Legal

Privacy Policy

How we handle your information

Last Updated: January 2026

Information We Collect

We collect different types of information depending on how you interact with us:

Contact & Enrollment Information

When you submit an inquiry, enroll in a service, or join a waitlist, we collect:

  • First and last name
  • Email address and phone number
  • Mailing address
  • Date of birth
  • Referral source
  • Emergency contact name, phone, and relationship
  • Area of interest (service type)

Health & Wellness Information

As part of our intake process before your first session, we collect health-related information to support your care, including:

  • Prior Reiki experience
  • Whether you are under the care of a healthcare professional
  • Current medications
  • Medical or mental health conditions relevant to your session
  • Personal goals and intentions for your sessions
  • Session interests

This information is treated as sensitive personal data and is used solely to provide safe, informed energy healing services. Devi Reiki™ is a complementary energy healing practice and is not a licensed healthcare service; therefore, this data is not subject to HIPAA. However, we take every reasonable precaution to protect it.

Technical Information

  • Browser type and IP address
  • Pages visited and interaction patterns

How We Use Your Information

We use the information you provide to:

  • Respond to your inquiries
  • Provide information about Devi Reiki™ services and training
  • Process payments and manage your enrollment
  • Prepare for and conduct your healing sessions safely
  • Send updates and offerings (only with your explicit opt-in consent)
  • Notify you about waitlisted training class availability
  • Improve our website and services

Cookies

This website uses only essential cookies necessary for basic functionality. We do not use tracking or analytics cookies.

Data Security

We implement appropriate security measures to protect your personal information:

  • All data is encrypted at rest (Neon PostgreSQL) and in transit (HTTPS via Vercel)
  • Access to personal data is limited to authorized administrators
  • Payment information is processed securely by Stripe and is never stored on our servers
  • Health information from intake forms is stored separately with restricted access

No method of transmission over the internet is 100% secure, but we take reasonable precautions to protect your data.

Third-Party Services

We use the following third-party services to operate our business:

  • Stripe — for secure payment processing. Stripe handles all credit card information directly and is PCI DSS compliant.
  • Mailchimp — for email communications, only when you have explicitly opted in. You can unsubscribe at any time via the link in any email.
  • Cal.com — for appointment scheduling.
  • Zoom — for conducting remote sessions.
  • Vercel — for website hosting.

We do not sell, trade, or transfer your personal information to third parties for marketing purposes. Information is shared with the services listed above only as necessary to provide our services to you.

Your Rights

You have the right to:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Withdraw consent for data processing

Contact

For questions about this Privacy Policy, please contact: Contact page