Privacy policy

Last Updated: May 2026

Back to the Body, Inc. ("Back to the Body," "BttB," "we," "us," "our")

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit or use backtothebody.org and any related pages, checkout pages, programs, retreats, workshops, events, sessions, digital content, email lists, services, or online features that link to this Privacy Policy (collectively, the "Website"). The Website is intended only for individuals who are at least 18 years old.

For privacy questions or requests, contact us at:

Back to the Body | Email: admin@backtothebody.org

Mailing Address: 5617 Tom Mix Road #97, Pioneertown, CA 92268

1. Scope

This Privacy Policy applies to personal information we collect through the Website, our Shopify storefront, checkout pages, email forms, purchase and registration forms, retreat or program inquiries, customer-service communications, analytics and advertising tools, and related online services. It does not apply to websites, platforms, payment providers, social media platforms, or services that we do not own or control — for example, Shopify, Partial.ly, Google, Meta, ActiveCampaign, payment processors, and social media platforms each operate under their own privacy policies.

2. Personal Information We Collect

We do not collect or store your payment card information. All payment and payment plan transactions are processed directly by our payment partners — Shopify and Partial.ly — who collect and handle financial data under their own privacy policies and security standards. We receive only confirmation and transaction summary information necessary to fulfill your order, administer payment plans, and maintain business records. If you want to understand how your payment data is handled, please review the privacy policies of Shopify and Partial.ly directly.

Beyond payment processing, we may collect the following categories of personal information, depending on how you interact with us.

A. Information you provide directly

We may collect:

Contact information — name, email address, billing address, and phone number.
Account information — login credentials, account preferences, purchase history, registration history, and saved checkout details.
Purchase and transaction information — offerings purchased, registration details, order details, payment status, refund and cancellation information, and customer-service records.
Payment-plan information — payment-plan enrollment, installment schedule, payment status, failed payments, completed payments, and related information processed through Partial.ly or another payment-plan provider.
Communications — messages you send to us, survey responses, comments, reviews, testimonials, questions, support requests, and other content you choose to provide.
Marketing preferences — email subscription status and communication preferences.
Program, retreat, and service information — if you register for or inquire about retreats, programs, sessions, events, courses, memberships, workshops, payment plans, or other services.
Consent & Intake Form information — if you apply for, register for, or participate in a retreat, session, workshop, or other offering that requires additional consent, intake, eligibility, safety, health, preference, boundary, accessibility, or participation information. These forms may be provided separately and are not included in or linked from this Privacy Policy.
User submissions — reviews, comments, social media tags, testimonials, community contributions, or other content you submit for public or semi-public display.

B. Ecommerce, payment, and payment-plan information

As noted above, Back to the Body does not collect or store your payment card information. Payment processing is handled directly by Shopify and, for payment plans, by Partial.ly. These partners collect payment method details, installment schedules, payment status, failed-payment information, and related transaction records under their own privacy policies and security standards. From these partners, we receive only the confirmation and summary data we need — such as order confirmation, payment status, payment-plan status, billing details, and transaction identifiers — to process your purchase, administer payment plans, provide customer support, prevent fraud, maintain business records, and comply with legal obligations.

C. Information collected automatically

When you visit the Website, we and our service providers may automatically collect: IP address; device, browser, and operating system type; referring and exit pages; pages viewed and links clicked; dates and times of visits; approximate location derived from IP address or device settings; cookie identifiers and similar tracking identifiers; cart, checkout, purchase flow, registration, and email-interaction activity; advertising interaction data; and other usage, diagnostic, and analytics information.

D. Cookies, pixels, and similar technologies

We may use cookies, pixels, tags, SDKs, local storage, and similar technologies for: essential website and checkout functions; security and fraud prevention; preferences and saved settings; analytics and performance measurement; email campaign measurement; advertising, retargeting, and audience measurement; and improving offerings, content, and services.

Our Website may use tools such as Shopify (ecommerce and checkout), Partial.ly (payment plans), Google Analytics (analytics), Meta Pixel (advertising and retargeting), and ActiveCampaign (email marketing and automation). Some cookies and pixels may be considered advertising, retargeting, "sharing," "selling," or targeted-advertising technologies under certain privacy laws, even though we do not sell personal information for money.

