top of page

Privacy & Protection Policy

This policy explains howwe collect, use, and protect your data in compliance with the Australian Privacy Act 1988, Australian Consumer Law, and the EU General Data ProtectionRegulation (GDPR).

Information We Collect

What We Collect:

​

When you register for our retreat, we collect:

​

Essential Information (Required):

​

  • Name, email, phone number, and address

  • Medical and mental health information (for safety screening)

  • Emergency contact details

  • Dietary requirements and allergies

  • Payment and billing information

  • Travel insurance details

​

Optional Information (With Your Consent):

​

  • Photos and testimonials for marketing

  • Feedback and reviews

  • Communication preferences

​

Why We Collect It:


For Your Safety: Medical screening ensures psilocybin ceremonies are appropriate for you
To Deliver the Retreat: Planning meals, accommodations, activities, and support sessions
For Legal Compliance: Payment processing, tax records, and health regulations
To Stay Connected: Retreat updates, preparation materials, and integration support

​

​

How We Use Your Information


We use your information to:

​

  • Assess your eligibility and safety for retreat participation

  •  Provide retreat services (accommodation, meals, sessions, support)

  • Process payments and manage bookings

  • Communicate important retreat information

  •  Respond to emergencies during the retreat

  • Improve our services through anonymized feedback

​

We will NEVER:

​

  • Sell your data to third parties

  • Share your medical information without consent

  • Use your email for unrelated marketing

  •  Post photos of you without explicit permission

​​

​

Who Has Access to Your Data


Your information is only shared with:


Essential Service Providers: Changes Psychology

  • Our trusted billing and administration partner

  • Our Clinical Team

  • Qualified psychologists who review medical screenings

  • Retreat Facilitators

  • Dr. Aileen Alegado and supporting facilitators (for safety and support)

 

Legal Requirements:

​

  • Medical records may be shared with emergency services if needed during the retreat

  • Tax and financial records shared with Australian authorities as required by law

​

With Your Permission:

  • Marketing materials (only if you opt-in)

  • Testimonials and reviews (with explicit consent)

​

All third-party service providers are bound by confidentiality agreements and comply with data protection laws.

​​

​

Your Rights & Control
 

You have complete control over your personal information:
Your Rights Include:


Right to Access
Request a copy of all data we hold about you

Right to Correction
Update or correct any inaccurate information

Right to Deletion
Request deletion of your data (subject to legal retention requirements)


Right to Opt-Out
Unsubscribe from marketing emails anytime
Right to Data Portability
Receive your data in a portable format

Right to Withdraw Consent
Change your mind about optional data uses (photos, marketing, etc.)

​​

​

Data Security

​

We take security seriously:

  • Secure Storage: All digital data stored in encrypted, password-protected systems 

  • Limited Access: Only authorized team members can access participant data 

  • Third-Party Security: Payment processors (Stripe, PayPal) use bank-level encryption 

  • Secure Communication: Sensitive information sent via encrypted email only

  • Physical Security: Paper documents stored in locked, secure locations

 

In Case of a Data Breach: We will notify you immediately and report to relevant authorities within 72 hours as required by GDPR.

​

How Long We Keep Your Data

​

We only keep data as long as necessary:

​​

​

​

table .png

After these periods, data is securely deleted or anonymized.

International Data Transfers

Your Data Travels Safely:

​

Australia: Data stored on secure Australian servers (primary storage)

Portugal: Limited data brought to retreat location during the event (printed forms, emergency contacts)

EU Compliance: All Portugal-based processing complies with GDPRCloud Services: We use trusted providers (Google, Dropbox) with global data protection standards

 

Your data is protected by the same high standards regardless of location

​

Cookies & Website Tracking

 

Our Website:

 

  • We use minimal cookies to:

  • Remember your preferences

  • Analyze website traffic (via Google Analytics - anonymized) Improve user experience

​

You can control cookies through your browser settings. Our website functions without cookies, though some features may be limited. We do NOT use tracking for advertising purposes.

​

 

Photography & Social Media

 

Your Image, Your Choice:

We love sharing the beauty of our retreats, but your privacy comes first.

We will NEVER post photos of you without explicit, written consent.

​

When you register, you can choose:

  • Opt-In: Happy to be featured in social media and marketing

  • Opt-Out: Keep all photos private

​

You can change your mind anytime - even after photos are taken.

​​

​

Australian Consumer Law

Your Consumer Rights:

 

Under Australian Consumer Law, you have guaranteed rights that cannot be excluded:

  • Services provided with acceptable care and skill

  •  Services fit for the purpose we describe

  • Services provided within a reasonable time

​

Nothing in our Terms & Conditions or this Privacy Policy removes your rights under Australian Consumer Law.

To make a complaint or inquire about your consumer rights: Australian Competition & Consumer Commission (ACCC): www.accc.gov.au Contact us directly: aileen@mindsetpsychology.com.au

​

 

GDPR Compliance (EU Residents)

European Data Protection:

​

As our retreat takes place in Portugal (EU), we comply fully with GDPR requirements.

Legal Basis for Processing Your Data:

​

  • Contract Performance: Data necessary to deliver retreat services

  • Consent: Optional uses like marketing and photos (you can withdraw anytime)

  • Legal Obligation: Health records and financial reporting

  • Legitimate Interest: Improving our services and ensuring safety

​

Your GDPR Rights: All rights listed in "Your Rights & Control" section above apply under GDPR.

 

EU Representative: For GDPR inquiries, contact: aileen@mindsetpsychology.com.au Supervisory Authority (Portugal): Comissão Nacional de Proteção de Dados (CNPD) Website: www.cnpd.pt

​

​

Your Trust is Our Priority

Thank you for trusting Envision Wellness Retreat with your personal information and your transformational journey. We're committed to protecting your privacy every step of the way.

bottom of page