top of page

PRIVACY POLICY

Last updated: April 20, 2026

Contact us: nikib@barefootsoulsociety.com

Mailing address: Barefoot Soul Society, P.O. Box 1143 Oakhurst, NJ 07755.

 

At Barefoot Soul Society, your privacy matters.

This page explains how we collect, use, and protect your personal information when you interact with our website, emails, or offerings — including digital downloads, email signups, and product purchases.

 

WHAT WE COLLECT

When you engage with Barefoot Soul Society, we may collect:

  • Your name and email address (when you subscribe, download, or purchase)

  • Your mailing address and payment information (for physical product purchases or billing)

  • Your preferences or interests (when you click on certain links or complete a form)

  • Your IP address and browser data (to help us improve site performance and understand what content is resonating)

 

HOW WE USE YOUR INFORMATION

We use the information you provide to:

  • Send you relevant emails, resources, and updates you’ve requested

  • Deliver your purchases, both physical and digital

  • Improve your experience across our website and offerings

  • Offer content or products based on your preferences (when you’ve chosen to share them)

 

We will never sell, rent, or share your personal data with third parties for marketing purposes.

HOW WE PROTECT YOUR INFORMATION

 

Your information is stored securely and only accessible to those who need it 

to fulfill your request (like order fulfillment or email delivery).

 

Third-Party Service Providers:

 

We use trusted third-party services to operate our business. These partners 

process your data on our behalf under strict data protection agreements:

 

- Flodesk (Email Management): Stores and sends your emails, manages your 

  preferences, and tracks email engagement (opens, clicks). 

  Privacy Policy: www.flodesk.com/privacy

 

- Stripe (Payment Processing): Processes all payment transactions securely. 

  Your credit card information is never stored on our servers. 

  Privacy Policy: stripe.com/privacy

 

- Google Analytics (Website Analytics): Tracks how visitors interact with our 

  website to help us improve user experience. 

  Privacy Policy: policies.google.com/privacy

 

Each of these services has signed a Data Processing Agreement (DPA) with us, 

meaning they've committed to protecting your data and only using it for the 

purposes we specify. We encourage you to review their individual privacy policies.

 

We never share your data with these providers for their own marketing purposes. 

They only access the data necessary to provide their specific service.

 

DATA RETENTION

We retain your personal information only as long as necessary to provide our services and fulfill the purposes outlined in this policy. 

 

Email Subscribers 

 

We retain your email address and preferences as long as your subscription is active. Once you unsubscribe, we delete your email address within 30 days. You may remain in our CRM for up to 12 months with a "suppressed" status to prevent accidental re-signup, after which all records are permanently deleted. 

 

Purchase Customers 

 

We retain your name, email, mailing address, and order history for 7 years to comply with tax and legal requirements. Payment information (credit card details) is never stored by us—Stripe handles and retains this according to their own policies, typically for dispute resolution. 

 

Website Analytics 

 

Google Analytics data is retained for 26 months by default, after which it's automatically deleted. 

 

IP Addresses & Browser Data 

 

We retain visitor IP addresses as stored by our hosting provider Wix. For specific retention details, please refer to Wix's Privacy Policy at www.wix.com/about/privacy

 

Deletion Requests

 

If you request deletion of your data, we will remove it within 30 days, except where we're legally required to retain it for tax, legal, or fraud prevention purposes. We'll inform you of any exceptions when we respond.

 

EMAIL CONSENT AND MARKETING COMMUNICATIONS

 

When You Sign Up: By subscribing to our emails or opting into a free resource, 

you're consenting to receive occasional updates, offerings, and soulful 

reflections from Barefoot Soul Society.

 

Email Frequency: We typically send 1-2 emails per week, but this may vary 

during promotions, product launches, or seasonal events. You'll always know 

what to expect.

 

Personalized Content: If you've shared your interests (e.g., by clicking on 

certain content or completing a form), we may personalize emails to match those 

interests. This is always based on your consent—you can update your preferences 

anytime by clicking [Manage Preferences] in any email.

 

Unsubscribing: You can unsubscribe from any email by clicking the unsubscribe 

link at the bottom, or by updating your preferences in your account. We'll 

honor your request within 24 hours. 

