Privacy Policy

“There are all kinds of ways to challenge ourselves. Some people do it by climbing a mountain or scuba diving. The most profound and challenging ordeals is to drink Ayahuasca. It is in a way the ultimate adventure.”

– Graham Hancock

Privacy Policy

Effective Date: May 1, 2026
Last Updated: May 1, 2026

This Privacy Policy describes how The Retreat Safety Project, Inc. (“we,” “us,” or “the nonprofit”) collects, uses, and shares information when you visit bestretreats.co or use our services.

1. Who We Are

The Retreat Safety Project, Inc. is a Missouri nonprofit corporation, recognized by the IRS as a tax-exempt public charity under Section 501(c)(3). The nonprofit operates the public website at bestretreats.co. References in this policy to “Best Retreats” refer to the website and services operated by the nonprofit.

The nonprofit acts as the data controller for personal information collected through this site.

2. Information We Collect

We collect personal information in three specific situations:

Email submissions. When you sign up for our pre-retreat readiness checklist or other email lists, we collect your email address. We do not require additional information.

Incident reports. When you submit a retreat incident report through our reporting form, we collect whatever information you choose to provide. The form allows anonymous submissions; you may submit a report without providing your name, email, or any identifying information. If you do provide contact information, we may use it to follow up regarding the report.

Direct correspondence. When you contact us by email or messaging, we receive whatever information you include in your message.

We do not collect personal information through site browsing alone, beyond standard analytics described below.

3. Automatic Information

When you visit the site, certain non-personal information is collected automatically by hosting infrastructure and analytics tools, including:

  • IP address (collected by hosting and security infrastructure)
  • Browser type and version
  • Device type and operating system
  • Pages visited and time spent
  • Referring website
  • Date and time of visit

This information is used to operate the site, analyze usage trends, and improve user experience.

4. How We Use Information

We use information for the following purposes:

  • To operate, maintain, and improve the website
  • To respond to your inquiries and incident reports
  • To send the requested checklist or other materials you have signed up to receive
  • To investigate retreat incidents reported through our form
  • To analyze website usage and trends
  • To comply with legal obligations
  • To protect the integrity of the nonprofit’s research and the safety of the people we serve

We do not use information for advertising, retargeting, or commercial purposes unrelated to the nonprofit’s mission.

5. Third-Party Service Providers

We use the following third-party services that may receive personal information:

  • Mailchimp (Intuit Inc., USA): processes email signups for our pre-retreat readiness checklist and any future mailings
  • Google Forms (Google LLC, USA): processes incident report submissions
  • Google Analytics (Google LLC, USA): collects analytics data about site visits
  • Namecheap EasyWP (Namecheap, Inc., USA): hosts the website
  • ShortPixel (ShortPixel SRL, Romania): provides image optimization and CDN delivery

Each of these providers operates under its own privacy policy and may transfer data to or process data in jurisdictions outside your own. Their use of any information they receive is subject to their own privacy practices.

6. Information Sharing

We do not sell, rent, or trade personal information.

We may share information in the following limited circumstances:

  • With service providers listed above, only as necessary to operate the site and services
  • For legal compliance, when required by law, valid legal process, or to protect rights, property, or safety
  • In connection with research and incident publication, where the information has been provided through an incident report and the reporter has not requested confidentiality. We do not publish reporter identities without explicit permission. We may publish aggregated, anonymized incident data and patterns of complaint without identifying individuals.
  • With successor organizations, in the event the nonprofit’s operations are transferred or restructured, subject to the same protections described here

7. Cookies and Tracking

We use cookies and similar tracking technologies for the following purposes:

  • Functional cookies required for the site to operate (login, security)
  • Analytics cookies through Google Analytics to understand site usage
  • Performance cookies through caching and CDN providers to deliver content efficiently

We do not use advertising or marketing tracking cookies. You can manage cookie preferences through your browser settings.

8. Data Retention

We retain personal information only as long as needed for the purposes described in this policy:

  • Email signups: retained until you unsubscribe or request deletion
  • Incident reports: retained as part of our research records, with identifying information separable from the report content where possible
  • Correspondence: retained for record-keeping and to respond to follow-up inquiries
  • Analytics data: retained according to Google Analytics default retention settings

9. Your Rights

Depending on your location, you may have rights including:

  • Access: the right to know what personal information we hold about you
  • Correction: the right to request correction of inaccurate information
  • Deletion: the right to request deletion of your personal information, subject to our legal and operational obligations
  • Restriction or objection: the right to restrict or object to certain uses of your information
  • Data portability: in some jurisdictions, the right to receive your data in a portable format

If you are located in the European Economic Area, the United Kingdom, California, or other jurisdictions with applicable privacy laws, you may have specific additional rights under the GDPR, UK GDPR, CCPA, or other regulations. We will honor those rights to the extent required by applicable law.

To exercise any of these rights, contact us at contact@bestretreats.co. We will respond within a reasonable time, generally within 30 days.

10. International Data Transfers

The nonprofit operates from the United States with research staff located internationally. Information you provide may be transferred to, stored in, or processed in the United States and other countries where our service providers operate. By using the site, you acknowledge that your information may be processed in jurisdictions that may have different data protection laws than your own.

11. Children’s Privacy

This site is not intended for children under the age of 13, and we do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it. If you believe we have collected information from a child, contact us at contact@bestretreats.co.

12. Data Security

We implement reasonable technical and organizational measures to protect personal information, including secure hosting, encrypted connections (HTTPS), and access controls on internal systems. No method of internet transmission or electronic storage is fully secure, and we cannot guarantee absolute security.

If we become aware of a security incident affecting personal information, we will respond in accordance with applicable law, including notification where required.

13. Confidentiality of Incident Reports

We treat incident reports submitted through our reporting form with care and discretion. Reporters who provide their identity are not disclosed to the retreat center named in their report. Our research team handles reports internally as part of our nonprofit safety mission. Where we publish information based on reports, we do so without identifying the reporter unless they have explicitly authorized identification.

This commitment is described in more detail on our incident reporting page.

14. Third-Party Links

Our website contains links to third-party websites, including retreat center websites and external resources. We are not responsible for the privacy practices of those sites. Review the privacy policies of any third-party site you visit.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last Updated” date above and post the revised policy on this page. Significant changes will be communicated through the site or directly to known contacts. Continued use of the site after changes constitutes acceptance of the revised policy.

16. Contact Us

For questions about this Privacy Policy, to exercise your data rights, or to request information about how we handle your data:

The Retreat Safety Project, Inc.
Email: contact@bestretreats.co
WhatsApp: +57 321 791 9088

The nonprofit’s mailing address of record is on file with the State of Missouri and the IRS. For physical mail, contact us by email and we will provide the appropriate address for your matter.

The Retreat Safety Project, Inc. is a 501(c)(3) nonprofit organization recognized by the IRS. EIN: 41-5114645.

Sign In

Forgot password?

Register

Reset Password

Please enter your username or email address, you will receive a link to create a new password via email.