MINDBODY Privacy Policy

Last Updated: February 3, 2016

This Privacy Policy is effective immediately once anyone begins using the Service (as defined below) and will become effective on March 3, 2016 for pre-existing users.

At MINDBODY, we respect your privacy and are committed to maintaining your trust. This Privacy Policy describes our policies on the collection, use, and disclosure of information in connection with your use of our products and services, including our consumer-facing mobile application (“MINDBODY App”), our online business management software (“Software Service”), and any other MINDBODY products and services offered through any other websites and mobile applications that direct you to this Privacy Policy (collectively, the “Service”). When you access or use the Service, you agree to the terms and conditions of this Privacy Policy.

1. Defined Terms.

The following terms will have the meanings indicated below. Please refer to our Terms of Service for any capitalized terms that are not defined in this policy.

“End User” means any individual who interacts with the Service, including users of our mobile applications such as the MINDBODY App, and individuals who book appointments, purchase services and otherwise interact with our Subscribers through the Service.

“Other Information” is any information that does not reveal your specific identity or does not directly relate to an individual, such as browser and device information, app usage data, information collected through cookies, pixel tags and other technologies, demographic information and other information provided by you, and aggregated information.

“Personal Information” is information that identifies you as an individual or relates to an identifiable person, such as name, postal address, telephone number, email address, credit card number, and social media account ID.

“Subscriber” is any business or entity that subscribes to (or otherwise accesses or uses) our Software Service.

2. Information We Collect.

We may collect information about you whenever you use the Service, for example:

  • When you create an account on the MINDBODY App, we may ask for Personal Information such as your name, email, mailing address, social media account ID, and other information you may provide with your account. You can edit certain information in your account through the My Info tab in the app.
  • If you’re a customer of one of our Subscribers, we collect information about you when you interact with their business through the Service. For example, if you initiate a transaction with the Subscriber through the Service, such as an appointment or purchase, we may collect information about you, such as your name, email, credit card information, as well as any other information you provide in order to process the transaction.
  • If you’re a Subscriber, we collect information about your business that is submitted to the Service under your account. When you sign up for our Software Service, we ask for your company name, address, phone number, email, credit card information, tax identification number, and other information about your business, as well as names and email addresses of authorized individuals on your account. We also collect Personal Information about your customers that they provide to the Service when they initiate a transaction with you, such as an appointment or purchase.
  • We may store information that your computer or mobile device provides to us in connection with your use of the Service, such as type of computer or mobile device, unique device identifier, IP Address, MAC address, device’s operating system and physical location (including geolocation, beacon based location, and GPS location).  You may disable our use of certain location data through your device or browser settings, for example by disabling “Location Services” for the MINDBODY App in iOS privacy settings.  We may also store usage data such as the date and time the application on your device accesses our servers, and what information and files have been downloaded to the application based on your device number.
  • If you initiate a transaction through the Service, such as an appointment or purchase, we may collect and store information, including your name, phone number, address, email, and credit card information as well as any other information you provide to us, in order to process your transaction. This information may be shared with third parties for the same purposes. We encrypt credit card numbers using industry standard technology. We may also collect other Personal Information at the request of the business you are transacting with.
  • We may receive information about you from other sources, such as public databases, strategic and joint marketing partners, social media platforms, people with whom you are friends or otherwise connected on social media platforms, as well as from other third parties. For example, if you elect to connect your social media account to your MINDBODY App account, certain information from your social media account may be shared with us, including information that’s part of your profile or your friends’ profiles.
  • We may collect other Personal Information through the Service under the direction of our Subscribers. 

3. How Personal Information May Be Used.

We may use your Personal Information:

  • To respond to your inquiries and fulfill your requests.
  • To send administrative information to you, for example, information regarding our services and changes to our terms, conditions, and policies. 
  • To complete and fulfill your purchase or class registration, for example, to process your payments, communicate with you regarding your purchase and provide you with related customer service.
  • To send you marketing communications that we believe may be of interest to you, such as to send you newsletters.
  • To personalize your experience on the Service by presenting products and offers tailored to you, including complementary products and services of our partners.
  • To allow you to participate in sweepstakes, contests and similar promotions and to administer these activities.  Some of these activities have additional rules, which could contain additional information about how we use and disclose your Personal Information, so we suggest that you read these rules carefully.
  • To facilitate social sharing functionality.
  • To allow you to send messages to a friend through our services, as described in the section below titled “Referral Contact Information.” 
  • Our mobile applications may also send push notifications to your mobile device. If you have previously consented to receiving push notifications and no longer wish to receive them, you can also turn push notifications off at the device level. The applications may also request access to your device's calendar application, camera, and microphone. If you have previously allowed access to your device's calendar and no longer wish to allow access, you may edit the application settings at the device level.
  • For our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing new products and services, enhancing, improving or modifying our products and services, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities. 
  • As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

