Privacy Policy

Welcome, and thank you for your interest in The iRest Institute (“IRI”, “us", "we", or "our"). We are committed to respecting your privacy online. We also commit to providing you with the very best experience we can on our website. In order to do so, we may gather certain personal information about you when you visit our site.

Our Privacy Policy explains:
    •    What information we collect and why we collect it.
    •    How we use that information and when we disclose it.
    •    How to access and update your information.
    •    The steps we take to protect the information we collect.

IRI operates https://www.irest.org (the "Site" or “website”) and this Privacy Policy informs you of the information we collect, use and disclose and otherwise process personal information in connection with our services, including our website, all related sites, our trainings, retreats, and all other events, product purchases, media streaming and services (collectively “Services”). By use of our Services you consent to the privacy practices described in this Policy. Please take the time to familiarize yourself with our policies, and if you have any questions, please contact us at privacy@irest.org.

Information We Collect

Information you provide to us:

Account and Profile Information:

When you register on our website, complete forms, request information or sign up for and use our Services through our website we collect information about you that may include your name, address, email address, phone number, any IRI events you may have participated in and other demographic information (“Personal Information”).

Survey Information:

We may also ask you to fill out surveys as part of taking our courses or attending our events or to help us improve our offerings. Through these surveys, we may also collect information about you personally and about how you may have heard of our organization. You may decline to share certain Personal Information with us, in which case we may not be able to provide to you some of the features and functionality of our Services. 

Other Information:


We receive other information from you when you contact us, comments you make in our forums or elsewhere on our website or when we communicate with you during sign-up for events, continuing education units (CEUs), etc. 

Information from Social Networking Sites: 

Our Site include interfaces that allow you to connect with social networking sites (each a “SNS”). If you connect to a SNS through our Site you authorize us to access, use and store the information that you agreed the SNS could provide to us based on your settings on that SNS. We will access, use and store that information in accordance with this Privacy Policy. You can revoke our access to the information you provide in this way at any time by amending the appropriate settings from within your account settings on the applicable SNS.

INFORMATION WE GET FROM OTHERS: 

We may also get information about you from other sources. For example, we may get your name, email address and other information from our event host partners or through the “tell a friend” referral section of our website or email communications. We may add this to information we get from our Site.

Information we collect from your use of our Services:

Web Logs and Analytics Information:

We automatically record certain information and store it in log files when you interact with our Services. This information may include device and browser information, internet protocol (IP) address, URLs of referring/exit pages, information you search for, and locale. We and our analytics providers, e.g. Google, also collect and store analytics information when you use our Services to help us improve our Services.

Cookies and Other Tracking Technologies:

We may use various technologies to collect information, including cookies that we save to your device. Cookies are small data files stored on your hard drive or in device memory. We use cookies to improve our Services and your experience; and to allow you to access and use our Services without re-entering your username or password. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of our Services.

More information about cookies can be found at allaboutcookies.org.

How We Use Information We Collect

We may use personal information we collect for a variety of purposes, including to:

  • Provide, operate, maintain, improve, personalize, and promote our Services;
  • Develop new products, services, features, and functionality;
  • Enable you to access and use our Services;
  • Communicate with you, including responding to your comments, questions, and requests; providing customer service and support; providing you with information about our Services, including notices, updates, security alerts, administrative messages, or advertising or marketing messages; and providing other news or information about us;
  • Monitor and analyze trends, usage, and activities in connection with our Services; and Investigate and prevent fraudulent transactions, unauthorized access to our Services, and other illegal activities;

We may also use anonymized and aggregated information to conduct research related to mindfulness, resilience, wellbeing, productivity, and similar areas.

Information Sharing and Disclosures

IRI does not share your personal information with companies, organizations, or individuals outside of The iRest Institute. We will only share your personal information with your consent or as described below.

We may share your information in the following ways:

Service Providers, Researchers, and Others:

Service providers such as analytics providers may collect information about your online activities over time and across different online services when you use our Services.

We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.

Compliance with Laws and Law Enforcement Requests; Protection of Our Rights:

We may disclose your information (including your personal information) to a third party if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process, or governmental request, (b) to enforce our agreements, policies, and terms of service, (c) to protect the security or integrity of iRest Institute’s products and services, (d) to protect the property, rights, and safety of iRest Institute, our users, or the public from harm or illegal activities, (e) to respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person, or (f) to investigate and defend ourselves against any third-party claims or allegations.

