Privacy Policy

(for The Whole Self Method / Saru Gupta)

Last updated: 07/12/2025

1. Introduction

1.1. The Whole Self Method, operated by Saru Gupta (“we”, “us”, “our”), respects your right to privacy and is committed to protecting the personal information of our clients, students, and website visitors.

1.2. This Privacy Policy outlines how we collect, use, disclose, store, and protect your personal information when you visit www.thewholeselfmethod.com, www.sarugupta.com or use our coaching, digital programs, events, or related services (“Services”).

1.3. We comply with:

  • The Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth)
  • EU General Data Protection Regulation (GDPR)
  • UAE data protection principles under the Federal Decree-Law No. 45 of 2021
  • India’s Digital Personal Data Protection Act (DPDP Act), 2023
  • Applicable international privacy laws

1.4. “Personal Information” means information that identifies you directly or indirectly, including name, email, address, phone number, payment details, IP address, or any other information you voluntarily provide.

1.5. You may contact us for any privacy-related enquiries at hello@sarugupta.com.

2. Types of Personal Information We Collect

We may collect the following categories of information:

2.1. Basic Identifying Information
Your name, email address, postal address, phone number, and demographic details.

2.2. Client & Coaching Data
Information shared during coaching sessions, assessments, worksheets, program participation, or community forums (private or group).

2.3. Billing & Financial Information
Payment details (processed securely through third-party processors such as Stripe, PayPal, etc.).
We do not store full credit card numbers.

2.4. Technical & Usage Data
IP address, browser type, device identifiers, session duration, pages viewed, and referring website.

2.5. Marketing & Communications Preferences
Email preferences, survey responses, feedback, testimonials, and engagement with newsletters or ads.

2.6. Special Categories of Personal Data (GDPR)
We do not intentionally collect sensitive information unless voluntarily provided with explicit consent (e.g., wellbeing reflections during coaching).
You should not provide such information unless necessary for the service and consent is clearly given.

3. How We Collect Personal Information

We collect information when:

3.1. You interact with our website or social media pages.
3.2. You register for courses, coaching programs, newsletters, or webinars.
3.3. You purchase a product or service.
3.4. You submit forms, surveys, testimonials, or feedback.
3.5. You communicate with us via email, messaging apps, or customer support.
3.6. We receive information from third-party partners (e.g., payment gateways, booking systems).

Providing your personal information constitutes consent to collect and use it under this Privacy Policy.

4. How We Use Your Personal Information

We may use your information to:

4.1. Deliver coaching, programs, courses, events, and customer support.
4.2. Process payments and manage your account or enrolment.
4.3. Send updates, resources, service announcements, and administrative messages.
4.4. Improve our website, services, and user experience.
4.5. Personalise your learning journey and recommend relevant offerings.
4.6. Send marketing communications (you may opt out at any time).
4.7. Protect our legal rights, enforce policies, or comply with legal obligations.

5. Disclosure of Personal Information

We may disclose information to:

5.1. Employees, contractors, coaches, or consultants who assist in service delivery.
5.2. Technology providers, payment processors, hosting providers, CRM platforms, and marketing tools.
5.3. Legal authorities when required by law (court orders, regulatory compliance, fraud prevention).
5.4. Third parties in the event of a business sale, merger, restructure, or transfer (subject to confidentiality).

We do not sell personal data to third parties.

Cross-border transfers may occur to service providers in Australia, the UAE, India, the EU, the US, and other jurisdictions. We ensure appropriate safeguards such as Standard Contractual Clauses (GDPR), adequacy mechanisms, or contractual protections.

6. International Jurisdiction-Specific Compliance

6.1 Australia (APPs)

We comply with all obligations under the Privacy Act 1988, including transparency, data accuracy, access rights, and secure handling.

6.2 European Union (GDPR)

We act as both Controller and Processor, depending on the context.
You have the following rights:

  • Access, correction, deletion (“right to be forgotten”)
  • Data portability
  • Restriction or objection to processing
  • Withdrawal of consent
  • Complaint to your local EU Data Protection Authority

6.3 UAE PDPL

We collect and process data lawfully, fairly, securely, and only for legitimate purposes.

6.4 India DPDP Act 2023

We ensure lawful, transparent processing and provide notice and consent mechanisms for Indian residents.

7. Data Storage, Security & Retention

7.1. We implement physical, electronic, and managerial safeguards to protect your data from misuse, unauthorised access, alteration, disclosure, or loss.

7.2. We only retain personal information for as long as needed to fulfil the purpose for which it was collected, or to comply with legal, tax, or contractual obligations.

7.3. While we take robust precautions, no method of transmission over the internet is 100% secure. You provide information at your own risk.

8. Data Processors & Third-Party Services

Where we use external providers (e.g., Kajabi, Zoom, Stripe, Google, Meta), we require them to uphold privacy standards consistent with GDPR and APPs.

We are not responsible for the privacy policies of third-party websites linked or referenced on our platform.

9. Cookies & Tracking Technologies

9.1. We use cookies to improve website performance, personalise content, analyse traffic, and support marketing campaigns.

9.2. You may disable cookies in your browser, however doing so may affect website functionality.

9.3. We may use third-party analytics (e.g., Google Analytics), pixels (e.g., Meta Pixel), or retargeting tools.

10. Access, Correction & Deletion Requests

You may request:

  • A copy of your personal information
  • Correction of inaccurate information
  • Deletion of data (subject to legal exceptions)
  • Restriction of processing
  • Withdrawal of consent

Requests must be emailed to hello@sarugupta.com. Identity verification may be required.

11. Children’s Privacy

We do not knowingly collect data from individuals under 16 years without parental consent.
If such data is discovered, it will be deleted promptly.

12. Complaints or Concerns

If you believe your privacy has been breached, contact us at:
📧 hello@sarugupta.com

We will respond promptly and in accordance with the relevant laws.
EU residents may also contact their Data Protection Authority.

13. Changes to This Policy

We may update this Privacy Policy periodically. Updates take effect immediately upon posting on our website. Please review this page regularly.

14. Direct Marketing Communications

14.1. By subscribing or providing your details, you consent to receive marketing and educational communications via email, SMS, or social platforms in compliance with the Spam Act 2003 (Australia) and applicable international laws.

14.2. You may opt out at any time by clicking “unsubscribe” or emailing hello@sarugupta.com.