Privacy Policy

Last updated: August 2025

This privacy policy explains how Healfulness (“we,” “us,” or “our”) collects, uses, and protects your personal information in compliance with South Africa’s Protection of Personal Information Act, 2013 (POPIA) and, where applicable, the EU General Data Protection Regulation (GDPR). By using our services or visiting our website, you agree to the terms of this policy.

1. Information we collect

a. We collect the following information when you interact with us:

  • Name, email address, phone number, and location

  • Payment details (processed via PayPal, Payfast – we do not store your full card information)

  • Mailing or delivery address (for sending physical and virtual materials, including complimentary via postal mail or Audible)

  • Information shared during sessions, intake forms, and initial clarity/alignment calls (program sessions are never recorded)

  • Reviews and testimonials (published anonymously unless you give written consent to use your name)

b. Information we collect automatically

  • Website usage data such as IP addresses, browser type, and pages visited (via cookies, analytics tools, and pixels, including Google Analytics and Facebook Pixel)

  • Quiz results and responses, which may be used to personalise recommendations and marketing

2. How we use your information

  • Schedule and deliver sessions and programs

  • Send program materials, follow-up emails, and any complimentary gifts connected to your participation (e.g., a copy of the Grief Recovery Handbook via Audible or postal mail)

  • Process payments securely

  • Send newsletters and marketing materials (you may unsubscribe anytime)

  • Improve our website, services, and client experience

  • Personalise marketing and service recommendations

  • Use anonymised testimonials and feedback for marketing, unless you request removal

3. Legal basis for processing

Under GDPR (if applicable), our lawful bases for processing personal data include:

  • Your consent (for marketing communications and cookies)

  • Contractual necessity (to provide the services you have requested)

  • Compliance with legal obligations

  • Legitimate interests (improving our services, marketing to existing clients)

4. How we store and protect your information

Your personal information is stored using secure systems and cloud-based tools, which may be hosted outside South Africa. These may include Google Drive, Notion, Systeme.io, Airtable, Calendly, and ScoreApp. All service providers are required to implement appropriate data protection measures.

We never sell or rent your personal information.

5. Data retention

We retain your personal information only as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, or resolve disputes. If you request deletion, we will remove your information unless retention is required by law.

6. Sharing your information

We do not share your personal information with third parties except:

  • Where it is necessary to deliver services (e.g., mailing providers for delivery of program materials)

  • Where required by law

  • With your explicit consent

7. Marketing and communication preferences

You may unsubscribe from marketing emails at any time by clicking “unsubscribe” in any email or by contacting us directly. Even if you opt out of marketing, we may still send service-related communications (e.g., session reminders, important program updates).

8. Use of testimonials

We may use anonymised feedback and testimonials in marketing materials. Your name will only be included if you provide written consent. You may request removal of any testimonial at any time.

9. Cookies and tracking technologies

Our website uses cookies and similar tracking tools to analyse traffic and improve user experience. In the future, this may include analytics and advertising pixels. You can manage or disable cookies in your browser settings.

10. International data transfers

As our service providers may store data in multiple countries, your information may be transferred across borders. We take reasonable steps to ensure your data is adequately protected in accordance with POPIA and GDPR.

11. Data breach procedure

If we become aware of a data breach involving your personal information, we will:

  • Notify the Information Regulator (South Africa) and, if applicable, the relevant EU authority

  • Inform you without undue delay if there is a risk to your rights or freedoms

  • Take immediate steps to investigate and mitigate the breach

12. Your rights

Under POPIA and (if applicable) GDPR, you have the right to:

  • Access and receive a copy of your personal information

  • Request correction of inaccurate data

  • Request deletion of your personal information

  • Object to certain processing

  • Withdraw consent at any time (where processing is based on consent)

To exercise these rights, contact us at hello@healfulness.co

13. Changes to this policy

We may update this privacy policy from time to time. The latest version will always be available on our website.

14. Contact us

If you have questions about this policy or how your data is handled, please contact:

Name: Healfulness (Pty) Ltd

Address: PostNet Suite #54 Private Bag X7 Parkview South Africa 2122

Email: hello@healfulness.co

Healfulness © 2025