E. Sensitive personal information

Because Back to the Body may discuss body-based, intimacy-related, sexuality-related, reproductive, wellness, emotional, relational, trauma-related, or personal-development topics, you may choose to provide information that could be sensitive. In connection with retreats, sessions, workshops, programs, or other offerings, we may ask you to complete separate Consent & Intake Forms requesting information reasonably relevant to the offering — such as health or wellness background, emotional or personal history, boundaries, preferences, accessibility needs, emergency contact information, participation goals, and other information that may be sensitive.

Please do not submit medical information, government ID numbers, financial account numbers, or other sensitive personal information unless we specifically request it and explain why it is needed. If you voluntarily provide sensitive personal information, we will use it only for purposes reasonably related to the applicable offering or as otherwise disclosed at the time of collection. We will not intentionally use your private communications, Consent & Intake Form responses, or sensitive personal information as testimonials or marketing materials without your separate permission.

3. Sources of Personal Information

We may collect personal information from: you directly; your use of the Website; Shopify and ecommerce service providers; Partial.ly and payment-plan providers; payment and fraud-prevention providers; analytics, advertising, and email marketing providers; social media platforms; customer-service tools; retreat, program, workshop, session, or event registration processes; Consent & Intake Forms; business partners, affiliates, or referral sources; publicly available sources; and other sources you authorize.

4. How We Use Personal Information

We may use personal information to:

Operate, maintain, and improve the Website.
Create, manage, and secure accounts.
Process purchases, registrations, payments, refunds, cancellations, and customer-service requests.
Administer payment plans through Partial.ly or another payment-plan provider.
Provide offerings, programs, services, retreats, events, workshops, sessions, digital content, memberships, and related materials.
Review applications, registrations, Consent & Intake Forms, and eligibility information for retreats, programs, sessions, workshops, and other offerings.
Support participant safety, boundaries, accessibility, communication, and appropriate participation.
Respond to questions and communications.
Send transactional, administrative, account-related, and — where permitted by law — marketing messages.
Personalize your experience; measure Website performance; analyze trends, traffic, and engagement.
Conduct advertising, retargeting, and audience measurement.
Prevent fraud, unauthorized transactions, abuse, security incidents, and illegal activity.
Enforce our Terms of Use and other policies; maintain business records; comply with legal, tax, accounting, regulatory, and contractual obligations.
Protect our rights, safety, property, users, participants, customers, and business.
Evaluate or complete a merger, sale, acquisition, financing, restructuring, or other business transaction.

5. Legal Bases for Processing (EU/EEA and UK Users)

If you are located in the EU/EEA or UK, our legal bases for processing personal information may include:

Contract: to provide offerings, services, accounts, checkout, payment plans, customer support, retreats, workshops, sessions, programs, or other features you request.
Consent: for certain marketing, cookies, tracking technologies, sensitive personal information, Consent & Intake Form information, or other processing where consent is required. You may withdraw consent at any time; withdrawal does not affect processing that occurred before withdrawal.
Legitimate interests: to operate and improve the Website, prevent fraud, secure our services, understand usage, communicate with customers and participants, and conduct certain marketing activities, where our interests are not overridden by your rights.
Legal obligations: to comply with tax, accounting, consumer protection, privacy, law enforcement, and regulatory obligations.
Vital interests or public interest: where necessary to protect safety or comply with applicable legal requirements.

6. How We Disclose Personal Information

A. Service providers and processors

We may disclose personal information to vendors and service providers that help us operate our business, including: Shopify and ecommerce platform providers; Partial.ly and payment-plan providers; payment processors and fraud-prevention providers; email marketing and automation providers including ActiveCampaign; analytics providers including Google Analytics; advertising and retargeting partners including Meta; website hosting and security providers; customer-support tools; retreat, program, workshop, session, or event facilitators, contractors, assistants, or support personnel (only as reasonably necessary to provide the applicable offering, support participant safety, administer Consent & Intake Forms, or fulfill our legal and contractual obligations); professional advisors such as attorneys, accountants, consultants, and insurers; and IT, cloud, database, and business-operations providers.

B. Advertising and analytics partners

We may disclose or make available certain online identifiers, device information, browsing activity, checkout activity, registration activity, and similar information to analytics and advertising partners to measure campaigns, understand Website activity, build audiences, and deliver or measure ads. Depending on where you live, this activity may be considered a "sale," "sharing," targeted advertising, or cross-context behavioral advertising under applicable privacy laws. See the Your Privacy Choices section below.

C. Legal, safety, and compliance disclosures

We may disclose personal information when we believe disclosure is necessary to: comply with law, subpoenas, court orders, legal process, or government requests; enforce our Terms of Use or other policies; protect our rights, property, users, participants, customers, business, or others; prevent fraud, abuse, security incidents, or illegal activity; respond to emergencies or safety concerns; or address disputes, claims, chargebacks, payment-plan defaults, or legal matters.

