Privacy Policy


We protect your privacy

Date last modified: April 18, 2014

MINDBODY Inc. (MINDBODY) is a certified licensee of the TRUSTe Privacy Seal and abides by the EU and Swiss Safe Harbor Frameworks.
MINDBODY respects your privacy and we appreciate your interest in our organization. This Privacy Policy covers our collection, use and disclosure of information we collect through our websites, www.mindbodyonline.com and www.mindbodyexchange.com, our software as a service MINDBODY and MINDBODY Exchange and our mobile applications MINDBODY Express Business, MINDBODY Receipt Keeper; MINDBODY Connect, (collectively referred to in this Policy as our “Digital Properties”).
The use of information collected through our service shall be limited to the purpose of providing the service(s) for which you have engaged MINDBODY. We will share your personal information with third parties only in the ways that are described in this privacy statement.
MINDBODY has been awarded TRUSTe's Privacy Seal signifying that this privacy policy and practices have been reviewed by TRUSTe for compliance with TRUSTe's program requirements and the TRUSTed Cloud Program Requirements including transparency, accountability and choice regarding the collection and use of your personal information. The TRUSTe program covers only information that is collected through these Digital Properties.

TRUSTe's mission, as an independent third party, is to accelerate online trust among consumers and organizations globally through its leading privacy Trustmark and innovative trust solutions. If you have questions or complaints regarding our privacy policy or practices, please contact us at privacy@mindbodyonline.com. If you are not satisfied with our response you can contact TRUSTe here. TRUSTe will then serve as a liaison with MINDBODY to resolve your concerns.
MINDBODY complies with the U.S. – E.U. Safe Harbor framework and the U.S. - Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. MINDBODY has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view MINDBODY certification, please visit http://www.export.gov/safeharbor.

Terms of Use

Please note that your use of our Digital Properties is also subject to our MINDBODY SSA, or other applicable End User License Agreements associated with such Digital Properties. In addition, when interacting with the MINDBODY Exchange service, this Privacy Policy is incorporated into, and part of, our General Terms of Use, and our Patient User Agreement and/or the Practitioner/Organization User Agreement, as applicable, (together with the General Terms of Use, the “Terms of Use”) which govern your access and use of the Site and/or Services in general. All capitalized terms not otherwise defined herein shall have the meaning assigned to such terms in the Terms of Use.

Information Related to Data Collected from You

Information we collect and how it is used

On certain pages, we give users the option of providing us with contact information or account registration information, including name, phone, and e-mail address, as a requirement If you choose to purchase a service from us or access some of our training materials we will collect information from you such as credit card number and billing name and address. Providing this information is voluntary which we use internally and with MINDBODY partners. All information collected while within the MINDBODY Digital Properties shall hereby be referred to as (“Collected Information”). When using our mobile applications we may collect information from your device such as unique device ID, device’s operating system, MAC address, and device type (“Device Information”). We will not provide your Device Information to any third party. MINDBODY follows the seven principles created by the US Department of Commerce's Safe Harbor Program.
When using the MINDBODY Exchange service, we will collect additional information relating to your role as a patient, practitioner or organization such as: age and personal health information when you register for an account or book an appointment. Your professional license number, type of state of issuance and expiration date if you register as a practitioner. If you register as an organization we will collect the first and last name and email address of your representative.
MINDBODY Exchange will also provide all users the opportunity to upload and store personal health records, health insurance information, medical history and records, and treatment notes about yourself or on behalf of others that are registered members of MINDBODY Exchange.

When using our mobile applications we may collect your Geo Location data in order to help find services located near you. If you have previously consented to the collection of your Geo Location data and no longer wish to have it used, you can turn it off at the device level.
If you have opted into membership of our information newsletter, you may cancel participation in the email newsletters by following the instructions on each newsletter or by contacting us at info@mindbodyonline.com. Information you provide may be used by MINDBODY for marketing purposes, including but not limited to, one-off promotional e-mailing, direct mail, and sales contacts. We will honor all requests for list removal sent to info@mindbodyonline.com. If you provide your information to MINDBODY, at any time you can opt-out, which will allow you to save your personal information with MINDBODY, but MINDBODY will not use your information for marketing purposes.

