Become a partner

Privacy Policy


This Privacy Policy informs you about the personal data that is collected, why we collect it and how we process it when you visit our website or use our smart phone and tablet application (collectively “application”).

 

Our commitment to data protection

The Well-Being Collective takes the protection of your personal data seriously. We treat your personal data confidentially.
Trust is one of the foundations of the The Well-Being Collective application and includes trusting us to do the right thing with your information. Three main values guide us as we develop our products and services. These values should help you better understand how we treat your information and privacy.

  • Your information belongs to you. We carefully analyse what types of information we need to provide our services, and we try to limit the information we collect to only what we really need. Where possible, we delete or anonymise this information when we no longer need it. When building and improving our products, our engineers work closely with our privacy and security teams to build with privacy in mind. In all of this work, our guiding principle is that your information belongs to you, and we aim to only use your information to your benefit.
  • We protect your information from others. If a third party requests your personal information, we will refuse to share any information which is not required. When we are legally required to share your personal information, we will tell you in advance, unless we are legally forbidden.
  • We help suppliers and partners meet their privacy obligations. Many of the suppliers and partners using The Well-Being Collective do not have the benefit of a dedicated privacy team, and it is important to us to help them meet their privacy obligations. To do this, we try to build our products and services so they can easily be used in a privacy-friendly way.

The following company is responsible for data processing on our website:

The Well-Being Collective,

Ikigai Riverside, Merchant Square,Riverside Drive, Nairobi

www.wellbeingcollective.net

hello@wellbeingcollective.net

 

1. What personal data do we collect?

We collect and process personal data in the following situations: When you visit our website, use our contact form or the application, purchase a subscription or other services from us. Further data, which is recorded in server log files when you visit our website and which your internet browser automatically transmits to us, is recorded on an anonymous basis. This data includes the user agent (browser type and version, operating system used), http header information (referrer URL, IP address of the accessing computer), the time of the server request and the login status. These server log files are merged with other data sources for error analysis only.

 

2. How and when do we collect your personal data?

We collect personal data that you communicate to us directly. This is personal data that you enter in a contact form or general personal data that you provide in the course of a registration process on our application and the photo that you upload when you register. If you purchase a subscription, use the application or use other services from us, additional personal data may be collected and processed, i.e. customer data (initial date of subscription, customer account, etc.) and information on the use of our services.

We might also receive personal information from third parties. This specifically involves data related to your use of the facilities of our sports partners (e.g. access times to sports facilities, etc.). This data will be treated with the same care and level of security as any other personal data.

Further data is automatically collected by our IT systems on an anonymous basis when you visit our website. This data is mainly of a technical nature (e.g. Internet browser, operating system or time of page request) as well as data on the pages, products and services on our website that you view. This data is collected automatically as soon as you access our website. The data collected also includes personal data with which you can be personally identified, such as your IP address.

 

3. For what purpose do we collect and process your personal data?

We collect and process your personal data in order to carry out and process our contractual relationship with you and to enforce our claims.

Within the framework of our contractual relationship, we collect and process this personal data principally for the analysis of your user behaviour. Such analyses serve to settle accounts with our sports partners and to optimise the application, which includes the automatic display of offers that may be of interest to you. We collect, process and use the personal data that is collected when you use the application (e.g. data on use, such as sports facilities, frequency of visits, type of sport) only if you agreed to data processing in the course of the registration process
on our application. Among other things, data processing helps us to better tailor the contents of our application to your needs and preferences, improve product search functions for you or display advertisements or offers that might be of interest to you. The personal data collected will be deleted if you revoke your consent; statutory retention periods remain reserved.

If you have registered with us, we will also process your personal data for marketing purposes, for example to send you emails with general information or with references to certain offers and events. You can unsubscribe from these emails at any time.

We use your personal data to ensure the correct performance of the contract. This includes processing to detect false or misleading information and to prevent the use of our services in breach of the law or the contract. For this purpose, we also collect data on the use of our services with the help of cookies. We process this information in order to check for evidence of abuse.

If you have not registered on our application, we collect, process and use data about the use of our website only in anonymous form. In this case, the functions named above will be severely restricted, i.e. the possible adaptations of our website, the search functions or the advertisements and offers displayed will not be tailored to your needs and interests to the same extent.

Some personal data is collected to ensure an error-free provision of our application.

Registration on our Application

You can register on our application to use additional functions. The mandatory information requested during registration must be provided in full, otherwise we will refuse registration. We use the personal data collected to provide the offers or services for which you have registered. In addition, we use your email address to inform you of important changes, such as to the scope of the offer, or of technical modifications that are necessary.

The personal data collected during registration is stored for as long as you are registered on our application. It will then be deleted; statutory retention periods remain reserved.

Use of the Contact Form

If you send us inquiries via the contact form, your details on the inquiry form including the contact data you provided in that form will be stored by us for the purpose of processing the inquiry and for any follow-up questions. We do not pass on this personal data without your consent.

