SOUNDFLOWER LLC 

PRIVACY POLICY

EFFECTIVE DATE: May 6, 2024
LAST UPDATED: AUGUST 12, 2025

This Privacy Policy describes how Soundflower LLC ("Soundflower", "SFL", "FIYOGI", "FIYOGA", "SOUNDFLOWER NATION", "SOUNDFLOWER CEREMONIES", "we," "us," or "our") collects, uses, shares, and protects your personal information when you use our website https://www.soundflower.co/ or our third-party appointment scheduler (the "Site"), book mentorship/coaching sessions, or purchase our online courses (collectively, the "Services").

By using our Services, you agree to the practices described in this Privacy Policy and our Terms of Service. This agreement is based on principles of mutual respect, transparency, and shared responsibility for maintaining a safe and beneficial environment for all participants.

I. Information Collection

When operating our Services, SFL collects information, including Personal Data about you. The types of information we collect depends on your level of engagement and how you interact with the Services. "Personal Data" means information that identifies, relates to, describes, or could reasonably be linked to a specific individual or household. We may collect the following types of Personal Data:

• Contact details (name, email, phone number)

• Account and profile data (login, preferences)

• Payment details (handled securely by third-party processors)

• Coaching session information or form responses (if you book a session)

• Course participation data (progress, quiz results, downloads)

• Marketing preferences and communication opt-ins

• Records of correspondence with us (via forms, emails, etc.)

• Technical data (IP address, browser type, usage analytics, cookies)

• Emergency contact information (collected voluntarily for participant safety)

• Wellness and health-related information shared during sessions (handled with extra confidentiality measures)

Sources of Information Collection. We collect Personal Data from a variety of sources, including:

• Web forms (e.g., sign-up, checkout, contact)

• Appointment scheduling tools

• Course platform interactions

• Email communication

• Cookies and similar tracking technologies

• Direct communication during coaching sessions or ceremonies

• Third-party platforms integrated with our services

II. Use of Personal Data

SFL uses Personal Data for a variety of purposes, as described below. We use the information we obtain about you to maintain user accounts, provide Services, facilitate usage of the Services, and complete necessary tasks to manage our business and provide our Services, including:

• Provide coaching sessions and access to online courses

• Process transactions and send confirmations

• Communicate important information (e.g., scheduling, billing, updates)

• Understand how you use our Services through analytics

• Improve and personalize your experience

• Send newsletters and promotional materials and improve the effectiveness of our marketing campaigns. You may opt out of receiving marketing communications from us at any time by following the unsubscribe instructions in the communication or by contacting us directly

• Ensure participant safety and well-being during sessions and ceremonies

• Maintain appropriate boundaries and professional standards

• Respond to emergency situations or wellness concerns

We do not sell your personal data or share it with third parties for advertising unless explicitly stated and consented to.

Promotions. From time to time, SFL may offer sweepstakes, contests, or other promotions (collectively, "Promotions"). If you choose to participate, we may collect and use your Personal Data in connection with your entry and participation, including to:

• Administer and manage the Promotion (e.g., eligibility verification, winner selection, prize fulfillment)

• Contact you regarding the Promotion or related opportunities

• Comply with legal and regulatory requirements (e.g., tax or reporting obligations)

• Promote our Services or those of our partners, where permitted by law or with your consent

We may share your Personal Data with third parties that help us run Promotions, such as co-sponsors, prize providers, advertising agencies, or legal and fulfillment partners. Additional terms or rules may apply to each Promotion, and those terms may include additional information about how your Personal Data will be used. We encourage you to read those terms carefully before participating.

De-identified Data. We may use de-identified or aggregated data for research, analysis, or business purposes. This Privacy Policy is not intended to apply to such data. We do not attempt to re-identify de-identified data except as permitted or required by law.

III. Disclosure of Personal Data

We may disclose your information in the following circumstances to the below referenced parties. We disclose Personal Data:

When You Consent. SFL will not disclose your Personal Data to others without your consent, except as specified in this Privacy Notice.

To Our Service Providers and Vendors. We transfer all or a portion of your Personal Data to our service providers who help us deliver our products and services to you and for the purposes described in this Privacy Notice. These service providers are required by contract or law to only use or disclose the information as necessary to perform services on our behalf or as otherwise required by law.