 

Note: If you unsubscribe from marketing emails, you may still receive 

transactional emails (e.g., order confirmations, password resets) as long as 

you have an active account with us.

 

Legal Compliance: We comply with the CAN-SPAM Act (US) and GDPR (EU) requirements 

for marketing emails.

 

COOKIES & ANALYTICS

 

What Are Cookies?

 

Cookies are small text files stored on your device when you visit our website. 

They help us remember your preferences and track how you interact with our site.

 

Types of Cookies We Use:

 

- Essential Cookies: These are necessary for our website to function (e.g., 

  security, navigation). These are always active and don't require consent.

 

- Analytics Cookies: We use Google Analytics to understand how visitors use 

  our site—which pages are popular, where visitors come from, how long they stay. 

  This helps us improve user experience. You can opt out of Google Analytics 

  tracking here: https://tools.google.com/dlpage/gaoptout

 

- Marketing & Preference Cookies: We may use cookies to remember your 

  preferences or track how you engage with our content and emails (e.g., which 

  links you click). These are non-essential.

 

Your Cookie Choices:

 

By visiting our website, you consent to essential cookies. For non-essential 

cookies, you can:

 

- Manage cookie preferences by clicking [Cookie Preferences] on any page

- Disable all cookies in your browser settings (note: this may affect site 

  functionality)

- Opt out of Google Analytics: https://tools.google.com/dlpage/gaoptout

- Use browser extensions like Ghostery or uBlock to block tracking

- Enable Do Not Track (DNT) in your browser settings—we respect this signal 

  and will not track you if DNT is enabled

 

SECURITY MEASURES

 

We take data security seriously and use industry-standard protections:

 

- Encryption in Transit: All data transmitted between your browser and our 

  servers is encrypted using SSL/TLS (Secure Sockets Layer/Transport Layer 

  Security). You'll see a padlock icon in your browser's address bar.

 

- Encryption at Rest: Sensitive data stored on our servers is encrypted using 

  AES-256 encryption.

 

- Access Controls: Only authorized team members with a legitimate business need 

  can access your personal data. All access is logged and monitored.

 

- Regular Backups: We maintain secure backups of our systems to prevent data 

  loss due to hardware failure or natural disasters.

 

- Third-Party Security: Our service providers (Flodesk, Stripe, Google) 

  maintain SOC 2 Type II, ISO 27001, or similar security certifications.

 

- No Guarantee: While we implement reasonable safeguards, no security system is 

  100% impenetrable. We cannot guarantee absolute security of your data.

 

Data Breach Notification:

 

If we discover a security breach that compromises your personal information, 

we will notify affected users via email within 30 days (or as required by law) 

and describe: (1) what happened, (2) what data was involved, and (3) what steps 

we're taking to prevent future breaches and protect your information.

 

CHILDREN'S PRIVACY

 

Our website and products are not intended for children under the age of 13. 

We do not knowingly collect personal information from children under 13. If we 

learn that we've collected information from a child under 13 without parental 

consent, we will immediately delete it and notify the parent/guardian.

 

If you believe a child under 13 has provided us with information, please 

contact us immediately at nikib@barefootsoulsociety.com.

 

INTERNATIONAL DATA TRANSFERS

 

Our servers and service providers are located in the United States. If you're 

accessing our site from outside the US, your data will be transferred to, stored 

in, and processed in the United States. By using our site, you consent to this 

transfer. 

 

The US does not have the same data protection laws as the European Union, but 

we use contractual safeguards (Standard Contractual Clauses) with our service 

providers to protect your data and ensure it's treated with the same level of 

care as it would be in your home country.

 

 

LEGAL BASIS FOR PROCESSING (GDPR Compliance)

 

We process your personal data based on the following legal grounds:

 

- Consent: When you sign up for our email list or download a free resource, 

  you're consenting to receive communications from us. You can withdraw this 

  consent anytime by unsubscribing.

 

- Contractual Necessity: When you purchase a product, we need your information 

  to fulfill your order and provide customer service.