Service Providers

We use other third parties such as credit card processing companies to bill you for services, a support provider to help us collect feedback and manage our support and an email service provider to send out emails on our behalf. We use live chat software to assist you if you have questions while using our site or regarding our service. When you sign up for our services, we will share your Collected Information only as necessary for the third party to provide that service.

Access to Personal Information

If your Collected Information changes, or if you no longer desire our service, you may correct, update, and delete/deactivate it by logging into your account and making the appropriate changes or by emailing our customer support at support@mindbodyonline.com. We will respond to your request within 30 days.

Tracking Technologies

MINDBODY employs, or our third party advertising partners employ, various tracking technologies, such as cookies, web beacons and analytics software, that help us better manage content on our Digital Properties by informing us what content is effective.

Cookies

When you visit our Digital Properties we send one or more “cookies” to your computer or other devices. Cookies are alphanumeric identifiers stored on your computer through your web browser and are used by most websites to help personalize your web experience. Some cookies may facilitate additional site features for enhanced performance and functionality such as remembering preferences, allowing social interactions, analyzing usage for site optimization, providing custom content, allowing third parties to provide social sharing tools, and serving images or videos from third party websites. Some features on this site will not function if you do not allow cookies. We may link the information we store in cookies to any Collected Information you submit while on our site.
We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. Persistent cookies enable us to track and target the interest of our users to enhance the experience on our site. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file.
Functional cookies, persistent and session type, store information to enable core site functionality, such as Live Chat and Client ID remembrance.
Analytics cookies allow us to count page visits and traffic sources so we can measure and improve the performance of our site and our marketing campaigns.
Advertising cookies may be set through our website by our advertising partners. Data may be collected by these companies that enable them to serve up advertisements on other sites that are relevant to your interests.
If you reject cookies, you may still use our site, but some features on the site will not function properly.

Web Beacons

MINDBODY uses Web Beacons alone or in conjunction with cookies to compile information about our Digital Properties. Web Beacons are tiny graphic object that are embedded in a web page or email and is usually invisible to the user but allows checking that a user has viewed the page or email. Web Beacons may be used within the Digital Properties to track email open rates, web page visits or form submissions. In some cases, we tie the information gathered by Web Beacons to our customers’ Collected Information. For example, we use clear gifs in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns.

Third Party Tracking Technologies

The use of cookies and web beacons by any tracking utility company or third party service provider is not covered by our privacy statement. We do not have access or control over these cookies.

Analytics Software

We and our third party tracking-utility partners use log files on our Digital Properties to gather certain information automatically and store it for analytical purposes. This information includes internet protocol (“IP”) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.
We use this information to track and aggregate no-personal information to analyze trends, administer the site, track users’ movements around our Digital Properties and to gather demographic information about our user base as a in the aggregate.

Advertising Networks

We partner with third party ad network(s) to either display advertising on our Digital Properties or to manage our advertising on other sites. Our ad network partners use cookies and web beacons to collect non-personally identifiable information about your activities on this and other web sites to provide you targeted advertising based upon your interests. If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out. Please note this does not opt you out of being served advertising. You will continue to receive generic ads.

Social Media Features and Widgets

Our Digital Properties include social media features, such as the Facebook Like button and widgets, such as the Share this button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Digital Properties. Your interactions with these Features are governed by the privacy policy of the company providing it.

Facebook Connect

You can log in to our some of our services using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign up form. Services like Facebook Connect give you the option to post information about your activities on this Web site to your profile page to share with others within your network.
In addition, when using some of our mobile applications we may allow you a chance to tell friends about our services by accessing the contacts in your Facebook or other social media account.

Tell-A-Friend

We may provide you for the opportunity to use our referral service to tell a friend about one of our mobile applications via SMS or email, or to invite colleagues to collaborate. We will ask you for your colleagues’/friend’s email address or telephone number. We will automatically send your friend a one-time email or SMS message inviting them to visit the mobile application. MINDBODY stores this information for the sole purpose of sending this one-time email or SMS and tracking the success of our referral program. Your friend may contact us at support@mindbodyonline.com to request that we remove this information from our database.
When using this feature we will access the contact list of your device for the sole purpose of assisting you in finding individuals to whom you wish to send these communications. Please also note that when using the SMS feature charges from your carrier may apply.

