Effective date: September 7, 2025
Last updated: September 7, 2025
This Privacy Policy explains how The Somatic Collective by FlowArt® ("Somatic Collective," "we," "us," or "our") collects, uses, discloses, and safeguards personal information when you visit our websites, purchase or access courses and related materials, or otherwise interact with us online. By using our services, you agree to the practices described in this Policy and our Terms and Conditions.
Somatic Collective is operated by FlowArt Therapy PLLC, a Washington professional limited liability company located at 1600B SW Dash Point Rd #1017, Federal Way, WA 98023. You can contact us at [email protected].
1. Scope
This Policy applies to information we collect through our websites, checkout pages, learning platforms, webinar platforms, email, and customer support channels. It does not apply to third‑party websites or services that are not controlled by us. If a course is delivered on a third‑party platform, that platform’s privacy policy applies in addition to this Policy.
We provide professional education for clinicians and allied professionals. We do not provide clinical care through our courses. Our services are intended for adults.
2. Information we collect
We collect the categories of information listed below. The information you provide may vary depending on the course and features you use.
2.1 Information you provide to us
Account and profile data such as name, pronouns, email address, mailing address, employer or organization, professional role or license type, and time zone.
Purchase and checkout data such as billing name, billing address, tax address, and limited payment details. Full payment card numbers are processed by our payment processors and are not stored on our servers.
Course participation data such as attendance, chat and Q and A participation, poll responses, assignment submissions, assessments and quiz scores, and requests related to certificates.
Continuing education data such as licensure or certification information, profession, license number, completion status, evaluation responses, and certificate details. We maintain completion records as required by applicable accrediting bodies.
Communications such as emails, support requests, and grievance submissions.
Accommodation requests that you choose to share with us in order to make a live event accessible. These may include information about disability or health. We ask that you share only what is necessary. We use this information solely to arrange accommodations and we restrict access to a need‑to‑know basis.
2.2 Information collected automatically
Device and usage data such as IP address, device and browser type, operating system, referring and exit pages, and timestamps.
Analytics and performance data about how you navigate and interact with our website and course materials.
Cookies and similar technologies which help us remember your preferences, keep you signed in, and analyze site usage. See Section 4 for details.
2.3 Information from third parties
Payment processors that confirm payment status or fraud screening results.
Learning or webinar platforms that provide attendance logs, engagement metrics, and completion status.
Email and marketing service providers that track email delivery and engagement.
3. How we use information
We use personal information for the purposes described below:
Provide and operate services, including registering you for courses, granting platform access, issuing certificates, and maintaining completion records.
Customer support, such as responding to questions, accommodation requests, and grievances.
Continuing education administration, including identity verification, attendance verification, assessment and evaluation, and audits by accrediting bodies when required.
Safety, security, and integrity, such as detecting fraud, abuse, or violations of our Terms.
Communications about your registrations, certificates, policy updates, and service‑related notices.
Analytics and improvement to understand usage, fix bugs, and improve course content and user experience.
Legal compliance such as complying with tax, accounting, or recordkeeping requirements, and responding to lawful requests from authorities.
We do not use your personal information for automated decision making that produces legal or similarly significant effects.
4. Cookies and similar technologies
We use cookies and similar technologies to operate our website, keep you signed in, remember preferences, and understand how our services are used. You can control cookies through your browser settings. If you block essential cookies, some features may not work.
Global Privacy Control. If your browser sends a Global Privacy Control signal, we treat it as a request to opt out of any sale or sharing of personal information for cross‑context behavioral advertising if such activities occur. See Section 9 for additional state rights.
5. Legal bases for processing (EEA and UK users)
If you are in the European Economic Area or the United Kingdom, we process personal data under the following legal bases:
Contract, to provide the services you request.
Legitimate interests, such as securing our services and improving course quality, balanced against your rights and interests.
Consent, where required by law, for example for certain cookies or optional communications.
Legal obligations, such as tax and audit requirements or recordkeeping required by accrediting bodies.