In the Event of a Merger, Acquisition, Change in Ownership, or Reorganization. Personal Data we have collected may be disclosed to a third party in the event of a merger, transfer of ownership or assets, bankruptcy, or other corporate reorganization.

For Data Analytics. We use Google Analytics to help understand how visitors interact with the Site. Google may combine your browsing behavior on our Website with other data for advertising purposes. This processing is governed by Google's Privacy Policy, available at: https://policies.google.com/privacy. You can opt out of Google Analytics tracking here: https://tools.google.com/dlpage/gaoptout.

When Legally Permitted or Required to Do So. SFL may disclose without your prior consent any information about you or your use of our Website, if we believe disclosure is necessary, including to:

• Protect and defend the rights, property, or safety of SFL, employees, other users of the Website, or the public

• Enforce the Terms of Use and Privacy Notice

• Respond to a legally valid request from a competent governmental authority

• Respond to claims that any content violates the rights of third parties

• Correspond with law enforcement agencies, if we are required to do so

• Satisfy any applicable law, regulation, legal process, or governmental request

Emergency Situations and Participant Safety. In circumstances where we reasonably believe there is an imminent risk of serious harm to a participant or others, we may share relevant information with:

• Emergency responders or medical professionals

• Designated emergency contacts

• Mental health crisis intervention services

• Legal authorities when required by duty of care obligations

IV. Mutual Respect and Unforeseen Circumstances

Participant Responsibilities. To maintain a respectful and safe environment, participants agree to:

• Provide accurate information when requested for safety or service delivery purposes

• Respect the boundaries and professional standards of SFL staff and facilitators

• Communicate openly about concerns, limitations, or special needs that may affect service delivery

• Honor scheduling commitments and provide reasonable notice for changes when possible

• Maintain confidentiality regarding other participants' shared experiences

Company Commitments. SFL commits to:

• Treating all participant information with the highest level of confidentiality and respect

• Providing clear communication about any changes to services, policies, or procedures

• Responding promptly and professionally to participant concerns or requests

• Maintaining appropriate professional boundaries in all interactions

• Continuously improving our services based on participant feedback and emerging best practices

Unforeseen Events and Force Majeure. In the event of unforeseen circumstances including but not limited to:

• Natural disasters or extreme weather events

• Public health emergencies or pandemics

• Technology failures or cybersecurity incidents

• Changes in applicable laws or regulations

• Economic disruptions affecting service delivery

• Personal emergencies affecting key personnel

SFL will:

• Communicate transparently about how such events may affect services and data handling

• Take reasonable steps to protect participant data during disruptions

• Provide alternative service delivery methods when possible

• Honor existing commitments to the greatest extent reasonably possible

• Work collaboratively with participants to find mutually acceptable solutions

Data Protection During Disruptions. During unforeseen events, we may need to implement temporary measures that could affect normal data handling procedures. We commit to:

• Maintaining security standards even during emergency protocols

• Providing notice of any temporary changes to data handling when feasible

• Restoring normal privacy practices as soon as reasonably possible

• Conducting post-incident reviews to improve future preparedness

V. Use of Cookies

We use cookies to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.

You can manage your cookie preferences in multiple ways:

Browser Settings: You have the ability to accept or decline cookies through your web browser. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the SFL services or websites you visit. Current browser cookie settings may be available at these links:

• Google Chrome

• Firefox

• Safari

• Microsoft Edge

VI. Your Privacy Options – United States

Certain U.S. states, including California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia (now or in the future) give their residents rights to how their information is collected and used. Although some of these options apply generally, certain options will only apply to limited individuals or circumstances. Depending on your state of residence, you may have the right to exercise the following rights and choices:

• Right to Know and Access. You may have the right to know whether SFL processes your Personal Data, or request access to the Personal Data we have collected about you.

• Right to Correction. You may request correction of Personal Data that we hold about you.

• Right to Deletion. You may have the right to request deletion of the Personal Data that we hold about you. Note, however, that we may not always be able to comply with your request of deletion for specific legal reasons which we will tell you about, if applicable, at the time of your request.

