Back to Home

Privacy Policy

Last Updated: January 18, 2025

1. Introduction

Pink Elephant ("Company", "we", or "us") is committed to protecting your privacy and complying with applicable data protection laws in all regions where we operate. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website (https://integrates.me) or use our services. We value your trust and handle all personal information with care and in accordance with the highest privacy standards.

2. Scope and Applicability

This Privacy Policy applies to all visitors, users, and others ("users" or "you") who access our website or use any Pink Elephant services, across all jurisdictions in which we operate. We conduct business in Canada, the United States, the United Kingdom, the European Union/European Economic Area (EU/EEA), Thailand, Indonesia, and Australia, among others. Our data practices are designed to comply with or exceed the requirements of all applicable privacy laws, including (where applicable) the EU and UK General Data Protection Regulation (GDPR), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), Thailand's Personal Data Protection Act (PDPA), Indonesia's Personal Data Protection Law, and Australia's Privacy Act 1988, as well as any other relevant national or state privacy regulations.

By using our website or services, you acknowledge that your personal data will be handled as described in this Policy.

3. Personal Data We Collect

Information you provide directly: We collect personal data that you choose to provide to us, for example when you: (a) subscribe to our newsletter; (b) complete an assessment; or (c) request personalized recommendations or book integration services. This information includes:

  • Contact details: Such as your name and email address.
  • Health information: Such as information you provide while completing assessments or describing your psychedelic experiences. Please note that by providing your health information accompanied by your identifiable name and email address, you provide your explicit consent on processing of such health information explicitly for the purposes for which it was originally collected, i.e., to provide you personalized recommendations or match you with suitable therapists upon your request.
  • Payment information: When you book a session or make a payment, we collect payment details as necessary to process your transaction.

When you visit our website, we do not use any cookies or similar tracking technologies to collect your personal information. In particular, we do NOT use cookies to track visitors to our website. We do not employ web beacons, pixel tags, or analytics scripts that profile your browsing. However, like most websites, our servers may automatically log certain technical data sent by your browser for operational and security purposes. This automatically collected data may include your device's IP address, browser type, operating system, referring URL, and timestamps of visits. We use this technical information only to maintain and secure our website (for example, to detect fraud or attacks, and to aggregate visitor traffic counts) and not to identify or track individual users.

As explained in the Children's Privacy section below, our website and services are not intended for individuals under 18, and we do not knowingly collect personal data from children.

4. Purposes of Processing Personal Data

We only collect and process personal data for purposes that are lawful and necessary for our business or to serve you. The specific purposes include:

  • Providing newsletters and updates: If you subscribe to our newsletter, we use your email address (and name, if provided) to send you updates about psychedelic integration, mental health resources, and relevant content.
  • Providing personalized recommendations: When you complete an assessment and provide your authentic name and identifiable email address, we use this data upon your explicit consent to provide you personalized therapist recommendations and integration support as requested by you.
  • Facilitating therapy bookings: We use your contact and payment information to schedule sessions with therapists and process payments.
  • Responding to inquiries and providing support: If you contact us with questions or requests, we will use your contact details to respond and provide customer service.
  • Business administration and operations: We may process personal data to maintain the security and integrity of our website, perform troubleshooting, and improve our services.
  • Legal compliance and protection: We process personal information when necessary to comply with legal obligations or to establish, exercise, or defend our legal rights.

5. Legal Bases for Processing

We process your personal data only when we have a valid legal basis to do so under applicable data protection laws. Depending on the context, the legal bases include:

  • Consent: We obtain your consent before sending you marketing emails or processing sensitive health data. You have the right to withdraw your consent at any time.
  • Contractual necessity: We process personal data when necessary to provide services you have requested, such as booking therapy sessions.
  • Legal obligation: We process personal data when required to comply with laws (tax, accounting, employment laws, etc.).
  • Legitimate interests: We may process personal data for our legitimate interests, such as operating and improving our website, securing our systems, and preventing fraud, provided those interests are not overridden by your data-protection rights.