D. Business transfers

We may disclose or transfer personal information in connection with a merger, acquisition, financing, reorganization, bankruptcy, sale of assets, or other business transaction.

E. With your direction or consent

We may disclose information when you direct us to do so, consent to the disclosure, or intentionally interact with a third-party feature, social media platform, or integrated service.

7. We Do Not Sell Personal Information for Money

We do not sell personal information for money. However, our use of analytics, advertising, cookies, pixels, and retargeting tools may be considered a "sale," "sharing," targeted advertising, or cross-context behavioral advertising under certain privacy laws. Where required, we provide choices to opt out of those activities. We do not knowingly sell or share personal information of anyone under 16. The Website is intended only for adults age 18 and older.

8. Cookies, Tracking Choices, and Opt-Out Signals

You can manage cookies and tracking technologies by: using our cookie banner or cookie settings tool where available [insert cookie settings language or URL]; adjusting your browser settings to block or delete cookies; using privacy settings offered by Google, Meta, and other advertising platforms; using device-level privacy settings; or using browser-based opt-out preference signals where supported. Some cookies are necessary for the Website and checkout to function. If you block all cookies, some features may not work properly.

For EU/EEA and UK users, we will request consent before placing non-essential cookies where required by law. You may withdraw or change consent through our cookie settings tool where available.

Some browsers and extensions allow you to send privacy preference signals, such as Global Privacy Control. Where required by applicable law, we will treat recognized opt-out preference signals as requests to opt out of sale, sharing, or targeted advertising for the browser or device sending the signal. We may not respond to "Do Not Track" signals unless required by law.

9. Marketing Emails

If you subscribe to our email list, make a purchase, register for an event or retreat, download content, request information, or otherwise provide your email address, we may send you marketing emails where permitted by law. You may unsubscribe at any time using the unsubscribe link in any email or by contacting admin@backtothebody.org. Unsubscribing from marketing emails does not stop transactional or administrative messages such as purchase confirmations, account notices, payment-plan notices, registration notices, policy updates, security messages, and customer-service responses. For Canadian recipients, we will send commercial electronic messages only with consent or as otherwise permitted by Canada's anti-spam laws.

10. Retention of Personal Information

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Website and offerings; process purchases, registrations, refunds, and cancellations; administer payment plans; maintain Consent & Intake Forms and related participation records; maintain business, tax, accounting, and legal records; resolve disputes; enforce agreements; prevent fraud; comply with legal obligations; maintain email opt-out suppression lists; and support legitimate business needs. When personal information is no longer needed, we will delete, de-identify, aggregate, or securely retain it as required or permitted by law.

11. Your Privacy Rights

Depending on where you live, you may have rights regarding your personal information, including the right to: access personal information we hold about you; request correction of inaccurate personal information; request deletion of personal information; request portability or a copy of personal information; opt out of sale, sharing, targeted advertising, or certain profiling; limit certain uses of sensitive personal information; object to or restrict certain processing; withdraw consent; appeal a denied privacy request; and lodge a complaint with a privacy regulator.

The sections below describe additional jurisdiction-specific rights and how to exercise them. To submit a general privacy request, contact us at:

admin@backtothebody.org | Subject line: Privacy Request

We may ask for information reasonably necessary to verify your identity. Please do not send copies of government IDs or sensitive documents unless we specifically request them through a secure process.

U.S. State Privacy Rights

Residents of California and other states with comprehensive privacy laws may have additional rights, which may include the right to: know whether we process your personal information; access, delete, correct, and obtain a portable copy of personal information; opt out of sale, sharing, targeted advertising, or certain profiling; limit certain uses or disclosures of sensitive personal information; and appeal our decision regarding your request.

To opt out of sale, sharing, or targeted advertising, use [insert "Your Privacy Choices" language or URL] or contact us at admin@backtothebody.org.

California Notice at Collection

The following table is provided as notice at collection for California residents under California privacy law.