• Right to Opt Out. You have the right to opt out of the processing of your Personal Data for the purposes of targeted advertising, sales, or profiling in furtherance of decisions that produce legal or similarly significant effects.

• Right to Portability. You have the right to ask SFL to provide you with your Personal Data in a machine-readable format.

• Right to Limit the Use of or Consent to the Processing of Sensitive Data. We will ask your consent before we process your sensitive Personal Data or allow you to limit our use of sensitive data, as required by law.

The exact scope of these rights may vary. To exercise any of these rights please contact us.

VII. Your Privacy Options – European Economic Area

Those residing in the European Economic Area (EEA), UK, and Switzerland may benefit from a number of rights in relation to your information that we process. Some rights apply only in certain limited cases, depending on your location. Although some of these rights apply generally, certain rights will only apply to limited individuals or circumstances. For people to whom these laws apply, we only use your information when we have a legal reason to do so. These reasons may include:

• When you give us your consent (like signing up for newsletters or allowing us to use cookies)

• When we have a legitimate business reason (like improving our Website or preventing fraud)

• When we're legally required to (like keeping records for tax or safety reasons)

To the extent that these laws apply, you may exercise the following rights:

• Right to Access. Note that much of the information you are entitled to know or access is disclosed in this Privacy Notice. With this said, you have the right to know about our information practices. You also have the right to access the categories of data we collect, with whom we share or sell that information, and, in some cases, what specific Personal Data we associate with you or your account.

• Right to Rectification. You may request we correct or rectify inaccurate information we have collected about you.

• Right to Erasure. You may request that we delete the Personal Data we have collected about you. Depending on the applicable law, in some cases we are required or permitted to retain your information, even if you validly requested we delete or erase it.

• Right to Restrict Processing. If we process your information based on our legitimate interests as explained in this Privacy Notice, you may have the right to restrict processing in certain circumstances.

• Right to Object. If we process your information based on our legitimate interests as explained in this Privacy Notice, or in the public interest, you can object to this processing in certain circumstances. Where we use your data for direct marketing purposes, you can always object using the unsubscribe link in such communications or changing your account settings.

• Right to Data Portability. If you request a copy of your specific information then we will provide it in an easily accessible format.

• Right to Lodge a Complaint. You may be entitled to lodge a complaint with your data privacy regulatory authority.

We generally process Personal Data of those residing in the EEA on the legal basis of our legitimate interests in performing the function or service you requested. Where appropriate, we may rely on alternate legal bases, such as your consent to certain types of processing. Where we process your Personal Data on the basis of consent, we will clearly obtain your opt-in consent.

Where you have provided consent to certain data processing, you have the right to withdraw that consent at any time by contacting us. A withdrawal of consent will not affect the validity of our use of your Personal Data up until the point you have withdrawn your consent.

Representative (Article 27 of the GDPR): At this time, SFL does not specifically target or offer services to individuals in the EEA, UK, or Switzerland, and therefore does not maintain an Article 27 representative in those regions. If our operations change and we begin offering goods or services specifically to individuals in the EEA or UK, we will appoint a representative and update this Privacy Notice accordingly.

Data Protection Officer (Article 37 of the GDPR): SFL is not currently required to appoint a Data Protection Officer under Article 37 of the General Data Protection Regulation. However, we take your privacy seriously and have designated internal resources responsible for monitoring our data protection practices and responding to privacy-related inquiries.

VIII. Your Privacy Options – Other Jurisdictions

Individuals outside the United States and EEA, including those residing in Canada, China, and certain other jurisdictions may have certain data subject rights. These rights vary, and may be different from those listed within this Privacy Notice. For any questions about your rights, and how you may exercise them, please contact us at the information provided within this Privacy Notice.

IX. Exercising Your Privacy Options

To exercise any of the above options, you may contact us at: legal@soundflower.co

Please include your email address, full name, and specific information about your request(s). If you would like to update or correct your email address, work address, or other Personal Data with us, please include specific details about the information you wish to have updated or corrected.

Messaging and Newsletter Communications. You may control how you receive certain types of communications by unsubscribing within the body of the communication. Note that some messages are required, service-related messages such as transaction confirmation messages, legal notices, or updates.

