SERENITY DECODED
Website Privacy Policy
1. INTRODUCTION
Yellow Tail Investment Enterprise, LLC and its affiliated entities (“Company,” “we,” “us,” or “our”) operate the Serenity Decoded website at serenitydecoded.com (“Website”). This Website Privacy Policy (“Policy”) explains how we collect, use, store, and protect personal information from visitors to the Website.
This Policy applies specifically to the Website and covers visitors who browse, submit contact forms, sign up for email communications, or purchase subscriptions through the Website. If you download and use the Serenity Aligned application, the App Privacy Policy also applies to your use of the application and the Aarav AI system.
By using the Website, you agree to the collection and use of information as described in this Policy.
2. INFORMATION WE COLLECT
2.1 Information You Provide Directly
- Contact form submissions: name, email address, and the content of your message;
- Email newsletter or update sign-ups: name and email address;
- Subscription purchase: name, billing address, and payment details — processed exclusively by our third-party payment processor. We do not receive, store, or process your full card number or payment credentials;
- Book purchase enquiries or affiliate program applications: name, email, and any information you choose to provide.
2.2 Information Collected Automatically
- Usage data: pages visited, time spent on pages, links clicked, referring URLs, and navigation paths;
- Technical data: IP address, browser type and version, operating system, device type, and screen resolution;
- Cookie data: as described in Section 6 below.
2.3 Information We Do Not Collect
We do not knowingly collect: sensitive personal data such as health, financial, or biometric information through the Website; personal data from children under 18; or payment card numbers, which are handled entirely by our payment processor.
3. HOW WE USE YOUR INFORMATION
| Purpose | Data Used | Legal Basis |
| Respond to contact form enquiries | Name, email, message content | Legitimate interests |
| Send email newsletters or updates you opted into | Name, email address | Consent |
| Process subscription purchases through the Website | Name, billing address — payment data handled by processor | Performance of contract |
| Operate and improve the Website | Usage data, technical data | Legitimate interests |
| Analytics and performance monitoring | Usage data, cookie data | Consent (via cookie banner) |
| Security and fraud prevention | IP address, technical data | Legitimate interests / Legal obligation |
| Comply with legal obligations | Any relevant data | Legal obligation |
| Marketing communications (opt-in only) | Name, email | Consent |
4. THIRD-PARTY PAYMENT PROCESSING
Subscription purchases made through the Website are processed by our third-party payment processor. The following applies:
- We do not receive, store, or have access to your full payment card number, CVV, or bank account details. These are collected and processed directly by the payment processor on our behalf.
- The payment processor is PCI-DSS compliant and is contractually obligated to handle your payment data securely in accordance with applicable standards.
- We receive only confirmation of payment success or failure, and limited billing information such as the last four digits of your card, card type, billing name, and billing address.
- Your use of the payment processor’s service is also subject to that processor’s own privacy policy and terms of service, which you should review before completing a purchase.
- If you have a dispute about a charge processed through the Website, contact us through serenitydecoded.com before initiating any chargeback to allow us to resolve the matter directly.
5. DATA SHARING AND DISCLOSURE
We do not sell your personal information. We do not share it for independent third-party marketing. We share data only as follows:
- Service providers: carefully selected processors including our web hosting provider, email marketing platform, analytics service, and payment processor. All are bound by data processing agreements requiring them to process data only on our instructions and to implement appropriate security measures.
- Legal and regulatory: where required by law, court order, or regulatory authority. We will notify you where legally permitted.
- Business transfers: in a merger, acquisition, or asset sale, data may transfer as part of the transaction with advance notice to affected users.
- Safety: to prevent imminent harm, investigate fraud, or protect user or public safety.
6. COOKIES AND TRACKING TECHNOLOGIES
6.1 What We Use
- Strictly necessary cookies: essential for the Website to function — session management, security, and basic navigation. These cannot be disabled.
- Functional cookies: remember your preferences and settings between visits.
