This document sets out the privacy policy of the ToDo Institute, explaining how we collect and use your personal information in your relationship with us as a customer or potential customer including through your use of www.thirtythousanddays.org (the “Site”) and through your interactions with our content and/or services.  The policy also applies to information  about suppliers and possible future suppliers, and all other contacts we hold information about.  Our site is not intended for children and we do not knowingly collect data relating to children.

Who are We?
The ToDo Institute is a 501(c)3 nonprofit organization that promotes a natural approach to mental wellness based on Japanese Psychology.  Although rooted in Eastern philosophy, these methods are integrated skillfully into contemporary western society, providing balance, beauty and wisdom. We promote these methods through books and publications, online learning courses, on-site programs, webinars, workshops and membership.

Information We Collect
By “information,” we mean personal information about you that we collect, use, share, store or transfer in physical and electronic form. This information can be grouped together in the following categories:

  • Identity Information includes first name, last name, username or similar identifier, title, and date of birth.
  • Contact Information includes billing address, delivery address, email address and telephone numbers.
  • Financial Information includes bank account and payment card details
  • Transaction Information includes details about payments to and from you and other details of products and services you have purchased from us.
  • Profile Information includes your Site username and password (if applicable), your Site registration or acquisition date, purchases or orders made by you, your feedback and survey responses, your membership and membership date, and any information that you choose to share on your Site profile.
  • Usage Information includes information about how you use the Site and our products and services.
  • Marketing and Communications Information includes your preferences in receiving marketing and your communication preferences
  • Social Information means information collected if you choose to link your social media accounts with us.

How We Collect Information About You
You may give us your information by filling in forms on the Site or by corresponding with us by mail, phone, email, on social media or otherwise. This includes information you provide when you:

  • Register for an account with us;
  • Become a member;
  • Place an order;
  • Sign up to our newsletters;
  • Request marketing to be sent to you; or
  • Enter a competition, promotion or survey;

How We Use Your Information
We use your information in the following ways:

  •  Identity & Contact Information   
    • To deliver your purchases to you;
    • To send you service messages by email, such as order updates;
    • To create and manage your ToDo Institute membership account;
    • To provide customer service and support, and handle returns;
    • For security and to check your identity;
    • To provide you with marketing (where we have the right to do so – see marketing section below);
    • To direct you to the right part of the Site;
    • To communicate with you;

  • Financial Information 
    • To take payment, and give refunds;
    • For fraud prevention and detection;
  •  Transaction Information     
    • To improve our Site and set default options for you;
    • To keep our site safe and secure;
    • To find out what you, and other customers, like;
  •  Profile Information 
    • To find out what you, and other customers, like;
    • To make suggestions and recommendations to you about goods or services that may be of interest to you;
  •  Marketing and Communications Information 
    • To send you information by email or post about our products and services;
  •  Contact History     
    • To provide customer service and support;
  •  Social Information   
    • To enable you to log-in to our Site simply and easily without having to create a separate account;
    • To enable you to share products and services if you choose to;
  • Legal basis for processing
    • For the performance of contracts to which you will be a party to and in order to take steps at your request prior to you entering into those contracts;
    • For the purposes of legitimate interests pursued by us; or
    • In order to comply with a legal obligation to which we are subject.
  • Legitimate interests
    • Where our processing is based on the legitimate interest grounds described above, those legitimate interests are: (i) collecting personal information to provide you with a smooth and efficient customer experience; (ii) running our business; (iii) to provide the products and services you have requested; (iv) to prevent fraud; and (v) for our own marketing, research and product development.

 

Will We Share Your Information With Third Parties?
We will not sell, distribute or lease your personal information to third parties unless we are required by law to do so.  However, we share your information with the following categories of companies as an essential part of being able to provide our products and services to you, as set out in this privacy policy:

  • Companies that help us fulfil your orders such as payment service providers and delivery companies.
  • Professional service providers, such as website hosts who help us run our business.
  • Credit reference agencies, law enforcement and fraud prevention agencies, so that we can help tackle fraud.
  • Law enforcement agencies, international customs organisations and other governmental agencies or third parties if we are required by law to do so.

Will We Transfer Your Information Overseas?
The information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA such as one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.

When we, or our permitted third parties, transfer your information outside the European Economic Area, we or they will impose obligations on the recipients of that data to protect your information to the standard required in the EEA or otherwise require the recipient to subscribe to international frameworks intended to enable secure data sharing. In the case of transfers by us, we will put in place appropriate safeguards to ensure that your information remains adequately protected.

Your Rights
At any time, you have the right:

  • To request access to or a copy of any information which we hold about you;
  • To modify your information, if you consider that it is inaccurate;
  • To ask us to delete your information, if you consider that we do not have the right to hold it;
  • To withdraw consent to our processing of your information (to the extent such processing is based on previously obtained consent);
  • To ask us to stop or start sending you marketing messages as described below in the marketing section;
  • To restrict processing of your information;
  • To data portability (moving some of your information elsewhere) in certain circumstances;
  • To object to your information being processed in certain circumstances; and
  • To not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your information.

Any request for access to or a copy of your information must be in writing and we will endeavour to respond within a reasonable period and in any event within one month in compliance with data protection legislation. We will comply with our legal obligations as regards your rights as a data subject.

We aim to ensure that the information we hold about you is accurate at all times. To assist us in ensuring that your information is up to date, do let us know by contacting us using the details at the bottom of this policy if any of your personal details change.

Data Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Marketing
We may use your information to assess what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.

You will receive marketing messages from us if you have requested information from us or purchased goods or services from us and, in each case, you have not opted out of receiving marketing communications.

We may also market to you if we have received your express consent to do so including where we have collected your details in connection with a promotion and you have agreed to receive marketing from us.

You can stop receiving marketing messages from us at any time.

You can do this:

By clicking on the “unsubscribe” link in any email

By contacting us at todo@todoinstitute.com

Once you do this, we will update your profile to ensure that you don’t receive further marketing messages.

Stopping marketing messages will not stop service communications (such as order updates).

Online Advertisements
We may also engage in online advertising in order to keep you aware of what we’re up to and to help you see and find our products or services.

We may use a variety of digital marketing networks and ad exchanges, and advertising technologies like cookies and mobile identifiers, as well as specific services offered by some sites and social networks, such as Facebook’s Custom Audience service.

How Long Will We Keep Your Information?
We will keep your information for as long as you have your account, or as long as is needed to be able to provide the services to you, or for as long as is necessary to provide support-related reporting.

If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required, even after you have closed your account or it is no longer needed to provide the services to you.

Where we are permitted to send you direct marketing communications we may retain your contact information necessary for this purpose, (provided that you have consented to receiving them) for as long as you do not unsubscribe from receiving the same from us.

How To Contact Us
Questions, comments and requests regarding this policy are welcomed and should be addressed to todo@todoinstitute.org. You can also send a letter by mail to: ToDo Institute, P.O. Box 50, Monkton, VT 05469.

If you have any concerns about our use of your information, you also have the right to make a complaint to the data protection regulator in your country.

Changes To This Policy
Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you on the Site or by e-mail. Please check back frequently to see any updates or changes to our policy. This privacy policy was last updated on May 24, 2018.

CONTACT US

Please send us an email and we'll get back to you, asap.

Sending
Choose what you're looking for easier.
or

Log in with your credentials

Forgot your details?