Do Not Track Signals. DNT is a privacy preference you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For details, including how to turn on DNT, see here. Because there currently isn't an industry or legal standard recognizing or honoring DNT signals, we don't respond to them at this time.

X. Third Party Websites

This Privacy Notice applies only to our Services. Our Website may contain links to other websites such as Circle and Spiffy. We have no control over the privacy practices or the content of any of our business partners or other third parties we link to from our Website. SFL does not endorse, approve, or certify these other websites, and we do not guarantee the accuracy, completeness, efficacy, or timeliness of the information contained on those websites. You should check the applicable Privacy Notice of the Website sponsor when linking to other websites.

XI. Information Retention

SFL uses several criteria to determine how long we should keep categories of Personal Data. We will retain your Personal Data for the time period reasonably necessary to achieve the business purposes outlined in this Privacy Notice to the extent permitted by applicable law.

Extended Retention for Safety Purposes. In cases where participant safety or well-being concerns have been documented, we may retain relevant information for extended periods to ensure continuity of care and appropriate risk management.

Please understand that residual copies of the Personal Data can be stored in locations or formats that make complete erasure extremely difficult. The best way to ensure you control your information is to give us only the Personal Data that you are completely comfortable sharing with us.

XII. Security

SFL takes reasonable steps to secure your Personal Data. We maintain physical, electronic, and procedural safeguards to ensure that Personal Data is stored and processed responsibly. However, no internet transmission is ever fully secure, and we cannot guarantee that information transmitted via our Website will remain confidential at all times.

Incident Response. In the event of a data breach or security incident, we will:

• Take immediate steps to contain and mitigate the incident

• Notify affected participants within the timeframes required by applicable law

• Provide clear information about what happened and what steps we are taking

• Offer appropriate support and resources to affected participants

• Conduct a thorough investigation to prevent future incidents

XIII. Age Restrictions

Our Services are not intended for individuals under the age of 18. If we learn we've collected data from a minor without verified parental consent, we will delete it immediately. By accepting the Privacy Notice through your use of our Services, you certify that you are at least 18 years of age or submitting Personal Data to us with the consent of a parent or guardian. If you believe we have collected such information, please contact us at legal@soundflower.co

XIV. Dispute Resolution and Communication

Good Faith Communication. Both SFL and participants commit to addressing any concerns, disputes, or issues through good faith communication. We encourage participants to contact us directly with any privacy concerns before seeking external remedies.

Escalation Process. If initial communication does not resolve privacy concerns, participants may:

1. Request escalation to senior management

2. Seek mediation through mutually agreed-upon services

3. Exercise legal rights as outlined in applicable privacy laws

Feedback and Improvement. We welcome participant feedback on our privacy practices and will consider reasonable suggestions for improvement in our ongoing policy reviews.

XV. Changes to Privacy Notice

We may update or change this Privacy Notice from time to time. We will post the changes on our Website and software, and will indicate the effective date. For material changes that significantly affect how we handle your personal data, we will provide advance notice through email or prominent website notification.

Your continued use of services after the changes are effective constitutes your acceptance of the Privacy Notice. If you disagree with material changes, you may discontinue use of our services and request deletion of your personal data, subject to legal retention requirements.

XVI. Contact Us

If you have any questions about this Privacy Notice, contact us at: legal@soundflower.co

To help protect your information and maintain security, we may verify your identity before processing certain requests, such as access, correction, or deletion of your Personal Data. Verification may include confirming your email address or other contact information; requesting details about your past interactions with SFL; or asking you to sign a declaration under penalty of perjury stating that you are the individual whose data is the subject of the request. If you submit a request through an authorized agent, we may require a signed permission from you authorizing the agent to act on your behalf and additional identity verification to ensure your privacy and security.

Response Commitment. We commit to responding to privacy-related inquiries within 30 days of receipt, or sooner as required by applicable law. Complex requests may require additional time, and we will communicate expected timeframes clearly.

___________________________________________________________________________________________________________________________________________

This Privacy Policy reflects our commitment to protecting your privacy while fostering an environment of mutual respect and shared responsibility. We believe that transparency and open communication are essential to building trust and maintaining the beneficial relationships that are at the heart of our services.