 

- Legitimate Business Interests: We use analytics and engagement data to improve 

  our website and offerings, understand what content resonates, and prevent fraud.

 

- Legal Obligation: We retain purchase records to comply with tax and financial 

  regulations.

 

DATA SUBJECT RIGHTS (EU/UK Residents)

 

If you're located in the European Union or United Kingdom, you have the right to:

 

- Access your data – Request a copy of what we have on file

- Correct your data – Update inaccurate information

- Delete your data – Request we erase your information (subject to legal 

  retention requirements)

- Restrict processing – Ask us to limit how we use your data

- Data portability – Request your data in a machine-readable format to 

  transfer elsewhere

- Object to processing – Opt-out of certain types of data use

- Withdraw consent – Unsubscribe from communications anytime

 

To exercise any of these rights, contact us at nikib@barefootsoulsociety.com

We'll verify your identity and respond within 30 days (or 45 days if the 

request is complex).

 

COOKIE CONSENT (GDPR)

 

Our website uses cookies and analytics tools. In the EU/UK, we require your 

explicit consent before setting non-essential cookies. By continuing to browse 

our site after seeing this privacy policy, you consent to essential cookies only. 

 

You can manage your cookie preferences by clicking [Cookie Settings] at the 

bottom of the page, or disable cookies entirely in your browser settings.

 

CALIFORNIA CONSUMER PRIVACY ACT (CCPA) NOTICE

 

If you're a California resident, you have additional rights:

 

California Consumers Can:

 

- Know what personal information we collect, use, and share

- Delete personal information collected from you (with some exceptions)

- Opt-out of the "sale" or "sharing" of personal information

- Non-discrimination: We won't discriminate against you for exercising your 

  rights (e.g., we won't charge you more or provide worse service)

 

Categories of Personal Information We Collect:

 

- Identifiers: name, email, IP address, cookie IDs

- Commercial Information: purchase history, payment information

- Internet Activity: browsing history, clicks on links, pages visited

- Preferences: content interests, email preferences

- Location Data: city/state inferred from IP address

 

How We Use Your Information:

 

We use the data above to: deliver services, communicate with you, improve our 

website, personalize your experience, prevent fraud, comply with legal obligations.

 

Sale & Sharing of Personal Information:

 

We do NOT sell your personal information. We also do NOT "share" your information 

(in the CCPA sense) with third parties for cross-context behavioral advertising.

 

To Submit a CCPA Request:

 

Contact us at nikib@barefootsoulsociety.com with "CCPA Request" in the subject 

line. Please specify whether you're requesting access, deletion, or opt-out. 

We'll verify your identity and respond within 45 days. We won't charge a fee 

for reasonable requests.

 

SUBMITTING DATA REQUESTS

 

To access, update, or delete your personal data, please contact us at 

nikib@barefootsoulsociety.com with the subject line "Data Request" and include:

 

1. Your name and email address

2. The type of request: Access, Update, Deletion, or Portability

3. Any relevant details (e.g., which products you purchased, which emails you're 

   subscribed to)

 

Our Process:

 

- Identity Verification: We'll verify your identity within 3-5 business days

- Fulfillment: We'll fulfill your request within 30 days (or 45 days if the 

  request is complex)

- Data Format: Data access will be provided in a commonly used format (CSV, PDF, 

  or JSON)

- Deletion Confirmation: We'll confirm deletion once complete

 

Important Notes on Deletion:

 

We may retain certain information if required by law (e.g., tax records for 7 

years, fraud prevention records). We'll inform you of any exceptions when we 

respond to your deletion request.

 

Fees:

We won't charge a fee for reasonable requests. We may charge a reasonable fee 

for excessive or duplicative requests (e.g., multiple requests within a short 

time period).

 

Changes to This Policy

We may update this Privacy Policy from time to time. If we make any significant changes, we’ll notify you by email or update the date at the top of this page.

 

Contact

If you have any questions or concerns about this policy, please reach out:

Barefoot Soul Society
Email: nikib@barefootsoulsociety.com
Mailing address: Barefoot Soul Society, P.O. Box 1143 Oakhurst, NJ 07755.

bottom of page