Business Transfers:

We may share or transfer your information (including your personal information) in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. We will notify you of such a change in ownership or transfer of assets by posting a notice on our website.

Communications

We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You can unsubscribe from newsletter, marketing, or promotional emails using the unsubscribe or opt-out links in our email communications.

The Choices You Have With Your Information

You may decline to share certain Personal Information with us, in which case we may not be able to provide to you some of the features and functionality of our Services. You may update or correct your personal information at any time by accessing your account settings page on the website or by contacting us at privacy@irest.org. You can also email us at privacy@irest.org if you would like to close your account or delete your information.

You may opt out or unsubscribe from receiving promotional communications from the iRest Institute by using the unsubscribe or opt-out links within each email. Even after you opt out from receiving promotional messages from us, you may continue to receive administrative and security messages from us regarding our Services.

Data Security

We are committed to securing your personal information. We employ reasonable measures to protect your personal information from unauthorized access. Please be aware, however, that despite our efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other type of misuse.

Your California Privacy Rights

Under California Civil Code Section 1798.83, California customers are entitled to request information relating to whether a business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. iRest Institute will not sell or transfer your personal information to third party companies for their direct marketing purposes without your consent.

Children’s Privacy

Our Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at privacy@irest.org

International Transfer

Our Services are hosted in the United States. If you choose to use the Services from other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that we may transfer your information outside of those regions to the United States for storage and processing. European Union users should read the important information provided here about transfer of personal information outside of the European Economic Area.  

Other Sites and Services

The Site may contain links to other websites and services. These links are not an endorsement, authorization or representation that we are affiliated with that third party. We do not exercise control over third party websites or services, and are not responsible for their actions. Other websites and services follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies of the other websites you visit and services you use.

User Generated Content

We may make available on our Site, or link to, features that allow you to share information online (e.g., on publicly-accessible blogs, community forums, your teacher profile). Please be aware that whenever you voluntarily disclose personal information online, that information becomes public and can be collected and used by others. We have no control over, and take no responsibility for, the use, storage or dissemination of such publicly-disclosed personal information. By posting personal information online in public forums, you may receive unsolicited messages from other parties.

Changes to Our Privacy Policy

This privacy policy was last updated May 25, 2018. We may change this Privacy Policy from time to time. If we make any changes, we will notify you by revising the “Last Updated” date at the top of this Privacy Policy and, in some cases, where appropriate we may provide you with additional notice (such as adding a statement to the website homepage or sending you an email notification). Your continued use of our Services after the revised Policy has become effective indicates that you have read, understood, and agreed to the current version of this Policy.

Contact Information

Please contact us with any questions or comments about this Privacy Policy, your personal information, our use and disclosure practices, or your consent choices by email at privacy@irest.org or mail at:

iRest Institute
attn: Privacy Policy
548 Market St PMB 45026
San Francisco, CA, 94104-5401

Additional Information for European Union Users

Personal information: References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

Controller and Data Protection Officer: IRI is the controller of your personal information for purposes of European data protection legislation. See the Contact Information section just above above for contact details.

Legal bases for processing: We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal basis of how we process your personal information, contact us at privacy@irest.org.

Processing Purpose

Legal Basis

To provide the services

Processing is necessary to perform and deliver the services we offer and that you request or to take steps that you request prior to signing up for the services.

To communicate with you

To create anonymous data for analytics

For compliance, fraud prevention and safety

These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

To comply with law

Processing is necessary to comply with our legal obligations

With your consent

Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated on the Site or by contacting us at privacy@irest.org.

 

Use for New Purposes
We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Retention
We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

We keep basic information about our customers for the duration of the period they are registered on our Site or use our services.

In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.

Your Rights
European data protection laws give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:

  • Opt-out. Stop sending you direct marketing communications. You may continue to receive service-related and other non-marketing emails. 
  • Access. Provide you with information about our processing of your personal information and give you access to your personal information.
  • Correct. Update or correct inaccuracies in your personal information.
  • Delete. Delete your personal information.
  • Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
  • Restrict. Restrict the processing of your personal information.
  • Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights. 

You can submit these requests by email to privacy@irest.org or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may privacy@irest.org as described above or submit a complaint to the data protection regulator in your jurisdiction. Find your data protection regulators.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.