Privacy Policy (EN)

for Wild-Hugs.com

1. Data Controller

WildHugs S. de R.L.
C. 10 Sur MZ 902 LT 4, Zona 11
77760 Tulum, Quintana Roo
Mexico
Email: justwildhugs@gmail.com

This Privacy Policy applies to Wild-Hugs.com, including our shop, ticket sales, event and retreat bookings, digital programs, registrations, and newsletter.

2. Scope and Applicable Law (GDPR)

Although WildHugs S. de R.L. is based in Mexico, our services are also offered to users within the European Union. Where applicable, we process personal data in accordance with the EU General Data Protection Regulation (GDPR) and other relevant privacy laws.

3. Categories of Personal Data We Process

Depending on how you use our website and services, we may process:

  • Website and device data: IP address, date/time of access, visited pages, referrer URL, browser type, device information

  • Contact data: name, email address, phone number (if provided), and your message

  • Order and booking data: products purchased, event/retreat bookings, billing address, email address, transaction references

  • Newsletter data: email address, subscription confirmations (double opt-in), and engagement data (see Section 8)

  • Analytics data: information about how users interact with the website (see Section 9)

4. Purposes of Processing

We process personal data to:

  • operate and secure the website and shop

  • process purchases, bookings, and provide customer support

  • send confirmations and essential service communications

  • deliver digital products and program access

  • send newsletters and marketing communications (if you opted in)

  • analyze and improve our website, content, and user experience

  • prevent abuse, fraud, and ensure technical stability

5. Legal Bases (GDPR Art. 6)

Where applicable, we process personal data based on:

  • Consent (Art. 6(1)(a)): newsletter subscription, newsletter tracking, and non-essential cookies/analytics where required

  • Contract performance (Art. 6(1)(b)): purchases, bookings, account access, customer support

  • Legal obligation (Art. 6(1)(c)): accounting and tax retention duties

  • Legitimate interests (Art. 6(1)(f)): IT security, fraud prevention, service improvement (only where permitted)

6. Cookies and Consent Management

We use cookies and similar technologies.

  • Essential cookies are required for core functions (e.g., checkout, security, basic site functionality).

  • Non-essential cookies (e.g., analytics and marketing cookies) are used only where legally required and only with your consent.

You can manage cookie preferences via our cookie settings (if available) and/or through your browser settings. Disabling cookies may limit website functionality.

7. Server Log Files

When you access our website, certain information is automatically collected and stored in server log files (e.g., IP address, browser type, operating system, referrer, time of access).
We use this data to ensure security, prevent attacks, and maintain site stability. We do not use this data to directly identify you.

8. Newsletter (Double Opt-in and Tracking)

If you subscribe to our newsletter, we use a double opt-in process. This means you will receive a confirmation email and only after confirming will you be subscribed.

You may unsubscribe at any time by using the unsubscribe link in any newsletter email or by contacting us at justwildhugs@gmail.com.

Newsletter Tracking

Our newsletters may include tracking technologies (e.g., pixels or tracked links) to measure:

  • whether a newsletter was opened

  • which links were clicked

  • general engagement metrics (e.g., device type)

We use this information to improve newsletter content, relevance, and deliverability. Where required by law, newsletter tracking is based on your consent and can be withdrawn at any time by unsubscribing.

9. Website Analytics

We use analytics tools to understand how visitors use our website (e.g., which pages are visited, how long users stay, and how users navigate). This helps us improve our content, performance, and user experience.

Depending on configuration, analytics may involve cookies or similar technologies and may process information such as:

  • pages visited, click behavior, time spent

  • approximate location (derived from IP address)

  • device and browser information

  • referral sources

Where required by law, we run analytics only with your consent. You can withdraw consent at any time via cookie settings (if available) or by disabling cookies in your browser.

10. Orders, Bookings, and Payments (Stripe and PayPal)

When you purchase merchandise, tickets, digital products, or book retreats/events, we process your order and booking data for contract fulfillment.

Payments are processed via third-party providers Stripe and PayPal. We do not store complete payment credentials (such as full card numbers). Payment providers process personal data under their own privacy policies.

11. Contact Requests

If you contact us via email or a contact form, we process the data you provide to handle your request and communicate with you. We do not sell your personal data.

12. Embedded Content and Social Media

Our website may include embedded content (e.g., videos) or links to third-party services (e.g., Instagram). When you interact with such content, third parties may process data under their own privacy policies.

13. Data Sharing and Processors

We may share personal data with service providers (processors) only as necessary to operate our business and deliver services, such as:

  • payment processing (Stripe, PayPal)

  • email/newsletter delivery providers

  • website hosting and infrastructure providers

  • analytics providers (as described above)

We do not sell your personal data.

14. International Data Transfers

Some service providers may process data outside the European Union (e.g., in the United States). Where applicable, we implement appropriate safeguards for international transfers.

15. Data Retention

We store personal data only for as long as necessary for the purposes described above or as required by law (e.g., tax and accounting retention obligations). After that, data is deleted or anonymized.

16. Your Rights (GDPR)

Where applicable under GDPR, you have the right to:

  • access your personal data

  • correct inaccurate data

  • request deletion

  • restrict processing

  • object to processing

  • data portability

  • withdraw consent at any time (where processing is based on consent)

To exercise your rights, contact us at: justwildhugs@gmail.com

17. Right to Lodge a Complaint

Where applicable, you have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or the place of the alleged infringement.

18. No Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you.

19. Security

We use appropriate technical and organizational measures to protect personal data. However, no internet-based transmission is 100% secure.

20. Updates to this Policy

We may update this Privacy Policy from time to time. The current version will always be available on Wild-Hugs.com.

Status: GDPR compliant as of June 2025