Privacy Policy

Sæl
Operated by Farah Al Chammas

Effective Date: 15 September 2025
Last Updated: 26 November 2025

Our Commitment to Your Privacy

At Sæl, we honor the sacred trust you place in us. This Privacy Policy explains how we collect, use, protect, and share your personal information.

This policy complies with:

General Data Protection Regulation (GDPR) for EU residents
California Consumer Privacy Act (CCPA) for California residents
Other applicable data protection laws

Information We Collect
How We Use Your Information
Legal Basis for Processing (GDPR)
How We Share Your Information
Session & Podcast Recording Consent
Cookies & Tracking Technologies
Data Security
Data Retention
Your Privacy Rights
EU/GDPR Specific Rights
California Privacy Rights (CCPA)
International Data Transfers
Children's Privacy
Changes to This Policy
Contact Us

1. Information We Collect

A. Information You Provide Directly

When you book a session or contact us:

Name and contact information (email, phone)
Payment information (processed securely by Stripe/PayPal)
Appointment details and scheduling preferences
Information shared during sessions (spiritual concerns, questions, personal context)

When you participate in our podcast:

Name, biography, and contact details
Audio/video recordings of your appearance
Any materials or content you voluntarily provide

When you subscribe or engage:

Newsletter subscription details
Social media interactions
Testimonials, reviews, or feedback

B. Information Collected Automatically

When you visit our website:

IP address and location data
Browser type and device information
Pages visited, time spent, and navigation patterns
Referring website or source
Cookies and similar tracking technologies (see Section 6)

C. Information from Third Parties

We may receive information from:

Calendly (scheduling platform): booking details, timezone, preferences
Stripe/PayPal (payment processors): transaction details, billing information
Podcast hosting platforms: download statistics, listener demographics
Social media platforms: public profile information if you interact with our content

2. How We Use Your Information

We use your personal information to:

Provide Services

Schedule and conduct healing sessions
Deliver intuitive guidance and spiritual support
Produce and distribute podcast content
Process payments and send receipts

Communicate with You

Send appointment confirmations and reminders
Respond to inquiries and support requests
Share newsletters, updates, or promotional content (with consent)
Notify you of changes to services or policies

Improve Our Services

Analyze website usage and user experience
Understand client needs and preferences
Develop new offerings or content
Troubleshoot technical issues

Legal & Safety

Comply with legal obligations and law enforcement requests
Protect against fraud, abuse, or security threats
Enforce our Terms & Conditions
Resolve disputes and prevent prohibited activities

Marketing (With Consent)

Share testimonials and success stories
Create case studies or educational content
Promote services through social media and advertising

3. Legal Basis for Processing (GDPR)

For EU residents, we process your personal data based on:

Consent

Newsletter subscriptions
Marketing communications
Podcast participation and recording
Non-essential cookies

Contract Performance

Delivering sessions you've booked
Processing payments
Fulfilling our obligations under Terms & Conditions

Legitimate Interest

Improving our services and website
Analyzing user behavior for business development
Preventing fraud and ensuring security
Sending service-related communications

Legal Obligation

Tax and accounting records
Compliance with law enforcement requests
Data breach notifications

You may withdraw consent at any time, though this won't affect already-processed data or our ability to process data on other legal grounds.

4. How We Share Your Information

We do not sell your personal information to third parties.

We May Share Information With:

Service Providers:

Calendly (scheduling)
Stripe / PayPal (payment processing)
Google Workspace (email and document storage)
Podcast hosting platforms (Buzzsprout, Spotify, Apple Podcasts, etc.)
Website hosting and analytics (Google Analytics, hosting provider)
Email marketing platforms (if applicable)

These providers are contractually required to protect your data and use it only for specified purposes.

Legal Requirements:

Law enforcement, government agencies, or courts when required by law
To protect our rights, property, or safety, or that of others
In connection with legal proceedings or investigations

Business Transfers:

If Sæl is acquired, merged, or sold, your information may be transferred to the new entity
You will be notified of any such change

With Your Consent:

Testimonials or case studies (with your explicit permission)
Podcast content where you've signed a release form
Any other purpose you specifically authorize

5. Session & Podcast Recording Consent

Session Recordings

Notice & Consent:

You will be notified before any session recording begins
You have the right to opt out of recording
Proceeding with a session after notification constitutes consent

Use of Recordings:

Quality assurance and training purposes
Content creation (with additional explicit consent)
Personal reference (session notes for continuity of care)

Your Rights:

Request a copy of your session recording
Request deletion (subject to legal retention requirements)
Withdraw consent for future recordings

Podcast Recordings

Separate Release Required:

Podcast guests must sign a Podcast Guest Release Form
This form grants rights for recording, editing, publishing, and distribution
Anonymity requests must be made in writing prior to recording

Post-Publication:

Once published, complete removal or anonymization cannot be guaranteed
Requests for takedown will be considered on a case-by-case basis

6. Cookies & Tracking Technologies

What Are Cookies?

Cookies are small text files stored on your device that help websites function and collect usage data.

Cookies We Use:

Essential Cookies (No Consent Required):

Session management and authentication
Security and fraud prevention
Website functionality and navigation

Analytics Cookies (Consent Required for EU):

Google Analytics: visitor statistics, page views, user behavior
Helps us understand how visitors use our site and improve user experience

Marketing Cookies (Consent Required):

Social media pixels (Facebook, Instagram)
Advertising and remarketing campaigns
Track conversions and ad performance

Third-Party Cookies:

Calendly: scheduling functionality
Stripe/PayPal: payment processing
Podcast players: embedded audio players

Your Cookie Choices:

EU Residents:

You will be asked to consent to non-essential cookies upon first visit
You can manage preferences via our cookie banner or browser settings

All Users:

Adjust browser settings to block or delete cookies
Note: Blocking essential cookies may impair website functionality
Opt out of Google Analytics: tools.google.com/dlpage/gaoptout

Do Not Track:

Our website does not currently respond to "Do Not Track" browser signals.

