Privacy Policy
Privacy Policy
Last updated: 2026-05-29
Controller and Contact
The data controller for this website is Twin Flames Traveling Within. For privacy requests, contacttwinflamestravelingwithin@gmail.com.
Twin Flames Traveling Within, Lindenlaan 16, 2350 Vosselaar, Antwerp, Belgium.
Dedicated privacy contacttwinflamestravelingwithin@gmail.com.
What Data We Collect
- Identity and account data (name, email, account metadata).
- Authentication and session data needed for secure login and protected content access.
- Quiz submissions and response data submitted through site assessments.
- Purchase and checkout context, including payment status metadata.
- Support communications and request details sent to our contact channels.
- Technical usage and security signals used to protect the platform.
- Consent records, cookie choices, device identifiers, and marketing preference signals where applicable.
Why We Process Data and Legal Basis
We process personal data to operate accounts, deliver digital products, process payments, support customer requests, and keep the service secure.
- GDPR Art. 6(1)(b): processing necessary to provide account access, purchases, and digital delivery.
- GDPR Art. 6(1)(f): legitimate interests in platform security, fraud prevention, and service improvement.
- GDPR Art. 6(1)(c): compliance with legal obligations (for example accounting/tax records where required).
- GDPR Art. 6(1)(a): consent for optional analytics and marketing cookies/tracking.
Third Parties and Tools
We use trusted processors and tools to run the platform. Optional analytics/marketing tools are only active when consent is granted.
| Provider | Category | Purpose | Data |
|---|---|---|---|
| Website hosting/infrastructure provider | Hosting | Deliver and secure the website application. | Technical logs, request metadata, and security events. |
| Supabase | Authentication & Database | User authentication, account sessions, database storage, and protected file delivery. | Account identifiers, login/session data, profile details, purchases, quiz submissions, and protected asset metadata. |
| Stripe | Payments | Secure checkout and payment processing for paid products. | Checkout identity details (such as name/email), payment transaction details, and payment status metadata. |
| GoHighLevel (LeadConnector) | CRM & Messaging | Lead/contact management, tagging, and transactional/operational messaging workflows. | Name, email, lead tags/status, and relevant purchase funnel context. |
| Instagram (optional) | Social Media | Provide links or embedded social-media content and enable social platform interaction. | Device/browser metadata, IP address, referral data, and any interaction data collected by Instagram/Meta when social content is loaded or visited. |
| Google Analytics (if enabled) (optional) | Analytics | Measure traffic and improve site/product performance. | Pseudonymous usage analytics and interaction events. |
| Meta Pixel (if enabled) (optional) | Marketing | Ad performance measurement and campaign attribution. | Pseudonymous marketing events and conversion signals. |
| GoHighLevel tracking script (if enabled) (optional) | Marketing | Campaign and marketing attribution tied to funnels. | Pseudonymous tracking events and campaign identifiers. |
How We Share Personal Data
We do not sell personal data for money. We may share relevant data categories with service providers and platform partners only where needed to operate the website, deliver purchases, communicate with you, process payments, secure the platform, or run optional analytics/marketing tools after consent.
- Hosting and infrastructure providers that receive technical and security-related data needed to deliver the website.
- Authentication, database, and storage providers that receive account data, login/session data, quiz submissions, and protected-content delivery data.
- Payment processors that receive checkout identity details, transaction details, and payment status data.
- CRM, email, and operational messaging providers that receive contact details, tags, and customer-journey information needed for support or service delivery.
- Optional analytics, advertising, and social-media partners that may receive device/browser identifiers, pseudonymous event data, and attribution data only when optional consent is granted.
Social Media and Instagram
Our website references and may from time to time embed social-media content or links, including Instagram. When you interact with those platforms, open embedded content, or visit our social pages, the platform provider may collect personal data directly from your browser or device under its own privacy policy.
- Instagram/Meta may collect IP address, browser/device information, referral URL, interaction data, and cookie or tracking information when social content is loaded or visited.
- If you are logged into a social-media account, the platform may associate your interaction with your profile.
- For more information, review Meta's Privacy Policy and cookie information before interacting with social content.
Your Rights
- Access your personal data.
- Request correction of inaccurate data.
- Request deletion of personal data where legally permitted.
- Request restriction of processing in certain cases.
- Object to specific processing based on legitimate interests.
- Request data portability where applicable.
- Withdraw consent for optional cookies/tracking at any time.
- Lodge a complaint with your local data protection authority.
Data Retention
- Account/profile data: kept while your account is active and for a reasonable period afterward for security and support continuity.
- Purchase/payment records: retained as needed for contractual fulfillment and legal/accounting obligations.
- Quiz and lead data: retained while relevant to service delivery, support, and customer journey operations.
- Cookie consent choices: retained according to consent storage settings and refreshed when policy/version changes.
International Transfers
Some service providers may process data outside your country. Where this occurs, we rely on provider safeguards and contractual protections intended to meet applicable data protection requirements.
Withdrawal, Deletion, and Updates
To request access, correction, deletion, or objection, emailtwinflamestravelingwithin@gmail.com.
You can also withdraw optional cookie consent at any time through the footer's Manage cookie preferences control. This policy may be updated to reflect legal, operational, or technical changes. The latest version is published on this page.