1. Privacy Policy
Last updated on: 9.03.2025
We place great importance on ensuring that personal data is handled transparently. This privacy policy provides information on which personal data we collect, for what purpose, and to whom we share it. To maintain high transparency, this privacy policy is regularly reviewed and updated.

2. Responsible Party for Data Processing
The party responsible for data processing on this website and also the contact person is:

info@yoga-and-science.com

3. General Principles
3.1 What Data Do We Collect from You and Where Do We Get It?
Primarily, we process personal data that you provide to us or that we collect through the operation of our website. In some cases, we may also receive personal data about you from third parties. The following categories may be involved:
Personal details (name, address, date of birth, etc.);
Contact details (mobile number, email address, etc.);
Online identifiers (e.g., cookie identifiers, IP addresses);

3.2 Under What Conditions Do We Process Your Data?
We handle your data confidentially and in accordance with the purposes outlined in this privacy policy. We ensure transparent and proportionate processing.
If, in exceptional cases, we are unable to follow these principles, the data processing may still be lawful because there is a justification for it. The following justification grounds are particularly relevant:
Your consent;
The performance of a contract or pre-contractual measures;
Our legitimate interests, provided that your interests do not outweigh ours.

3.3 How Can You Withdraw Your Consent?
If you have given us consent to process your personal data for specific purposes, we will process your data within the scope of that consent unless we have another lawful basis for processing.
You have the right to withdraw your consent at any time by sending an email to the address mentioned in the imprint. The data processing that has already taken place will not be affected by this.

3.4 When Can We Share Your Data with Third Parties?
a. Principle
In some cases, we rely on the services of third parties or affiliated companies and assign them the processing of your data (so-called processors). The categories of recipients include, among others:
Accounting, fiduciary, and auditing companies;
Consulting firms (legal advice, tax, etc.);
IT service providers (web hosting, support, cloud services, website design, etc.);
Payment service providers;
Providers of tracking, conversion, and advertising services.
We ensure that these third parties and our affiliated companies comply with data protection requirements and treat your personal data confidentially.
In some cases, we may be required to disclose your personal data to authorities.

b. Visiting Our Social Media Channels
We may have embedded links to our social media channels on our website. This is typically evident through corresponding symbols. If you click on the symbols, you will be redirected to our social media channels.
In this case, the social media providers will learn that you accessed their platform from our website. The social media providers may use the data collected for their own purposes. We would like to point out that we do not have knowledge of the content of the transmitted data or how it is used by the operators.

c. Transfer Abroad
In some cases, as part of the data processing, your personal data may be transferred to companies abroad. These companies are subject to the same data protection obligations as we are. The transfer may occur worldwide.
If the level of data protection does not meet that of Switzerland, we will conduct a prior risk assessment and ensure, through contractual agreements, that the same level of protection as in Switzerland is guaranteed (e.g., using the new standard contractual clauses of the EU Commission or other legally required measures). If our risk assessment is negative, we will take additional technical measures to protect your data.

3.5 How Long Do We Retain Your Data?
We store personal data only as long as necessary to fulfill the specific purposes for which it was collected.
Data we store when you visit our website will be kept for twelve months. An exception applies to analysis and tracking data, which may be stored for a longer period.
Contract data will be stored for longer periods as we are legally obligated to do so. In particular, we must retain business communications, signed contracts, and booking receipts for up to 10 years. If we no longer require such data for the execution of services, it will be locked, and we will only use it for accounting and tax purposes.

3.6 How Do We Protect Your Data?
We will securely store your data and take all reasonable measures to protect it from loss, unauthorized access, misuse, or alteration.
Our contractual partners and employees who have access to your data are required to comply with data protection regulations. In some cases, it may be necessary to forward your requests to affiliated companies. Even in these cases, your data will be treated confidentially.
We use SSL (Secure Socket Layer) encryption on our website, with the highest level of encryption supported by your browser.