7. Data Security

We implement reasonable security measures to protect your personal information:

Technical Safeguards:

SSL/TLS encryption for data transmission
Secure servers with access controls
Regular security audits and updates
Password protection and authentication

Organizational Safeguards:

Limited access to personal data (need-to-know basis)
Employee confidentiality agreements
Data breach response procedures

Third-Party Security:

Payment processing handled by PCI-compliant providers (Stripe, PayPal)
Cloud storage providers with enterprise-grade security

No Guarantee:

While we strive to protect your data, no method is 100% secure
You are responsible for maintaining the confidentiality of your account credentials

Data Breach Notification:

If a breach occurs that affects your personal data:

EU residents: We will notify you within 72 hours as required by GDPR
All users: We will inform you promptly and advise on protective steps

8. Data Retention

We retain your personal information only as long as necessary:

Session & Client Data:

Session notes: 2 years from last session
Recordings (if applicable): 5 years or until deletion requested
Appointment history: 3 years for continuity of care

Payment Information:

Transaction records: 7 years (for tax and accounting requirements)
Payment card details: Not stored by us (handled by payment processors)

Marketing Data:

Email lists: Until you unsubscribe
Analytics data: Anonymized after 26 months (Google Analytics default)

Legal & Dispute Data:

Retained as long as necessary to comply with legal obligations or resolve disputes

Podcast Content:

Published episodes: Indefinitely (unless removal requested and approved)
Unpublished recordings: Deleted within 1 year if not used

After Retention Period:

Data is securely deleted or anonymized
Backups are purged according to our data lifecycle policy

9. Your Privacy Rights

You have the following rights regarding your personal information:

Access:

Request a copy of the personal data we hold about you

Correction:

Request correction of inaccurate or incomplete data

Deletion ("Right to be Forgotten"):

Request deletion of your personal data (subject to legal exceptions)

Restriction:

Request we limit how we use your data

Objection:

Object to processing based on legitimate interest
Opt out of marketing communications

Data Portability:

Receive your data in a structured, machine-readable format

Withdraw Consent:

Withdraw consent for processing based on consent (doesn't affect prior processing)

Lodge a Complaint:

File a complaint with a supervisory authority

10. EU/GDPR Specific Rights

For residents of the European Union and European Economic Area:

International Data Transfers

Your data may be transferred to and processed in the United States
We rely on Standard Contractual Clauses or other appropriate safeguards
By using our Services, you consent to this transfer

Your EU Rights Include:

All rights listed in Section 9 above
Right to lodge a complaint with your local Data Protection Authority
Right to object to automated decision-making (we do not use automated decisions)

EU Data Protection Contacts:

To exercise GDPR rights, contact us at: 📧 saelhealing@gmail.com (Subject: "GDPR Request")

Include:

Your full name and contact information
Description of your request
Proof of identity (to prevent unauthorized disclosure)

We will respond within 30 days as required by GDPR.

11. California Privacy Rights (CCPA)

For California residents:

Your CCPA Rights:

Right to Know:

What personal information we collect
Sources of that information
Purposes for collection
Categories of third parties we share with

Right to Delete:

Request deletion of your personal information (subject to exceptions)

Right to Opt-Out:

We do not sell personal information, so no opt-out is necessary
You may opt out of marketing communications at any time

Right to Non-Discrimination:

We will not discriminate against you for exercising your CCPA rights

California "Shine the Light" Law:

You may request information about disclosures to third parties for marketing (once per year)

How to Exercise CCPA Rights:

📧 Email: saelhealing@gmail.com (Subject: "CCPA Request")
We will respond within 45 days as required by CCPA.

12. International Data Transfers

Our Location:

Sæl operates from the United States

Your Location:

You may be accessing our Services from anywhere in the world

What This Means:

Your data may be transferred to and stored in the United States
U.S. data protection laws may differ from those in your country
We implement appropriate safeguards (Standard Contractual Clauses, encryption, access controls)

Your Consent:

By using our Services, you consent to international data transfer
You acknowledge that data protection standards may vary by country

13. Children's Privacy

Our Services are not intended for individuals under 18
We do not knowingly collect information from minors without parental consent
If you believe a minor has provided us with information without consent, contact us immediately
We will promptly delete such information upon verification

14. Changes to This Policy

We May Update This Policy:

To reflect changes in our practices
To comply with legal requirements
To improve clarity or transparency

How We'll Notify You:

Email notification to registered users
Prominent notice on our website
Updated "Last Updated" date at the top

Your Continued Use:

Continued use after changes constitutes acceptance
Review this policy periodically to stay informed

15. Contact Us

Questions, Concerns, or Requests?

Farah Al Chammas
Sæl

📧 Email: saelhealing@gmail.com
🌐 Website: www.sæl.com

For Privacy-Specific Inquiries:

GDPR requests: Include "GDPR Request" in subject line
CCPA requests: Include "CCPA Request" in subject line
General privacy questions: Include "Privacy Inquiry" in subject line

We aim to respond within:

GDPR requests: 30 days
CCPA requests: 45 days
General inquiries: 5-7 business days

This Privacy Policy is part of our Terms & Conditions and should be read in conjunction with our Refund Policy and Medical Disclaimer.

Last Updated: 26 November 2025