Privacy Policy

Effective Date: August 11, 2025

This Privacy Policy explains how Trifecta Wellness, LLC (doing business as Lumina Mind • Body • Soul and LuminaFit) (“Trifecta Wellness,” “we,” “us,” or “our”) collects, uses, discloses, and safeguards personal information when you use our websites and services, including coachheatherowens.com, luminafit.com, related pages, courses, memberships, live streams, and in-person studio services (collectively, the “Services”).

Contact us:
Trifecta Wellness, LLC, [Business Mailing Address, City, State ZIP, USA]
Email: [[email protected]] (replace with your preferred inbox)

By using the Services, you agree to this Policy. If you do not agree, please discontinue use.

1) Information we collect

Information you provide to us

  • Account & purchase info: name, email, phone, billing address, account credentials.

  • Payment info: processed securely by payment processors (e.g., Stripe). We do not store full card numbers.

  • Profile & content: survey responses, class preferences, form entries, testimonials, community posts, challenge submissions.

  • Communications: emails, messages to support, DMs, comments, or reviews.

  • Event & studio data: reservations, attendance, signed waivers where required.

Information collected automatically

  • Device/usage data: IP address, device/browser type, pages viewed, links clicked, session time, referring/exit pages.

  • Approximate location derived from IP for analytics/fraud prevention.

  • Cookies & similar tech (see Cookies & Tracking).

Information from third parties

  • Payment & fraud tools (e.g., Stripe).

  • Platform & analytics (e.g., Kajabi, Google Analytics).

  • Advertising partners (e.g., Meta, TikTok) when you consent to marketing cookies.

  • Social networks if you interact with our widgets or log in via a social provider.

We do not intentionally collect sensitive personal information (e.g., health data, government IDs, precise geolocation). Please avoid posting sensitive data in public areas.

2) How we use information

  • Provide the Services: create/manage accounts, enroll you in courses/memberships, deliver live-stream links and studio bookings, customer support.

  • Process transactions and send receipts, confirmations, and service notices.

  • Improve & personalize: analyze usage to enhance classes, content, and user experience.

  • Communicate: send program updates, schedules, reminders, security alerts, and—with your permission—marketing.

  • Safety, security, enforcement: prevent fraud/abuse, enforce our terms, comply with legal obligations.

EU/UK legal bases (if applicable): contract performance, legitimate interests (service improvement, security), consent (marketing/analytics cookies/SMS), and legal obligations.

3) Cookies & tracking

We use cookies, pixels, and similar technologies to operate the site, remember preferences, analyze traffic, and (with consent) personalize ads.

  • Manage choices anytime via Cookie Settings in our banner/footer (powered by CookieYes).

  • Your browser may let you delete/block cookies; some features may not work without them.

Examples of tools we may use (update this list to match your stack):

  • Kajabi (site hosting/platform)

  • Stripe (payments)

  • Google Analytics 4 (analytics)

  • Meta Pixel / TikTok Pixel (advertising; only if you consent)

  • CookieYes (consent management)

4) How we share information

We do not sell personal information for money. We may share information with:

  • Service providers/Processors under contract (Kajabi, Stripe, email/SMS providers, cloud hosting, analytics).

  • Advertising partners for targeted ads only when you have consented to marketing cookies (under CPRA this may be “sharing”).

  • Professional advisors (legal, accounting) and authorities to comply with law, protect rights, safety, and security.

  • With your direction/consent, e.g., posting a testimonial you submit.

We do not use automated decision-making that produces legal or similarly significant effects.

5) Retention

We keep personal information only as long as necessary for the purposes described, including legal, tax, and accounting requirements (e.g., transaction records commonly retained 7 years). When no longer needed, we delete or de-identify data.

6) Your rights & choices

U.S. (CCPA/CPRA and similar state laws)

You may have the right to:

  • Know/Access the categories and specific pieces of personal information collected.

  • Delete personal information (subject to lawful exceptions).

  • Correct inaccurate personal information.

  • Opt-out of “sale” or “sharing” of personal information for targeted advertising.

  • Limit use/disclosure of sensitive personal information (we do not intentionally collect it).

  • Non-discrimination for exercising rights.

Exercise your rights via our “Do Not Sell or Share My Personal Information” link in the footer or email [[email protected]]. We may request information to verify your identity. Authorized agents must provide proof of authorization.

EU/UK (if applicable)

You may have the right to access, correct, delete, restrict or object to processing, data portability, and to withdraw consent at any time (without affecting prior processing). You can lodge a complaint with your local supervisory authority.

Marketing choices

  • Unsubscribe using the link in any marketing email or email us.

  • Manage cookies via the Cookie Settings link in our banner/footer.

  • For SMS, reply STOP to opt out (message/data rates may apply).

7) Children’s privacy

Our Services are not intended for children under 13 (or under 16 in the EU/UK). We do not knowingly collect data from children. If you believe a child has provided information, contact us to remove it.

8) International transfers

We are U.S.-based. If you access the Services from outside the U.S., your information may be transferred to and processed in countries with different data-protection laws. Where required, we use appropriate safeguards.

9) Third-party links & user content

Our Sites may link to third-party websites or include embedded content (e.g., video players, social widgets). Their practices are governed by their policies. Content you post in communities, comments, or public areas may be visible to others.

10) Payments, subscriptions, SMS

  • Payments are processed by third parties like Stripe; their privacy policies govern your transactions.

  • Subscriptions (virtual or in-studio) involve essential service emails or texts to deliver your membership benefits.

  • SMS (if used): you consent to receive texts; message/data rates may apply; reply STOP to opt out.

11) California “Notice at Collection”

Categories we collect: identifiers (name, email), commercial information (purchases), internet activity (usage data), geolocation (approximate), and inferences (preferences).
Sources: you; your device/browser; service providers; partners (where you consent).
Purposes: see Sections 2–4 above.
Retention: see Section 5.
Selling/Sharing: we do not sell for money; we may share identifiers & internet activity with ad partners for cross-context behavioral advertising when you consent.
Sensitive PI: not intentionally collected.
How to exercise rights: see Section 6.

12) Changes to this Policy

We may update this Policy periodically. The “Effective Date” above reflects the latest version. If changes are material, we will notify you via the Sites or email where appropriate.

 

Â