4. How Personal Information May Be Disclosed.

We may disclose your Personal Information:

  • To our affiliates for the purposes described in this Privacy Policy. 
  • To our strategic partners and third-party service providers who provide services such as website hosting, data analysis, payment processing services, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, credit card processing, auditing and other similar services.
  • To our Subscribers if you are an End User and are using our Service to interact with that Subscriber. Please contact the Subscriber you interact with directly for more information on that Subscriber’s privacy practices.
  • To third parties to permit them to send you marketing communications, consistent with your choices. 
  • To third-party sponsors of sweepstakes, contests and similar promotions.
  • By you, on message boards, chat, profile pages and blogs and other services to which you are able to post information and materials, including as described in the sections below titled “Testimonials, Ratings and Reviews” and “Public Forum.”
  • To your friends associated with your social media account, to other Website users and as well as to your social media account provider, in connection with your social sharing activity, such as if you connect your Facebook account to your MINDBODY App account.
  • For legal purposes described in the section below titled “Legal Disclosure.”

Please note that we may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Information under applicable law, then we may use it for all the purposes for which we use and disclose Personal Information. In some instances, we may combine Other Information with Personal Information (such as combining your name with your geographical location). If we combine any Other Information with Personal Information, we will treat the combined information as Personal Information.

5. Your Choices.

If you would like to review, correct, update, suppress, or delete Personal Information that has been previously provided by you, you may contact us by logging into your account and making the appropriate changes or by emailing our customer support at support@mindbodyonline.com.  

In your request, please make clear what Personal Information you would like to have changed or removed from our database. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request.  We will try to comply with your request as soon as reasonably practicable. 

Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion (e.g., when you make a purchase, you may not be able to change or delete the Personal Information provided until after the completion of such purchase).  There may also be residual information that will remain within our databases and other records, which will not be removed.

If you are under 18 and a user of our Service, you may ask us to remove content or information that you have posted to the Service by submitting a request to privacy@mindbodyonline.com.  Please note that your request does not ensure complete or comprehensive removal of the content or information.

If you are a customer of one of our Subscribers and would no longer like to be contacted by one of our Subscribers, or would like to access, correct, amend, or delete inaccurate Personal Information held by a Subscriber, please contact the Subscriber that you interact with directly. 

Your choices regarding our use and disclosure of Personal Information

Information you provide may be used by MINDBODY for marketing purposes, including but not limited to, one-off promotional e-mailing, direct mail, and sales contacts. We give you many choices regarding our use and disclosure of your Personal Information for marketing purposes.  You may opt-out from:

  • Receiving electronic communications from us:  If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out of receiving these marketing-related emails by sending a request for list removal to unsubscribe@mindbodyonline.com. If you provide your information to MINDBODY, at any time you can opt-out, which will allow you to save your information with MINDBODY, but MINDBODY will not use your information for marketing purposes.
  • Our sharing of your Personal Information with unaffiliated third parties for their direct marketing purposes:  If you would prefer that we do not share your Personal Information on a going-forward basis with unaffiliated third parties for their direct marketing purposes, you may opt-out of this sharing by emailing unsubscribe@mindbodyonline.com.

We will try to comply with your request(s) as soon as reasonably practicable. Please also note that if you do opt-out of receiving marketing-related emails from us, we may still send you messages for administrative or other purposes directly relating to your use of the Service, and you cannot opt-out from receiving those messages.

6. Tracking and Advertising.

We and our third party service providers may collect Other Information in a variety of ways.  We and/or our third party partners may employ various tracking technologies, such as cookies, web beacons and analytics software, that help us better manage content on our Service by informing us what content is effective. 

Cookies

When you visit our website or otherwise interact with the Service we may send one or more “cookies” to your computer or other devices. Cookies are alphanumeric identifiers stored on your computer through your web browser and are used by most websites to help personalize your web experience. Some cookies may facilitate additional site features for enhanced performance and functionality such as remembering preferences, allowing social interactions, analyzing usage for site optimization, providing custom content, allowing third parties to provide social sharing tools, and serving images or videos from third party websites. Some features on this site will not function if you do not allow cookies. We may link the information we store in cookies to any Personal Information you submit while on our site.