The personal data you enter in the contact form will remain with us until you request us to delete it or until the purpose for which the data was stored no longer applies (e.g. after your request has been processed). Statutory retention periods remain reserved.

 

4. On what legal basis do we collect and process your personal data?

The legal basis for the collection and processing of your personal data is above all the contractual relationship you enter into with us when you use our services. Upon entering into a contract with us you give your consent to this Privacy Policy.

Your consent at the time of collecting your personal data also serves as a basis. You may revoke your consent at any time. It suffices if you send us an informal notification by email for this purpose. The legality of the data processing that has already taken place remains unaffected by the revocation.

In addition, we collect and process your personal data to protect our legitimate interests, such as to operate our application properly, update the technologies used, improve our services and enforce our claims, etc. In this context, we naturally ensure that your interests are not unduly adversely affected.

 

5. To whom do we pass on your personal data?

Within the framework of your subscription we may pass on your personal data to The Well-Being Collective suppliers. They may also process and use your personal data in their own interests for the purposes stated in this Privacy Policy.

We may also disclose your personal data to our external contractual partners if this is necessary for the performance of the contract (e.g. to pay admission fees) or if they process the personal data on our behalf, for example because we use their services. Such external contractual partners are contractually obliged to process your personal data exclusively on our behalf and in accordance with our instructions. These contractual partners also undertake to ensure the security of your personal data by taking suitable technical and organisational measures.

If our external contractual partners are located abroad, your personal data might be transferred to other countries. However, this presupposes that data protection in the country concerned is comparable with Kenyan law or that appropriate precautions have been taken.

We may disclose your personal data when necessary to comply with applicable laws, in connection with legal proceedings, at the request of government authorities, to comply with our legal obligations or to enforce and protect our rights.

 

6. How long do we store your personal data?

We store your personal data for as long as necessary or useful for the purposes for which it was collected, but for no longer than we are permitted to do so by law. We delete your personal data as soon as it is no longer required, however, at the latest after the expiry of the statutory retention period.

 

7. How do we protect your personal data?

We have taken suitable technical and organisational measures to prevent unauthorised or unlawful access to your personal data. It is important that you are aware that the transmission of data via the internet or other electronic media poses certain security risks and that complete data security cannot be guaranteed even when communicating by email. We cannot therefore guarantee the security of data transmitted to us through these media.

For security reasons and to protect the transmission of confidential information (e.g. registration), our website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://”, and by the lock symbol in your browser line. Payment transactions via the usual means of payment (e.g. Visa/MasterCard, etc.) are carried out exclusively via an encrypted SSL or TLS connection.

 

8. What rights do you have?

Revocation of your consent to data processing

Certain data processing operations are permitted only with your consent. You may at any time revoke any consent you have already given. It suffices if you send an informal notification to us by email for this purpose. The data processed until revocation remains unaffected by the revocation.

Information, blocking, deletion

Within the scope of applicable legal provisions, you have the right at any time to obtain information free of charge on the personal data stored on you, its origin and recipients, the purpose of data processing and, if applicable, a right to correction, blocking or deletion of your personal data. Please feel free to contact us at any time at the address given at the outset if you have any questions about this or about data protection.

Complaint to the supervisory authority

In the event of a breach of data protection, you have the right to appeal to the Kenyan Data Protection Commissioner.

Updating this Privacy Policy

We may update, supplement or amend this Privacy Policy at any time without notice.

 

9. How do we use cookies?

Cookies are used on our website. These are small text files that are placed on your computer and stored by your browser. Cookies serve to make our services more user-friendly, effective and secure and do not cause any damage to your device.

Most of the cookies we use are referred to as “session cookies”. They are automatically deleted at the end of your visit to our website. Other cookies remain stored on your device unless you delete them. These cookies enable us to recognise your browser the next time you visit us.

You can set your browser so that you are informed whenever cookies are placed on your computer and only allow cookies on a case-by-case basis, accept cookies in certain cases or generally reject them and activate the automatic deletion of cookies when the browser is closed. However, if cookies are deactivated, the functions of our website might be restricted.

 

10. How do we use social media plugins?

Social media plugins are recommendation buttons for the social networks of Facebook, X, Instagram and Google+. These are provided by the operators of these social networks. By placing the plugins on our website, these social network operators can obtain information about your visit to our website. If you are logged into one of these social networks when you visit our website, the social network operator can assign this visit to your user account. If you do not wish this to occur, you should log out of the social networks before visiting our website. If you click on these recommendation buttons, this information will be forwarded to the social network concerned and stored there. Information about the collection and processing of data by social networks and how you protect your privacy can be found on the relevant social network websites:
Facebook: https://facebook.com/policy.php
X: https://x.com/en/privacy
Youtube: https: //www.google.com/policies/privacy
Instagram: https: //instagram.com/about/legal/privacy/
LinkedIn: https: //www.linkedin.com/legal/privacy-policy

 

11. How do we use website analysis services?

Google Analytics

Our website uses functions of the Google Analytics web analysis service. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Google Analytics uses “cookies”. These are text files that are stored on your computer and allow an analysis of the use of our website. Google evaluates the use of our website to compile reports on website activities and to provide The Well-Being Collective with other services relating to website use and use of the Internet. Our primary purpose is to optimise our website to provide you with an
enhanced online experience on our website. The IP address transmitted by your browser within the framework of Google Analytics is not combined with other data of Google.