Testimonials, Ratings and Reviews

We post customer testimonials on our Digital Properties which may contain Collected Information. We obtain the customer's consent via email prior to posting the testimonial and attaching the users name along with their testimonial. If you want your testimonial removed, please contact us at testimonial@mindbodyonline.com.
We also partner with a third party service provider to collect and display ratings and review content on our web site. If the content collected by the third party for display includes personally identifiable information, it will be rejected and will not be posted unless explicit consent is provided by the customer.

Links to Other Web Sites

Our Site includes links to other web sites whose privacy practices may differ from those of MINDBODY. If you submit personal information to any of those sites, your information is governed by the privacy policy/ statements governing that particular site. We encourage you to carefully read the privacy statement of any Web site you visit.

Public Forum

Our Web site offers publicly accessible message boards, blogs, and community forums. Please keep in mind that if you directly disclose Collected Information through MINDBODY public message boards, blogs, or forums, this information may be collected and used by others. To request removal of your personal information from our blog or community forum, contact us at support@mindbodyonline.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.

Information Related to Data Collected for our Subscribers

The following terms shall have the definitions contained below.
Subscriber shall mean the business or entity that purchased a subscription the MINDBODY Software as a Service via entering into the MINDBODY Software Service Agreement (“SSA”).

Customer shall mean the businesses or individuals scheduling and purchasing products and services from SUBSCRIBER.

Service Provider Collection and Use

MINDBODY collects information under the direction of its Subscribers, and has no direct relationship with the individuals whose personal data it processes.

Choice

MINDBODY collects information for our Subscribers. If you are a Customer of one of our Subscribers and would no longer like to be contacted by one of our Subscribers that use our service, please contact the Subscriber that you interact with directly.

Service Provider, Sub-Processors/Ownward Transfer

MINDBODY may transfer Collected Information to third parties that help us provide our service. Transfers to these third parties are covered by the provisions in this Policy regarding notice and choice and the service agreements with our Subscribers.

Access to Data Controlled by our Subscribers

MINDBODY has no direct relationship with the Customers whose personal data it processes. A Customer who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the Subscriber. If the Subscriber requests MINDBODY to remove the data, we will respond to their request within 30 business days.

Additional Information

Legal Disclosure

We reserve the right to disclose the Collected Information upon the following circumstances:

  • As required by law, such as to comply with a subpoena, or similar legal process.
  • when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • To any other third party with your prior consent to do so.
  • If MINDBODY is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your Collected Information, as well as any choices you may have regarding your personal information.

Data Retention

We will retain your Collected Information and the Collected Information we process on behalf of our Subscribers for as long as your account is active or as needed to provide you and our Subscribers services. We will retain and use this information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Security of your Information

The security of personal information is a high priority at MINDBODY. We maintain our Digital Properties and all associated data with technical, administrative and physical safeguards to protect against loss, unauthorized access, destruction, misuse, modification and improper disclosure. When you enter sensitive information (such as a credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL). No computer system or information can ever be fully protected against every possible hazard. MINDBODY is committed to providing reasonable and appropriate security controls to protect our web sites and their information against foreseeable hazards. If you have any questions about security on our web site, you can contact us at privacy@mindbodyonline.com.

Changes to this Privacy Policy

MINDBODY reserves the right to change this Privacy Statement. MINDBODY will provide notification of the material changes to this Privacy Policy through notifications on the main page of this site or via email at least thirty (30) business days prior to the change taking effect.

As referenced in our Debit Card program’s Terms and Conditions, if you are a MINDBODY Exchange user, you hereby request that we refrain from sending you annual privacy notices other than as outlined above.

You understand that the current privacy notice is available to you at any time by accessing it on the web site, www.mindbodyexchange.com or by calling your Plan Administrator at the number on the back of your Card.

Contact Us

If you have any questions regarding this Privacy Statement you can contact us via email at privacy@mindbodyonline.com or via postal mail at:


Vice President of IT Security
4051 Broad Street Suite 220
San Luis Obispo, Ca 93401
(805) 706-0476