- Analytics cookies: help us understand how visitors use the Website — pages visited, time spent, error reports. Anonymized where possible.
- Marketing cookies: used to display relevant advertising or measure the effectiveness of marketing campaigns. Only placed with your consent.
6.2 Your Choices
When you first visit the Website, a cookie consent banner allows you to: Accept All, Reject All (non-essential), or Manage Preferences individually. Your choice is stored and respected. You can change your preferences at any time through Cookie Settings in the footer.
We honor the Global Privacy Control (GPC) signal. If your browser sends a GPC opt-out signal, we automatically apply Reject All for non-essential cookies without displaying the banner.
6.3 Third-Party Analytics
Our analytics provider may place cookies on your device subject to your consent. Analytics data is used only for Website improvement and is not used to identify you personally.
7. EMAIL COMMUNICATIONS
- Transactional emails: order confirmations, subscription receipts, and account-related notices are sent as part of our contractual obligations. No opt-out is required for these.
- Marketing emails: newsletters, product updates, and promotional content are sent only with your express opt-in consent. You may unsubscribe at any time by clicking the unsubscribe link in any marketing email or contacting us through serenitydecoded.com.
- We do not send unsolicited commercial email (spam). All marketing emails identify the sender clearly and provide a simple unsubscribe mechanism.
8. DATA RETENTION
| Data Category | Retention Period |
| Contact form submissions | 3 years from date of submission or last contact |
| Email marketing list | Until you unsubscribe or withdraw consent + 1 year |
| Purchase and billing records | 7 years from transaction date — financial regulatory requirement |
| Website analytics data | 26 months from collection (anonymized thereafter) |
| Cookie consent records | 1 year from consent date |
| Security and access logs | 12 months from creation |
9. SECURITY
We implement appropriate technical and organizational measures to protect your personal data including encryption of data in transit (TLS), access controls limiting data access to authorized personnel, regular security assessments, and staff training on data protection. No method of internet transmission is 100% secure. We cannot guarantee absolute security but we take all reasonable precautions.
10. INTERNATIONAL DATA TRANSFERS
We are based in the United States. If you access the Website from the EU, UK, or other regions, your data may be transferred to and processed in the United States. We use appropriate safeguards for international transfers including Standard Contractual Clauses for EU/EEA transfers and the UK IDTA for UK transfers.
11. YOUR RIGHTS
Depending on your location, you may have rights to: access the personal data we hold about you; correct inaccurate data; request deletion; restrict processing; receive a portable copy; object to processing; and withdraw consent. To exercise any right, contact us through serenitydecoded.com. We will not discriminate against you for exercising your rights.
11.1 EU / EEA (GDPR)
Legal bases are as described in Section 3. Lodge complaints with your local Data Protection Authority (edpb.europa.eu).
11.2 United Kingdom (UK GDPR / DPA 2018)
Equivalent rights apply. Complaints to the Information Commissioner’s Office (ico.org.uk).
11.3 California (CCPA / CPRA)
California residents may know what data is collected, request deletion, opt out of sale or sharing, and not be discriminated against. We do not sell personal data. We honor GPC signals.
11.4 Other Jurisdictions
We comply with applicable privacy laws in all jurisdictions where we operate including Canada (PIPEDA), Australia (Privacy Act 1988), India (DPDPA 2023), and applicable Asian-Pacific privacy frameworks.
12. CHILDREN
The Website is intended for users 18 and older. We do not knowingly collect personal data from anyone under 18. If we discover we have done so, we will delete it promptly.
13. EXTERNAL LINKS
The Website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We recommend reviewing the privacy policy of any third-party site you visit.
14. CHANGES TO THIS POLICY
We may update this Policy. Material changes will be communicated by prominent notice on the Website and, where required, will require re-consent. The effective date above reflects the most recent version. Prior versions are available on request.
15. CONTACT
Yellow Tail Investment Enterprise, LLC
Website: serenitydecoded.com