What we collect, why, on what legal basis, how long we keep it, and what your rights are.
Last update: 12 June 2026
SONGDANCE BV
Registered office: Beaupréstraat 13, 8310 Brugge, Belgium
VAT: BE 0743.575.076
Email: info@songdance.co
Website: www.songdance.co
Songdance is the controller of the personal data described in this policy. We don’t have a data protection officer; for anything related to your data, write to info@songdance.co.
This policy applies to the Songdance website, our online courses and memberships, live workshops and retreats, private sessions, our newsletter, and our certification program. It explains what we collect, why, on what legal basis, how long we keep it, and what your rights are.
We try to say this in plain language. Where the law requires precise terms, we use them.
Name, email address, billing address, country, VAT number (for businesses), the product or program purchased, and payment status. Payment card details are handled entirely by our payment providers — we never see or store them.
Why: to perform the contract with you (Art. 6(1)(b) GDPR) and to meet bookkeeping and tax obligations (Art. 6(1)(c)).
Email address, first name if you give it, and which resource you requested. We also record which emails you open and click, so we can stop sending things you ignore.
Why: your consent (Art. 6(1)(a)). You can withdraw it any time via the unsubscribe link in every email. If you’re an existing customer, we may send you information about similar programs on the basis of legitimate interest (Art. 6(1)(f)); the same unsubscribe link applies.
Your profile on our course platform, posts and comments you choose to make, attendance at live calls, and your progress through course materials.
Why: to perform the contract (Art. 6(1)(b)) and our legitimate interest in running a functioning learning community (Art. 6(1)(f)).
Live online sessions (Q&As, group calls, online workshops) are recorded so participants can watch replays. The recording captures audio, video and chat of those who participate visibly.
Why: legitimate interest in making sessions available to participants who couldn’t attend live (Art. 6(1)(f)). You are told at the start of each session that recording is on. You can keep your camera off, mute yourself, rename yourself, or participate by chat only. If we want to use a recognizable clip of you for anything promotional, we will ask you separately first.
For retreats and some in-depth programs we ask intake questions before confirming your place. Your answers may include information about your emotional and physical wellbeing, current life circumstances, and previous experience with this kind of work. Some of this is health-related data, which the GDPR treats as a special category.
Why: to assess together whether the program is right for you at this moment, and to allow the facilitators to hold the group well. The legal basis is your explicit consent (Art. 9(2)(a)), which you give when submitting the intake form. You can withhold or withdraw it — though without an intake we may not be able to confirm your participation in certain programs.
Intake answers are read only by the facilitators of that program. They are never shared with other participants and never used for marketing. They are deleted within twelve months after the program ends, unless you ask us to keep them for a future program.
We sometimes use AI tools (Anthropic’s Claude) to help summarize session transcripts and to help prepare intake assessments for the facilitators’ review. The AI output is a working document for the facilitator — decisions about participation are always made by a person, never by the system. Data sent to these tools is processed under a data processing agreement and is not used by the provider to train its models.
Why: legitimate interest in preparing sessions and intakes carefully and efficiently (Art. 6(1)(f)); for intake data, this happens within the scope of the explicit consent described in 3.5. If you’d rather your intake not be processed this way, say so in the form and a facilitator will read it directly instead.
Standard technical data (IP address, browser, pages visited) and cookies. Strictly necessary cookies run on legitimate interest; analytics and any marketing cookies run only with your consent via the cookie banner. See the cookie notice on the site for the current list.
We never sell personal data. We share it only with processors who help us run Songdance:
Some of these providers are in the United States. Where data leaves the EEA, transfers are covered by the EU–US Data Privacy Framework or the European Commission’s Standard Contractual Clauses.
You have the right to access your data, correct it, have it deleted, restrict or object to its processing, take it with you (portability), and withdraw any consent you’ve given — withdrawal doesn’t affect processing that already happened.
To use any of these rights, email info@songdance.co. We respond within one month. We may ask you to confirm your identity first; that’s to protect your data, not to slow you down.
If you believe we’re handling your data wrongly and we can’t resolve it together, you can complain to the Belgian Data Protection Authority:
Gegevensbeschermingsautoriteit / Autorité de protection des données
Drukpersstraat 35, 1000 Brussels
Our programs and website are intended for adults. We do not knowingly collect data from anyone under 18.
When we change this policy in any meaningful way, we’ll update the date at the top and, for significant changes, tell active customers by email. The current version always lives at songdance.co/privacy.
No spam, no fixed schedule. Easy to leave.
Thank you. We'll be in touch when there's something worth sending.