Privacy Policy

HBOTT.com ("we," "us," "our") respect your privacy. This Privacy Policy describes our practices regarding the collection, use, disclosure, and protection of personal data when you use our website, book sessions, make purchases, or contact us. It is intended to meet the requirements of the General Data Protection Regulation (GDPR) where applicable and the California Consumer Privacy Act (CCPA) for California residents.

1. Data Controller

The data controller responsible for your personal data is HBOTT.com, 2605 Camino Del Rio South, San Diego, CA 92018, United States. For questions, contact HBOTTGROUP@gmail.com.

2. Information We Collect

We may collect: (a) Identifiers — name, email, phone, mailing address, IP address; (b) Commercial information — session bookings, purchase history, donation records; (c) Internet/device data — browser type, device identifiers, usage data, cookies; (d) Health-related information — only when you provide it (e.g., referral forms, intake) and as permitted by law; (e) Inferences — preferences and interests you express. We do not collect sensitive categories beyond what you voluntarily provide for service delivery.

3. Legal Basis for Processing (GDPR)

Where GDPR applies, we process personal data based on: (a) Contract — to perform our agreement with you (e.g., sessions, orders); (b) Legitimate interests — to operate the site, prevent fraud, and improve services; (c) Consent — where you have given clear consent (e.g., marketing, cookies); (d) Legal obligation — to comply with applicable law.

4. How We Use Your Data

We use your data to: fulfill session bookings, process payments, manage directory listings, handle referrals and donations, communicate with you, improve our services, ensure security, and comply with legal obligations. We do not sell your personal information. We may share data with service providers (payment processors, hosting, analytics) under contracts that require them to protect your data and use it only for the purposes we specify.

4a. Payment Data and Third-Party Processors

Authorize.net: Payment data (including card information) is processed via Authorize.net. We do not store full card numbers on our servers. Card data you enter is tokenized and transmitted securely to Authorize.net for authorization and settlement. Authorize.net's privacy and security practices apply to that processing.

TheMerchantCardGroup.com: We may share leads and user data (such as contact information and business details) with TheMerchantCardGroup.com for merchant services and business financing inquiries. For example, if you express interest in payment processing, equipment financing, or merchant services in connection with HBOTT.com offerings, we may share relevant contact and business information with TheMerchantCardGroup.com so they can respond to your inquiry. Such lead-sharing is limited to what is necessary for those purposes and is subject to appropriate confidentiality and data-protection commitments.

5. Cookies and Similar Technologies

We use cookies and similar technologies for session management, preferences, security, and analytics. You can control cookies through your browser settings. Essential cookies are necessary for the site to function; others may be disabled, though some features may be limited.

6. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy, or as required by law (e.g., tax, legal claims). When data is no longer needed, we securely delete or anonymize it.

7. International Transfers

Our operations are based in the United States. If you are in the European Economic Area (EEA) or another jurisdiction with transfer restrictions, your data may be transferred to and processed in the U.S. We rely on appropriate safeguards (e.g., standard contractual clauses, adequacy decisions) where required by applicable law.

8. Your Rights

GDPR (EEA/UK): You have the right to access, rectify, erase, restrict processing, data portability, object to processing, and withdraw consent where applicable. You also have the right to lodge a complaint with a supervisory authority.

CCPA (California): You have the right to know what personal information we collect, use, and disclose; the right to delete your personal information (subject to exceptions); the right to correct inaccuracies; the right to opt out of the "sale" or "sharing" of personal information (we do not sell or share personal information for cross-context behavioral advertising); and the right to non-discrimination for exercising these rights. To submit a request, contact us at HBOTTGROUP@gmail.com. We will verify your identity before fulfilling requests.

Other jurisdictions: You may have additional rights under local law. Contact us to exercise them.

9. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Payment card data is processed exclusively through Authorize.net; we do not store full card numbers on our servers.

10. Children

Our services are not directed to individuals under 16. We do not knowingly collect personal data from children under 16. If you believe we have collected such data, please contact us so we can delete it.

11. Changes

We may update this Privacy Policy from time to time. The current version will be posted on this page with an updated "Last updated" date. Continued use of our services after changes constitutes acceptance of the revised policy.

Contact: For privacy requests, questions, or to contact a data protection contact: HBOTT.com, 2605 Camino Del Rio South, San Diego, CA 92018; HBOTTGROUP@gmail.com.