3.7 What Rights Do You Have?
a. Right to Information
You can request information at any time about the personal data we hold about you. Please send your request along with proof of identity.
You also have the right to receive your data in a commonly used format if we process your data automatically, and if:
You have given consent for the processing of this data; or
You have disclosed the data in connection with the conclusion or execution of a contract.
We may limit or refuse to provide information if it conflicts with our legal obligations, our legitimate interests, public interests, or the interests of third parties.
The processing of your request is subject to a legal processing period of 30 days. However, this period may be extended due to high volumes of requests, legal or technical reasons, or because we require more information from you. You will be notified of any extension in a timely manner, at least in text form.

b. Deletion and Correction
You have the right to request the deletion or correction of your data at any time. We may reject the request if legal provisions require us to retain the data for a longer period or if a legal justification opposes your request.
Please note that exercising your rights may conflict with contractual agreements, which may impact the execution of the contract (e.g., early termination or cost consequences).

c. Legal Action
If you are affected by the processing of personal data, you have the right to seek judicial remedy or submit a complaint to the competent supervisory authority. The competent authority in Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch

3.8 Changes to the Privacy Policy
We may change this privacy policy at any time. The changes will be published on the website; you will not be separately notified about them.

4. Data Collection on This Website
4.1. Log Files
The website is self-hosted in Switzerland. To optimize and maintain our website, we log technical errors that may occur when accessing our website. Additionally, information is automatically collected during your use of the website, which your device’s browser transmits to our hosting provider. These include:
IP address and operating system of your device;
Browser type, version, and language;
Date and time of the server request;
Accessed file;
The website you came from (referrer URL);
Status code (e.g., 404);
The transfer protocol used (e.g., HTTP/2).
This data is collected and stored in-house, particularly related to website use, security, and system stability.
Logfiles will be automatically deleted after one month.

4.2. Cookies
If you leave a comment on our website, it may involve storing your name, email address, and website in cookies. This is a convenience feature so that you do not have to re-enter this information when you write another comment. These cookies are stored for one year.
If you have an account and log into this website, we will set a temporary cookie to check if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will set up some cookies to store your login information and display preferences. Login cookies expire after two days, and display preference cookies last for one year. If you select “Remember Me” at login, your login will remain active for two weeks. The login cookies will be deleted upon logging out.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie contains no personal data and only refers to the post ID of the article you are editing. It expires after one day.

4.3. Contact Form
If you use our contact form, the details you provide in the request form will be processed to handle your inquiry and for follow-up questions. We typically require the following details: first name, last name, and email address.
We use the data you provide to respond to your inquiry.
If the GDPR applies, the legal basis for this data processing is Article 6(1)(f) GDPR.

4.4. Newsletter
We send newsletters, emails, and other electronic notifications (hereinafter “Newsletters”) only with the consent of the recipients or a legal permit. If, in the course of a newsletter subscription, the content is specifically described, it will be relevant for the user’s consent. Otherwise, our newsletters contain information about our services and ourselves.
To sign up for our newsletters, it is generally sufficient to provide your email address. However, we may ask for a name, for the purpose of addressing you personally in the newsletter, or other details if they are necessary for the newsletter’s purposes.
Double Opt-In Procedure: Newsletter registration is generally carried out using a so-called double opt-in process. This means that after registration, you will receive an email asking you to confirm your subscription. This confirmation is necessary so that no one can subscribe using someone else’s email address. The newsletter subscriptions are logged to document the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation, as well as the IP address. Additionally, any changes to the data stored by the service provider are also logged.
If the GDPR is applicable, the legal basis for this data processing is Article 6(1)(f) GDPR.
Our external service provider may collect additional data; we refer to their privacy policy (see below, MailPoet).

4.5. Newsletter Analytics
We use the analytics service from MailPoet to measure the reach of our newsletter. We measure how often the newsletter is opened and which links the recipient clicks.
If the GDPR is applicable, the legal basis for this data processing is Article 6(1)(f) GDPR.

4.6. Comment Function
When visitors write comments on the website, we collect the data shown in the comment form, as well as the visitor’s IP address and user agent string (which identifies the browser) to help detect spam.
An anonymized string (also called a hash) may be created from your email address and passed to the Gravatar service to check if you use it. You can find the Gravatar service’s privacy policy here: Gravatar Privacy Policy. Once your comment is approved, your profile picture will be publicly visible in the context of your comment.

