “our”), a limited liability company registered in the State of Colorado.

We value your privacy and this policy explains what information we collect, how we use it, when we share it, and the choices you have.

By visiting or using this Website, joining our email list, or purchasing our products or membership, you agree to this Privacy Policy and our Terms and Conditions.

1) Who this policy applies to

This policy applies to visitors, students, and customers who access our Website, content, checkout pages, or membership programs.

You must be 18 or older, or have parental consent, to use this Website. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided information, contact us and we will delete it.

2) Information we collect

A. Information you provide directly

  • Name, email address, mailing address, phone number

  • Payment details (processed securely by Stripe or PayPal, not stored by us)

  • Content you provide through forms, surveys, or community spaces

  • Communication and marketing preferences

B. Information collected automatically

  • IP address, browser type, pages viewed, links clicked

  • Cookies and similar technologies

C. Information from third parties

  • Payment processors

  • Kajabi, Zoom, and email providers

  • Analytics and advertising partners such as Google Analytics and Meta Pixel

  • Social networks when you interact with our pages

3) How we use your information

We use your information to:

  • Provide, operate, and improve our Website, courses, and membership

  • Process purchases and deliver content

  • Communicate with you about updates, support, and billing

  • Send marketing emails if you opt in (unsubscribe anytime)

  • Personalize content and measure performance

  • Detect and prevent fraud or abuse

  • Comply with legal obligations

4) When we share information

We only share information as necessary to operate our business:

  • With service providers (hosting, payment processing, email delivery, analytics, video platforms)

  • With legal authorities when required by law

  • During a merger, acquisition, or sale of assets

We do not sell your personal information.

5) Payments

Payments are processed by Stripe, PayPal, or similar third parties. They receive your payment information directly and process it securely. Review their privacy policies for details.

6) Cookies and similar technologies

We use cookies to:

  • Keep the Website secure and functional

  • Analyze usage trends

  • Support marketing and advertising

You can manage cookies through your browser settings or our cookie banner. Essential cookies cannot be disabled.

7) Your marketing choices

You may unsubscribe from marketing emails at any time by clicking “unsubscribe” in any email or contacting us.

8) Data retention

We retain personal data only as long as needed to provide services, comply with laws, or resolve disputes.

9) Your privacy rights

Depending on your location, you may have rights to:

  • Access, correct, or delete your data

  • Restrict or object to processing

  • Withdraw consent

  • Opt out of targeted advertising or data sharing

California residents may request information about data shared with third parties (once per year, free of charge), request deletion, correction, or opt out of “sale” or “sharing” as defined under CCPA/CPRA.
Colorado residents may request access, correction, or deletion under the Colorado Privacy Act.

We will not discriminate against you for exercising your rights.

10) International transfers

Our servers and many of our vendors are based in the U.S. If you are outside the U.S., your information may be transferred here. We rely on safeguards such as the EU-U.S. Data Privacy Framework, UK Data Bridge, and Standard Contractual Clauses when required.

11) Security

We use SSL encryption, reputable vendors, and commercially reasonable safeguards. No method is 100% secure, but if a breach occurs, we will notify you and regulators where required.

12) Children’s privacy

We do not knowingly collect information from children under 13. If we become aware that we have, we will delete it promptly.

13) Third-party links

Our Website may link to third-party sites or services we do not control. Their policies apply, not ours. Please review them before sharing information.

14) Changes to this policy

We may update this policy periodically. The “Last Updated” date reflects changes. Your continued use of our Website means you accept the updated policy.

15) CAN-SPAM Act Compliance

We comply with the U.S. CAN-SPAM Act. Specifically, we agree to:

  • Allow unsubscribing through a link in every marketing email

  • Honor opt-out requests promptly

  • Monitor compliance of third-party email services

  • Not use false or misleading email addresses or subject lines

  • Clearly identify advertisements in a reasonable manner

  • Provide the physical address of our business in every marketing email

16) California Online Privacy Protection Act (CalOPPA)

In compliance with CalOPPA, we agree that:

  • Users can visit our Website anonymously

  • A link to this Privacy Policy will appear on our home page or first significant page

  • Any changes to this Privacy Policy will be published on this page

California residents also have the right to:

  • Request details of personal information disclosed to third-party marketers once per year, free of charge

  • Request removal of publicly posted data if under age 18 (though full removal from all systems may not be possible)

Requests may be submitted to the contact information at the end of this policy.

17) GDPR Compliance and Privacy Shield Notice

For users in the EU and UK, we process personal data under GDPR on these legal bases:

  • Art. 6(1)(a) Consent – when you opt in to marketing

  • Art. 6(1)(b) Contract – when processing is necessary to deliver purchased services

  • Art. 6(1)(c) Legal obligation – when required by law

  • Art. 6(1)(f) Legitimate interests – for analytics, fraud prevention, or operations, provided your rights are not overridden

International Transfers:
If you reside in the EU/UK, your data may be transferred to the U.S. under approved safeguards such as the EU-U.S. Data Privacy Framework, UK Data Bridge, or Standard Contractual Clauses.

Your GDPR rights include:

  • Access, correction, or deletion of data

  • Restriction or objection to processing

  • Data portability

  • Withdrawal of consent at any time

To exercise GDPR rights, contact us at [email protected]. If unsatisfied, you may lodge a complaint with your local Data Protection Authority.

18) Contact Information

For questions, requests, or complaints regarding this Privacy Policy, contact us at:

Heart-Centered Apprentice, LLC
Attn: Privacy
5045 Preserve Place
Firestone, Colorado 80504
Email: [email protected]

Â