Legal

Privacy Policy

Last updated: 25 May 2026

Psygaia ("we," "us," or "our") operates howtousepsychedelics.com (the "Site"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit the Site or use our services. We are committed to protecting your privacy and handling your data with transparency and care.

Psygaia is a nonprofit organisation based in British Columbia, Canada. By using this Site, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Information you provide voluntarily:

• Email address — when you subscribe to our newsletter or sign up for the Psygaia Framework guide
• First name — optionally, when subscribing
• Payment information — when purchasing a course, processed securely by Stripe. We do not store your payment details on our servers.

Information collected automatically:

• Analytics data — page views, referral sources, browser type, device type, and approximate geographic location (country/region level). This data is collected via privacy-respecting analytics tools (DataFast and Umami) and is used in aggregate. We do not use this data to identify individual users.
• Cookies — we use a small number of functional cookies to store your theme preference and remember whether you have dismissed the email signup popup. We do not use advertising or tracking cookies.

Information we do not collect:

• We do not collect sensitive health information, substance use data, or psychedelic experience details through the Site
• We do not use fingerprinting, advertising pixels, or cross-site tracking technologies
• We do not collect information from children. This Site is intended for adults only.

How We Use Your Information

We use the information we collect for the following purposes:

• To deliver newsletter content and educational resources you have requested
• To process course enrolments and provide access to purchased content
• To provide access to Psygaia's Circle community platform
• To understand how visitors use the Site so we can improve content and user experience
• To respond to inquiries or requests you send us

We do not use your information for targeted advertising, profiling, or automated decision-making.

Third-Party Services

We share your information only with the service providers necessary to operate the Site and deliver our services:

• Beehiiv — email newsletter delivery. Receives your email address and optional first name when you subscribe. Beehiiv Privacy Policy
• Stripe — payment processing for course purchases. Receives payment details directly; we never see or store your full card number. Stripe Privacy Policy
• Circle — community platform hosting for Psygaia's Circle. Receives your account information when you enrol. Circle Privacy Policy
• Netlify — site hosting and serverless functions. Processes requests to the Site. Netlify Privacy Policy
• DataFast — privacy-respecting web analytics. Collects anonymised usage data. DataFast Privacy Policy
• Umami — privacy-respecting, cookie-free web analytics. Collects anonymised usage data. Umami Privacy Policy

We do not sell, rent, or trade your personal information to any third party. We do not share your data with advertisers.

Cookies

This Site uses a minimal number of cookies, none of which are used for advertising or cross-site tracking:

• htup-theme — stores your preferred colour theme (dark or light mode). Functional, persistent.
• htup_popup_dismissed — remembers that you have closed the email signup popup so it does not reappear. Expires after approximately 4 months.

Our analytics providers (DataFast and Umami) are configured to respect user privacy and do not set tracking cookies.

Data Retention

• Email subscribers — your email address and name are retained for as long as you remain subscribed. You may unsubscribe at any time using the link in any email.
• Analytics data — aggregated, anonymised analytics data is retained indefinitely for trend analysis. This data cannot be used to identify you.
• Course purchases — transaction records are retained as required by applicable tax and financial regulations.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Correction — request correction of inaccurate or incomplete data
• Deletion — request deletion of your personal data ("right to be forgotten")
• Portability — request your data in a structured, commonly used format
• Objection — object to the processing of your personal data
• Withdrawal of consent — withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at hello@psygaia.org. We will respond to all legitimate requests within 30 days.

GDPR Compliance

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data under the following legal bases:

• Consent — when you voluntarily provide your email address to subscribe to our newsletter or sign up for resources
• Legitimate interest — for anonymised analytics to improve the Site, where this does not override your rights and freedoms
• Contractual necessity — to process course purchases and deliver the services you have paid for

You have the right to lodge a complaint with your local data protection authority if you believe your data has been processed unlawfully.

CCPA Compliance

If you are a California resident, you have the right to:

• Know what personal data we collect about you and how it is used
• Request deletion of your personal data
• Opt out of the sale of your personal data — though we do not sell personal data
• Not be discriminated against for exercising your privacy rights

PIPEDA Compliance

As a Canadian organisation, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). We collect personal information only for identified purposes, with your knowledge and consent, and retain it only as long as necessary to fulfill those purposes.

Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

• Encrypted data transmission (HTTPS/TLS) across the entire Site
• API keys and credentials stored as encrypted environment variables, never in source code
• Third-party services selected for their security practices and compliance standards
• Minimal data collection — we only collect what is necessary to provide our services

No method of electronic transmission or storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

International Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States and Canada, where our service providers operate. These transfers are necessary to provide our services and are conducted with appropriate safeguards in place.

Children's Privacy

This Site is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, please contact us immediately and we will take steps to delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this page periodically. Your continued use of the Site after any changes constitutes acceptance of the updated policy.

Contact