The information generated by the cookie about your use of our website will usually be transmitted to and stored by a Google server in the USA. Google complies with the data protection provisions agreement and has registered with the U.S. Department of Commerce.

Our website has activated the IP anonymisation function. This will cause your IP address to be shortened by Google before it is transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

You may refuse the storage of cookies by entering an appropriate setting in your browser software, however we wish to point out that by doing so you may not be able to use all the functions of this website. You can also prevent Google from collecting and processing your personal data by downloading and installing the browser plugin available from the following link:
https://tools.google.com/dlpage/gaoptout?hl.

In this case, an opt-out cookie will be set to prevent the collection of your personal data when you visit this website in future.

Our website uses the “demographic functions” function of Google Analytics. This allows reports to be created that contain information on the age, gender andinterests of website visitors. This data is generated from interest-related Google advertising and from third-party visitor data. This data cannot be assigned to a specific person. You can deactivate this function at any time using the advertisement preferences in your Google account or generally prohibit the collection of your data
by Google Analytics.
For more information, please see Google’s privacy policy at
https://support.google.com/analytics/answer/6004245?hl.

Google Analytics Remarketing

Our website uses Google Analytics Remarketing functions in connection with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This function allows you to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. This enables interest-related, personalised advertising messages that have been tailored to you personally based on your previous usage and surfing behaviour on one terminal (e.g. mobile phone) to be displayed on another of your terminals (e.g. tablet or PC).

Provided you have given Google your consent to do so, Google will link your web and app browser history to your Google account for this purpose. In this way, the same personalised advertising messages can be displayed on any terminal device you sign in to with your Google account.

To support this function, Google Analytics collects Google-authenticated user IDs that are temporarily linked to our Google Analytics data to define and create target groups for cross-device advertising.

You can permanently opt out of cross-device remarketing by deactivating personalised advertising in your Google account at
https://www.google.com/settings/ads/onweb/.

For more information, please see Google’s privacy policy at
https://www.google.com/policies/technologies/ads/.

Google AdWords and Google Conversion Tracking

Our website uses the online advertising program Google AdWords. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

We use what is known as conversion tracking within the framework of Google AdWords. When you click on an advertisement placed by Google, a conversion tracking cookie is set. Cookies are small text files that the Internet browser stores on your computer. These cookies lose their validity after 30 days at the latest and do not serve to identify you. If you visit our website and the cookie has not yet expired, Google and we can see that you clicked on the advertisement and were directed to that page.

Google informs us of the total number of users who clicked on our advertisement and were directed to our website with a conversion tracking tag. However, we do not receive any information that will allow us to personally identify them.

You may prevent the storage of cookies by entering an appropriate setting in your browser software, however we wish to point out that by doing so, you may not be able to use all the functions of this website. You can also prevent tracking by deactivating the Google Conversion Tracking cookie in your Internet browser under user preferences.

For more information, please see Google’s privacy policy at https://www.google.com/policies/privacy/.

Visitor action pixel

Our website uses the visitor action pixel of Facebook. The provider is Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA.

The Facebook pixel can be used to track the behaviour of website visitors after they have been redirected to our website by clicking on a Facebook advertisement. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimised.

The collected data is anonymous for The Well-Being Collective, we cannot draw any conclusions about your identity. However, the data is stored and processed by Facebook so that it can be linked to the respective user profile and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data

Usage Guidelines. This enables Facebook to place advertisements on Facebook pages and outside Facebook. The Well-Being Collective cannot influence this use of the data.

You can permanently object to remarketing by deactivating the remarketing function “Custom Audiences” in the settings for advertisements under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook for this purpose.

For further information, please see Facebook’s privacy policy at https://www.facebook.com/about/privacy/.

 

12. Which payment services and payment methods are available?

All common means of payment can be processed via the interface of the payment provider Paystack. The provider is Paystack, The Pavilion (1st Floor), Lower Kabete Road, Westlands, Nairobi, Kenya. The payment data you enter is transmitted directly to Paystack. Credit card data is neither collected nor processed by us. We then send the information about your chargeable use to Paystack, i.e. name, member number, email, invoice amount, currency. The transfer of your data to Paystack is solely for the purpose of payment processing with the payment service provider. The terms of use of Paystack can be found at https://paystack.com/ke/terms?q=/terms.