6. Data Sharing and Disclosure

We do not sell your personal information to third parties. However, we may share your personal data with trusted third parties in certain situations:

  • Service providers: We share data with third-party companies that perform functions on our behalf (hosting providers, email services, payment processors, CRM software). These service providers are contractually obligated to protect your data and use it only for specified purposes.
  • Therapists: When you book a session, we share relevant information with the therapist you select to facilitate your integration support.
  • Affiliates: We may share personal data with Pink Elephant affiliated entities on a need-to-know basis for consistent purposes.
  • Business transfers: If Pink Elephant undergoes a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction.
  • Legal obligations: We may disclose personal data if required by law, to comply with legal process, or to protect rights, property, or safety.

7. International Data Transfers

Given Pink Elephant's global operations across Canada, the US, UK, EU, Thailand, Indonesia, Australia, and other countries, the personal data we collect may be transferred to and stored in multiple jurisdictions. We take steps to ensure that international transfers comply with applicable data protection laws and that your personal data receives equivalent protection.

When we transfer personal data out of the UK or EEA to countries without adequate data protection, we implement appropriate safeguards such as European Commission's Standard Contractual Clauses (SCCs) or the UK International Data Transfer Addendum.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy, and no longer than is legally permitted or necessary.

  • Newsletter data: We retain your contact information until you unsubscribe or withdraw consent. Upon unsubscribe, we will promptly remove your details from our mailing list.
  • Assessment and booking data: We retain assessment responses and booking information for the duration necessary to provide services and comply with legal obligations (typically several years for business records).
  • Technical logs: Server logs are retained only for a short duration (30-90 days) unless needed to investigate security incidents.

9. User Rights

Subject to applicable law, you have certain rights regarding your personal data. Your key rights include:

  • Right to access: Request confirmation of whether we are processing your data and request a copy.
  • Right to rectification: Request correction of inaccurate or incomplete personal data.
  • Right to erasure: Request deletion of your personal data when no longer necessary or when you withdraw consent.
  • Right to restrict processing: Request that we limit processing in certain circumstances.
  • Right to object: Object to processing based on legitimate interests, and you have an unconditional right to object to direct marketing.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to withdraw consent: Withdraw consent at any time where we rely on consent to process personal data.

To exercise any of these rights, please contact us using the details in the Contact Information section below. We will respond within the timeframe required by law (typically within 30 days).

10. Data Security

The security of your personal data is extremely important to us. We implement industry-standard technical and organizational security measures to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Encryption: We use encryption protocols to protect personal data in transit and at rest.
  • Access controls: We restrict access to personal data strictly to authorized personnel who have a business need to know.
  • Monitoring and testing: We monitor our systems for security breaches and conduct periodic security assessments.
  • Data backups: We routinely back up critical data to ensure recovery in case of technical incidents.

While we strive to protect your information, no method of transmission over the Internet is completely secure. In the event of a data breach affecting your personal data, we will notify you and relevant authorities as required by law.

11. Children's Privacy

Our website and services are not intended for children under 18 years of age. We do not knowingly solicit or collect personal data from anyone under 18. If you are under 18, please do not use or provide any information on this website.

If we learn we have inadvertently collected personal data from a child under 18, we will take immediate steps to delete such information. If you are a parent or guardian and believe we might have information from a child under 18, please contact us.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make changes, we will post the updated Privacy Policy on this page and update the "Last Updated" date at the top.

If we make significant changes, we will take additional steps to notify you, such as posting a prominent notice on our website or emailing you. Your continued use of the website or services after changes constitutes acceptance of the updated terms, to the extent permitted by law.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or about how Pink Elephant collects and processes your personal data, please do not hesitate to contact us.

You can reach our privacy team via email at privacy@pink-elephant.co. This is our dedicated contact for privacy and data protection inquiries.

We will respond to your inquiry as soon as reasonably possible, generally within 30 days or earlier if required by law. We sincerely appreciate your trust in Pink Elephant. Protecting your privacy is fundamental to our values.