LEGAL

Privacy Policy

Last Updated April 27, 2026

Hi.

This is the page where I tell you how I handle your information.

It's not glamorous. But it matters. Read what's here so you know what you're saying yes to.

Heather Hickson, doing business as Elevate Health + Wellness LLC ("Heather Hickson," "we," "us," or "our") operates the websites located at www.heatherhickson.com and any related subdomains (the "Site") and provides related services, including coaching sessions, courses, digital products, and free resources (the "Services"). This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights regarding your information.

By using the Site or Services, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Site or Services.

1. Information We Collect

We collect information in the following categories:

a. Contact Information. When you sign up for our newsletter, book a session, register for a course, complete a contact form, or otherwise communicate with us, we may collect your name, email address, phone number, and mailing address.

b. Order and Billing Information. When you purchase a product or service, you provide payment information, including credit card or bank details. We do not directly store full payment card information; this is handled by our third-party payment processor (currently Stripe).

c. Information You Voluntarily Provide. When you complete intake forms, fill out questionnaires, send messages, post comments, or share information during sessions or in community spaces, we collect what you choose to share.

d. Automatically Collected Information. When you visit the Site, we automatically collect certain technical information, including your IP address, browser type and language, operating system, device identifiers, referring and exit pages, time stamps, and pages viewed. This is collected through cookies and similar technologies. See our Cookie Policy for details.

e. Information from Third Parties. We may receive information about you from social media platforms, advertising partners, analytics providers, and (where applicable) affiliate partners.

2. How We Use Your Information

We use the information we collect to:

  • Provide the Services you request, including delivering coaching sessions, courses, and digital products

  • Process payments and fulfill orders

  • Communicate with you about your account, purchases, and the Services

  • Send marketing emails, newsletters, and promotional content (with your consent where required)

  • Improve and personalize the Site and Services

  • Detect, prevent, and respond to fraud and security issues

  • Comply with legal obligations

  • Enforce our Terms of Use and other agreements

3. Lawful Basis for Processing (for EU, UK, and Swiss Users)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process your personal information based on the following lawful bases under the GDPR:

  • Consent. For marketing communications, optional cookies, and other activities where you have given specific, informed consent.

  • Contract. To fulfill purchases, deliver services, and provide what you have requested.

  • Legitimate Interests. For site analytics, fraud prevention, security, and improving our Services, where our interests do not override your fundamental rights.

  • Legal Obligation. To comply with applicable laws, including tax, accounting, and consumer protection requirements.

You may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

4. How We Share Your Information

We do not sell your personal information. We may share information in the following circumstances:

  • Service Providers. We share information with third parties who perform services on our behalf, such as payment processing (Stripe), email and CRM (GoHighLevel), analytics (Google Analytics), course hosting, and similar functions. These providers are contractually required to protect your information and use it only for the services they provide to us.

  • Legal Requirements. We may disclose information if required by law, court order, or legal process, or to protect our rights, property, or safety, or that of others.

  • Business Transfers. If we are involved in a merger, acquisition, sale of assets, or similar event, your information may be transferred as part of that transaction.

  • With Your Consent. We may share information with your permission for any other purpose disclosed at the time you provide it.

  • Aggregate or De-identified Information. We may share aggregated or de-identified information that cannot reasonably be used to identify you.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate the Site, remember your preferences, analyze usage, and (with your consent where required) deliver targeted content. When you first visit the Site, a cookie banner allows you to accept all cookies, accept only essential cookies, or customize your preferences. To change your preferences after your initial choice, clear your browser's cookies for this Site or use your browser's settings. For details, please see our Cookie Policy.

6. Data Retention

We retain personal information only as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we delete or anonymize it.

Specifically:

  • Newsletter subscriptions are retained until you unsubscribe.

  • Customer account and order records are retained for the duration of your relationship with us, plus seven (7) years for tax and accounting purposes.

  • Marketing preferences and consent records are retained for the duration of your relationship with us.

  • Information shared during coaching sessions is retained as needed to provide ongoing services to you and is deleted upon your request unless retention is required by law.

7. Your Rights

a. General Rights. Regardless of where you are located, you may:

  • Request access to the personal information we hold about you

  • Request correction of inaccurate information

  • Request deletion of your personal information

  • Opt out of marketing communications by using the unsubscribe link in any email or contacting us directly

b. Rights for EU, UK, and Swiss Residents (under the GDPR). In addition to the rights above, you have the right to:

  • Restrict processing of your information in certain circumstances

  • Object to processing based on legitimate interests or for direct marketing

  • Receive your information in a structured, commonly used, machine-readable format (data portability)

  • Withdraw consent at any time

  • Not be subject to a decision based solely on automated processing

  • Lodge a complaint with your local Data Protection Authority

c. Rights for California Residents (under the CCPA/CPRA). California residents may:

  • Request to know what categories and specific pieces of personal information we have collected, used, or disclosed

  • Request deletion of personal information

  • Opt out of the sale or sharing of personal information (we do not sell personal information)

  • Limit use and disclosure of sensitive personal information

  • Not be discriminated against for exercising these rights

To exercise any of these rights, email us at [email protected] with your request and enough information to verify your identity. We will respond within the timeframes required by applicable law.

8. International Data Transfers

Our Site and servers are located in the United States. If you are located outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your country. By using the Site or Services, you consent to this transfer. For transfers from the EEA, UK, or Switzerland, we rely on appropriate safeguards, including Standard Contractual Clauses where applicable.

9. Children's Privacy

Our Site and Services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are under 13, please do not provide any information through the Site. If we learn we have collected personal information from a child under 13, we will delete it. If you are between 13 and the age of majority in your jurisdiction, please use the Site and Services only with the involvement of a parent or guardian.

10. Security

We take reasonable technical, administrative, and physical measures to protect personal information against unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

11. Third-Party Sites

The Site may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. Please review their privacy policies before sharing information with them.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by the "Last Updated" date at the top of this page. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your information, please contact us:

Email: [email protected]
Mail:
Heather Hickson
Attn: Privacy / Legal
PO Box 4541
Cave Creek, Arizona 85327

SOUL ARCHEOLOGIST

Come sit with me.

The occasional note · when something wants to be said. No spam. No fluff. Just the good stuff.

If it stops landing, unsubscribe. Seriously. One click. I won't chase you. I won't send a "we miss you" email in six months. Clean break, always.

By signing up, you agree to our Terms of Use and Privacy Policy.