We may use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. Persistent cookies enable us to track and target the interest of our users to enhance the experience on our site. If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows you to automatically decline cookies, or be given the choice of declining or accepting the transfer to your computer of a particular cookie (or cookies) from a particular site.  You may also wish to refer to http://www.allaboutcookies.org/manage-cookies/index.html.  If you reject cookies, you may still use our site, but some features on the site will not function properly.

Functional cookies, persistent and session type, store information to enable core site functionality, such as Live Chat and Client ID remembrance.

Analytics cookies allow us to count page visits and traffic sources so we can measure and improve the performance of our site and our marketing campaigns.

Advertising cookies may be set through our website by our advertising partners. Data may be collected by these companies that enable them to serve up advertisements on other sites that are relevant to your interests. 

Web Beacons

We may use Web Beacons alone or in conjunction with cookies to compile information about our Service. Web Beacons are tiny graphic objects that are embedded in a web page or email and are usually invisible to the user but allow checking that a user has viewed the page or email. Web Beacons may be used within the Service to track email open rates, web page visits or form submissions. In some cases, we tie the information gathered by Web Beacons to our Subscribers’ and End Users’ Personal Information. For example, we use clear gifs in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns.

Flash and HTML5 Storage

We use Local Shared Objects, such as Flash cookies, AND/OR Local Storage, such as HTML5, to store content information and preferences. Third parties with whom we partner to provide certain features on our website or to display advertising based upon your web browsing activity also use Flash cookies or HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5. To manage Flash cookies, please click here.

Do Not Track Signals

At this time we do not respond to browser ‘do not track’ signals.  

Analytics Software

We and our third party tracking-utility partners use log files on our Service to gather certain information automatically and store it for analytical purposes. This information includes internet protocol (“IP”) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.  We use Google Analytics, which uses cookies and other, similar technologies to collect and analyze information about use of the Service and report on activities and trends.  This service may also collect information regarding the use of other websites, apps and online resources.  You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

We use this information to track and aggregate Other Information to analyze trends, administer the site, track users’ movements around the Service and to gather demographic information about our user base as a in the aggregate.

Advertising Networks

We may partner with third party ad network(s) and other service providers to show you relevant ads, including ads displayed on the Service and on other companies’ websites or apps, on any of your devices.  Our service providers may use cookies and web beacons to collect non-personally identifiable information about your activities on the Service and other web sites and mobile apps to provide you targeted advertising based upon your interests. They may also use these technologies, along with activity information they collect, to recognize you across the devices you use, such as a mobile device and a laptop or other computer.

If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out.  If you would like more information about this practice and to opt out of it on the particular device from which you are accessing this policy, go to http://www.networkadvertising.org/managing/opt_out.asp, http://www.aboutads.info/choices and http://preferences-mgr.truste.com/ to opt out in desktop and mobile web browsers.  You may download the AppChoices app at www.aboutads.info/appchoices to opt out in mobile apps.  For individuals in the EU, please also visit http://www.youronlinechoices.eu/.  Please note that opting out does not opt you out of being served advertising. You will continue to receive generic ads.

Social Media Features and Widgets

The Service includes social media features such as the Facebook Like button, and widgets, such as the Share This button or interactive mini-programs that run on our Website. These features may collect your IP address, which page you are visiting on our Website, and may set a cookie to enable the feature to function properly.  Social media features and widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy policy of the company providing it.

7. Public Forum.

Our Website offers publicly accessible message boards, blogs, and community forums. Please keep in mind that if you directly disclose Personal Information through MINDBODY public message boards, blogs, or forums, this information may be collected and used by others. To request removal of your Personal Information from our blog or community forum, contact us at support@mindbodyonline.com. In some cases, we may not be able to remove your Personal Information or some content (if, for example, it is reposted by another user), in which case we will let you know if we are unable to do so and why.

8. Facebook Connect.

You can log in to some of our Service using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you the option to share certain Personal Information with us such as your name and email address to pre-populate our sign up form.  Services like Facebook Connect give you the option to post information about your activities on this Website to your profile page to share with others within your network.

In addition, when using some of our mobile applications we may allow you a chance to tell friends about our services by accessing the contacts in your Facebook or other social media account. 

9. Referral Contact Information.

If you choose to use our referral service to tell a friend about the MINDBODY App via SMS or email, we will ask for your friend’s email address or telephone number. We will automatically send your friend a one-time email or SMS message inviting them to visit the mobile application. MINDBODY stores this information for the sole purpose of sending this one-time message and tracking the success of the referral program. Your friend may contact us at unsubscribe@mindbodyonline.com to request that we remove this information from our database.

