International Sophrology Federation Ltd – Privacy Policy

Last updated: April 2026

The International Sophrology Federation Ltd (“ISF”, “we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website, apply for membership, participate in events, or interact with us in any way.

We are a company registered in the United Kingdom and subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

International Sophrology Federation Ltd
Registered in the United Kingdom
Email: office@sophrologyinternational.org
Website: https://sophrologyinternational.org/

We act as the Data Controller for the personal data we collect.

2. What personal data we collect

A. Personal identifiers

We may collect:

  • Name
  • Email address
  • Phone number
  • Postal address
  • Country of practice
  • Professional details (qualifications, training, membership status)

B. Membership and practitioner data

We may collect:

  • Certification records
  • Training history
  • Membership applications and supporting documents
  • Payment and subscription information
  • Attendance at events
  • Governance, disciplinary or compliance records (where relevant)

C. Website and technical data

We may collect:

  • IP address
  • Basic device/browser information
  • Google Tag data (non-analytics unless activated)
  • Google Analytics is not currently active, but a GTAG is present.
  • Essential and non-essential cookies (see Cookie Notice)
  • Contact form submissions

D. Sensitive (special category) data

We do not routinely collect special category data.
However, we may collect audio/video recordings of meetings or events, which may incidentally capture personal data. These recordings are used for governance, training, or record-keeping and are handled with additional care.

We do not collect health, wellbeing, ethnicity, religious or spiritual belief data.

3. How we collect your data

We collect data through:

  • Website forms:
  • Gravity Forms collects only the data users enter. Form data is not automatically added to marketing lists.
  • Membership applications
  • Email enquiries
  • Event registrations
  • Payment processing (Stripe)
  • Cookies and website tags
  • Zoom meeting registrations and recordings
  • Our membership database (secure internal storage)

We do not receive data from third-party referrals.

4. How we use your data

4.1 We use your personal data for the following purposes:

  • Managing and administering memberships
  • Verifying practitioner qualifications and certification
  • Processing payments and subscriptions
  • Responding to enquiries
  • Running events, meetings, and training
  • Maintaining governance, compliance, and professional standards
  • Sending member communications and updates (via Mailchimp)
  • Improving our website and user experience
  • Maintaining accurate organisational records
  • Ensuring the integrity and safety of our professional community

We do not use your data for automated decision-making.

Publicity and Member Promotion

4.2 With your explicit consent, the International Sophrology Federation (ISF) may publicly welcome new or renewing members on our LinkedIn page. This may include your name, membership category, and country.

With your explicit consent, ISF may also share or cross‑post content you create (such as articles, videos, posts, or professional updates) on ISF’s LinkedIn page or other official communication channels. When doing so, ISF may identify you by name and as an ISF member. ISF will only share content you have already made public or have provided directly for this purpose.

You may withdraw your consent for either activity at any time by contacting us at office@sophrologyinternational.org. Withdrawal does not affect the lawfulness of processing carried out before consent was withdrawn.

5. Legal bases for processing

We rely on the following lawful bases under the UK GDPR:

  • Contract – to process membership applications and provide member services
  • Legitimate interests – to run our organisation, maintain governance, and improve services
  • Legal obligation – for financial record-keeping
  • Consent – for non-essential cookies or optional communications (where applicable)

6. Third-party services and data sharing

We only share your data with trusted service providers who help us operate our organisation. These include:

  • Website hosting & maintenance: WordPress (via WP Maintain)
  • WP Engine (hosting and server logs) — logs IP addresses for security.
  • Email marketing: Mailchimp (members only)
  • Form delivery: Brevo (website form routing)
  • Payment processing: Stripe
  • Cloud storage: Google Drive
  • Video conferencing: Zoom
  • Virtual Assistant services: (where applicable, under confidentiality agreements)

Each provider processes data on our behalf under strict data protection agreements.

We do not sell or trade your personal data.

7. International data transfers

Some of our service providers are based outside the UK/EEA (e.g., Google, Mailchimp, Stripe, Zoom).
Where this occurs, we rely on:

  • UK adequacy regulations, or
  • Standard Contractual Clauses (SCCs), or
  • Other legally recognised safeguards.

8. Data retention

We keep personal data only for as long as necessary for the purposes described above. Our current retention intentions are:

  • Membership, Certification and practitioner records: retained for 10 years to maintain professional standards
  • Email enquiries: 3 years
  • Financial/payment records: 6 years (legal requirement)
  • Event registrations: 5 years
  • Zoom recordings: 5 years (but may be longer depending on purpose)
  • Website logs/cookies: as per cookie policy

Once retention periods expire, data is securely deleted or anonymised.

9. Your rights

Under the UK GDPR, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion (in certain circumstances)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent (where consent is the legal basis)
  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, contact us at: office@sophrologyinternational.org

10. How we protect your data

We use appropriate technical and organisational measures, including:

  • Secure cloud storage
  • Access controls and password protection
  • Encrypted payment processing (via Stripe)
  • Confidentiality agreements with contractors
  • Regular review of data handling practices

11. Cookies

Our website uses essential cookies and may use non-essential cookies (analytics or performance) if activated.

  • Essential cookies include WordPress core, WP‑Membership session cookies, and Gravity Forms cookies. Non‑essential cookies may include GTAG if activated.
  • Complianz manages cookie consent and scanning.

You can manage cookie preferences through your browser or our cookie banner.

A full Cookie Notice will be provided separately.

12. Updates to this policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.