Category	Examples	Sources	Purposes	Disclosures
Identifiers	Name, email, billing address, phone, IP, online identifiers	You, Website, Shopify, Partial.ly, service providers	Purchases, registrations, accounts, payment plans, support, marketing, security	Shopify, Partial.ly, payment providers, email providers, analytics/advertising partners
Customer records	Contact details, order details, payment status, service records, registration records	You, Shopify, Partial.ly, service providers	Purchases, registrations, payment plans, support, refunds, cancellations, legal records	Ecommerce, payment, payment-plan, support, and business service providers
Commercial info	Purchase history, cart activity, registration activity, payment-plan activity, transaction history	You, Website, Shopify, Partial.ly, service providers	Purchases, registrations, payment plans, analytics, personalization, marketing, support	Shopify, Partial.ly, payment processors, analytics providers, advertising partners
Internet/network activity	Pages viewed, clicks, referral URLs, cookie IDs, device data, checkout/registration activity	Website, cookies, analytics tools, advertising tools	Analytics, security, advertising, retargeting, personalization, Website improvement	Analytics providers, advertising partners, service providers
Geolocation data	Approximate location from IP address or device/browser settings	Website, analytics tools	Localization, fraud prevention, analytics, advertising	Analytics, advertising, security, and service providers
Inferences	Preferences, interests, likely offering interests, audience segments	Website activity, marketing tools, advertising tools	Personalization, analytics, marketing, advertising	Advertising, analytics, and marketing service providers
Sensitive personal info	Health, wellness, emotional, boundary, accessibility, emergency contact, or participation info from Consent & Intake Forms	You, Consent & Intake Forms, registration materials	Providing offerings, evaluating eligibility, supporting safety and boundaries, legal compliance	Service providers, facilitators, contractors, professional advisors as needed and permitted by law
User-generated content	Reviews, comments, testimonials, social media tags, submissions	You	Community features, marketing with permission, moderation	Website users if public, social platforms, service providers

We collect personal information for the business and commercial purposes described in this Privacy Policy, including ecommerce, registrations, payment plans, customer support, analytics, advertising, marketing, personalization, security, fraud prevention, legal compliance, retreat and program administration, Consent & Intake Form administration, and business operations.

We do not sell personal information for money. Our use of advertising and analytics technologies may be considered "sharing" or "sale" under California law because it may involve cross-context behavioral advertising. California residents may opt out through [insert "Do Not Sell or Share My Personal Information" or "Your Privacy Choices" language or URL]. We do not use or disclose sensitive personal information for purposes that require a right to limit under California law unless we provide the required notice and choice. We retain each category of personal information for as long as reasonably necessary for the purposes described in this Privacy Policy.

California residents may use an authorized agent to submit privacy requests where permitted by law. We may require proof of authorization and may ask you to verify your identity directly. California residents may also request information about certain disclosures of personal information to third parties for their direct marketing purposes by contacting admin@backtothebody.org with the subject line California Shine the Light Request.

EU/EEA and UK Privacy Rights

If you are located in the EU/EEA or UK, in addition to the general rights described above, you may object to processing including direct marketing, and you may lodge a complaint with your local data protection authority. You can submit a request by contacting admin@backtothebody.org. Because we are based in the United States, your personal information may be transferred to and processed in the United States and other countries that may not provide the same level of data protection as your home jurisdiction. Where required, we use appropriate safeguards for international transfers, such as contractual protections or other lawful transfer mechanisms.

Canadian Privacy Rights

If you are located in Canada, you may have rights to access, correct, or challenge our handling of your personal information under applicable Canadian privacy laws. We will collect, use, and disclose personal information with consent or as otherwise permitted by law. You may withdraw consent subject to legal or contractual restrictions and reasonable notice. Contact us at admin@backtothebody.org.

12. Children's Privacy

The Website is intended only for adults age 18 and older. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected personal information from a person under 18, we will take reasonable steps to delete it. Parents or guardians who believe a minor has provided personal information to us may contact admin@backtothebody.org.

13. Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information. However, no website, database, system, or transmission method is completely secure. We cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for notifying us promptly if you believe your account or information has been compromised.

14. Third-Party Websites and Platforms

The Website may link to third-party websites, platforms, checkout pages, social media pages, embedded content, videos, advertisements, or other third-party services. We are not responsible for the privacy practices, content, or policies of third parties. Your interactions with third parties are governed by their own terms and privacy policies.

15. Public Content and Testimonials

If you post a public review, comment, testimonial, social media tag, or other public submission, that content may be visible to others. We will not intentionally use your private communications, Consent & Intake Form responses, sensitive personal stories, or non-public service information as marketing testimonials without your separate permission.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on the Website with a new effective date or last updated date. If we make material changes, we may provide additional notice where required by law.

17. Contact Us

For privacy questions, requests, or concerns, contact:

Back to the Body

Email: admin@backtothebody.org