4.7. Registration, Login, and User Account
Users can create a user account. As part of the registration process, users are informed of the required mandatory fields, which are processed for the purpose of providing the user account, based on contractual obligations. The processed data includes, in particular, login information (username, password, and email address).
As part of using our registration and login functions, as well as the user account, we store the IP address and the time of the respective user action. This storage is based on our legitimate interests, as well as those of the users, to protect against misuse and unauthorized use. These data are not generally shared with third parties unless required for the enforcement of our claims or by legal obligation.
Users may be informed via email about activities relevant to their account, such as technical changes.
If the GDPR is applicable, the legal basis for this data processing is Article 6(1)(f) GDPR.

4.8. WordPress
Our website is based on the WordPress platform, a content management system developed by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. WordPress allows us to create, manage, and publish content.
When using our website, which is based on WordPress, various data, including your IP address, date and time of access, and information about the browser you use, may be collected and stored. This data is primarily used for administrative purposes and to ensure the smooth operation of the website.
Some WordPress functions, such as comments or contact forms, may collect additional personal data when you use them.

4.9. Google Analytics
We use Google Analytics on our website, a web analysis service from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). Google Analytics uses “cookies,” text files stored on your computer that enable an analysis of how you use the website.
The information generated by the cookie about your use of this website is typically transferred to a Google server in the USA and stored there. If IP anonymization is enabled on this website, however, your IP address will be shortened by Google within the member states of the European Union or other contracting states of the Agreement on the European Economic Area. In exceptional cases, the full IP address will be transferred to a Google server in the USA and shortened there.
On behalf of the website operator, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide additional services related to website and internet usage to the website operator.
The IP address transmitted by your browser in connection with Google Analytics will not be merged with other Google data.
You can prevent the storage of cookies by adjusting your browser settings accordingly; however, we note that you may not be able to use all features of this website fully. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plugin available at the following link: Google Analytics Opt-Out Browser Add-On.

4.10. Google Fonts API
On our website, we use the Google Fonts API, a service from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”) to integrate fonts. When these fonts are embedded, your browser establishes a connection to Google’s servers to download the fonts and display them correctly.
Through this connection, data, especially your IP address and information about the browser you use, may be transmitted to Google and stored on Google’s servers. These servers may be located in the USA or other countries.
If you want to prevent data transmission via the Google Fonts API, you can block access to the domain fonts.googleapis.com in your browser settings. Please note that in this case, our website may not display correctly.

4.11. MailPoet for WordPress
We use the “MailPoet for WordPress” plugin on our website to integrate the subscription functions for our newsletter and other email communications via MailPoet, a service from Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA.
When you subscribe to our newsletter using the form provided on our website, the data you enter, such as your email address and possibly other information, is transferred to MailPoet and stored there. This allows us to send you regular updates, offers, and other information.
The “MailPoet” plugin also supports the integration of certain WordPress features with MailPoet, such as collecting statistics on subscription activity or customizing subscription forms.
The privacy policy of MailPoet applies.

4.12. Akismet
Our website uses Akismet, a service from Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. Akismet helps protect our website from unwanted spam comments and posts. The service checks all comments and posts left on our website for possible spam content.
When you leave a comment or post on our website, the data you enter, along with technical information such as your IP address, is transmitted to Akismet and analyzed there. Akismet uses this data to determine whether the comment or post is classified as spam.
Automattic Inc. has committed to complying with the privacy standards of the European Union.
For more information on how Akismet handles user data, you can read Automattic’s privacy policy: Automattic Privacy Policy. If you do not want Akismet to analyze your data, you should refrain from leaving comments or posts on our website.

5. Embedded Content from Other Websites
Posts on this website may contain embedded content (e.g., videos, images, posts, etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking services, and record your interaction with the embedded content, including your interaction with the embedded content, if you have an account and are logged into that website.
This privacy statement was created using templates from the following sources and translated from German:
Rentschpartner.ch: Chapters 4.1/4.3/4.5
WordPress Template: Chapters 4.2/4.6/5
BrainBox Solutions GmbH: Chapters 1./3./4.8-4.12
Datenschutz-generator.de: Chapters 4.4/4.7