When using this feature we will access the contact list of your device for the sole purpose of assisting you in finding individuals to whom you wish to send these communications. If you submit any Personal Information relating to other people to us or to our service providers in connection with the Service, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.  Please also note that when using the SMS feature charges from your carrier may apply.

Your provider's standard data and messaging rates apply to all SMS correspondence. All charges are billed by and payable to your mobile service provider. You represent that you are 18 years of age and the owner or authorized user of the wireless device on which messages will be received, and that you are authorized to approve the applicable charges. Data obtained from you in connection with this SMS Service may include your name, address, cell phone number, your provider's name, and the date, time, and content of your messages. The use of this information will be in accordance with this Policy. If fees are charged to your wireless account invoice, we may provide your carrier with your applicable information in connection therewith. Your wireless carrier and other service providers may also collect data about your wireless device usage, and their practices are governed by their own policies. You acknowledge and agree that the SMS Service is provided via wireless systems which use radios (and other means) to transmit communications over complex networks. We will not be liable for any delays in the receipt of any SMS messages, as delivery is subject to effective transmission from your network operator. SMS message services are provided on an AS IS basis. We do not guarantee that your use of the SMS Service will be private or secure, and we are not liable to you for any lack of privacy or security you may experience. You are fully responsible for taking precautions and providing security measures best suited for your situation and intended use of the SMS Service. You may opt out of the SMS Service at any time by replying "STOP", "END", or "QUIT" to the SMS text message you have received. This process impacts only the future delivery of the particular SMS message offering, so you must send that message for each offering.

10. Testimonials, Ratings and Reviews.

If you submit testimonials, ratings or reviews to the Service, any Personal Information you include will be displayed in the Service. If you want your testimonial removed, please contact us at testimonial@mindbodyonline.com.

We also partner with third-party service providers to collect and display ratings and review content on our web site. If the content collected by a third party for display includes Personal Information, it will not be posted unless consent is provided by the individual.

13. Data Retention.

We will retain your Personal Information for as long as needed to provide the applicable Service you use, unless a longer retention period is required or permitted by law.

14. Security of Your Information.

The security of Personal Information is a high priority at MINDBODY. We maintain our Service and all associated data with technical, administrative and physical safeguards to protect against loss, unauthorized access, destruction, misuse, modification and improper disclosure. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have any questions about the security of your interaction with us (if, for example, you feel that the security of any account you might have with us has been compromised), you can contact us at privacy@mindbodyonline.com.

15. Use of Service By Minors.

The Service is not directed to individuals under the age of thirteen (13), and we request that these individuals do not provide Personal Information through the Service. 

16. Cross-Border Transfer.

The Service is controlled and operated by us from the United States, and is not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States.  Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Service you consent to the transfer of information to countries outside of your country of residence, including the United States, which may have different data protection rules than those of your country.

17. Sensitive Information.

We ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., Social Security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, trade union membership or criminal background) on or through the Service or otherwise to us, except where explicitly requested.

18. TRUSTe and Safe Harbor.

We have received TRUSTe's Privacy Seal signifying that this policy and our practices have been reviewed for compliance with TRUSTe's program requirements.  To view our relationship with TRUSTe, please visit the validation page visible by clicking on the TRUSTe seal. The TRUSTe program covers only information that is collected through our Service.  

If you have questions or concerns regarding this policy, please contact us at privacy@mindbodyonline.com. If contacting us does not resolve your complaint, you can contact TRUSTe at https://feedback-form.truste.com/watchdog/request.

MINDBODY complies with the U.S.-E.U. and U.S.-Swiss Safe Harbor Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. We have certified, and TRUSTe has verified, that we adhere to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view MINDBODY’s certification, please visit http://www.export.gov/safeharbor/.  

19. Changes to This Privacy Policy.

MINDBODY reserves the right to change this Privacy Policy.  Please take a look at the “Last Updated” legend at the top of this page to see when this Privacy Policy was last revised.  Any changes to this Privacy Policy will become effective when we post the revised Privacy Policy on the Service.  Your use of the Service following these changes means that you accept the revised Privacy Policy.

20. Contact Us.

If you have any questions regarding this Privacy Policy you can contact us via email at privacy@mindbodyonline.com or via postal mail at:
ATTN: MINDBODY Legal - Privacy Policy Issues
MINDBODY, Inc.
4051 Broad Street Suite 220
San Luis Obispo, Ca 93401