You may withdraw consent at any time where we rely on consent.
6. How we disclose information
We do not sell personal information. We disclose information only as described below:
Service providers and processors that perform services on our behalf, such as payment processing, learning and webinar platforms, certificate generation, email delivery, analytics, and hosting. These parties are bound by contractual obligations to protect your information and use it only for our instructions.
Professional and accrediting bodies when required to verify CE requirements or during compliance audits.
Legal and safety reasons if we believe disclosure is reasonably necessary to comply with a law, regulation, court order, or lawful request, to protect the rights, property, or safety of Somatic Collective, our users, or others, or to detect and prevent fraud or security issues.
Business transfers in connection with a merger, acquisition, or other transfer, subject to this Policy.
We do not disclose accommodation details or other sensitive information beyond what is necessary to arrange the requested accommodation or fulfill a legal obligation.
7. International transfers
We are based in the United States. If you access our services from outside the United States, your information may be transferred to, stored in, or processed in the United States or other countries that may have data protection laws different from those in your jurisdiction. Where required, we use appropriate safeguards for international transfers.
8. Retention
We retain personal information for as long as needed to provide services, maintain business and educational records, comply with legal and accreditor requirements, resolve disputes, and enforce agreements. Records supporting continuing education completion, including certificates and attendance logs, are retained for a period that allows us to verify completion and respond to audits. When retention is no longer necessary, we delete or de‑identify information.
9. Your privacy rights
Your rights may include the ability to request access, correction, deletion, or portability of your information, and to object to or restrict certain processing.
U.S. state privacy rights. Depending on your state, you may have rights to know, access, correct, delete, and obtain a copy of your personal information, and to opt out of sale or sharing for targeted advertising. We do not sell or share personal information for cross‑context behavioral advertising. If this changes, we will update this Policy and provide an opt‑out method. You may submit requests at [email protected]. You will not receive discriminatory treatment for exercising your rights. If your request is denied, you may submit an appeal by replying to our decision.
EEA and UK rights. You have rights under data protection law, including to access, correct, delete, restrict, and object to processing, and to data portability. You also have the right to lodge a complaint with your local data protection authority.
We may need to verify your identity before fulfilling a request. Certain information may be retained as permitted or required by law.
10. Security
We use administrative, technical, and physical safeguards designed to protect personal information. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.
11. Children’s privacy
Our services are intended for adults and are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact [email protected] so we can take appropriate action.
12. HIPAA notice
We provide education services, not clinical care through these platforms. We are generally not a HIPAA covered entity when delivering courses. Please avoid sharing protected health information about clients. If you present case material, de‑identify it in accordance with law and ethics.
13. Accessibility
We aim to make this Policy and our services accessible. To request this Policy in an alternative format or to request an accommodation for a live event, email [email protected].
14. Changes to this Policy
We may update this Policy from time to time. The "Last updated" date at the top of this page shows when changes were most recently made. Your continued use of the services after the effective date means you accept the updated Policy.
15. Contact us
The Somatic Collective by FlowArt®
FlowArt Therapy PLLC
1600B SW Dash Point Rd #1017
Federal Way, WA 98023
Email: [email protected]
State‑specific disclosures for California residents
The following supplements this Policy for California residents. We provide the disclosures below to help you understand how we handle personal information as defined by the California Consumer Privacy Act as amended.
No sale or sharing. We do not sell or share personal information as those terms are defined by California law. If this changes, we will update this Policy and provide a "Do Not Sell or Share My Personal Information" method.
Categories collected. We collect identifiers, commercial information, internet or network activity information, and professional information, and other information you voluntarily provide such as accommodation details. See Sections 2 and 3 above.
Sources. You, your devices, our service providers and platforms.
Purposes. See Section 3 above.
Retention. See Section 8 above.
Your rights. You can request access, correction, and deletion of personal information, and can appeal a denial. Submit requests to [email protected]. We will verify your request as required by law.
If you are an authorized agent submitting a request, include proof of authority and the consumer’s verification information.