Heather Kauffer Enterprises, LLC

dba Supersonic Priestess

PRIVACY POLICY

Effective Date: April 3, 2026

Last Updated: April 3, 2026

Heather Kauffer Enterprises, LLC, operating under the brand name Supersonic Priestess ("Company," "we," "us," or "our"), located at 1205 Curlew Rd., Dunedin, Florida 34698, is committed to protecting the privacy and personal information of our clients and website visitors. This Privacy Policy explains how we collect, use, protect, and share personal information when you visit our website, register for programs, purchase our services, or communicate with us — including via SMS/text messaging.

Please read this Privacy Policy carefully. By using our website or services, you agree to the terms described herein. We may update this policy from time to time; updates become effective immediately upon posting with a revised effective date. Your continued use of our website or services constitutes your acceptance of any changes.

1. Information We Collect

We collect information from you in several ways when you interact with our website, register for programs, purchase services, schedule calls, or communicate with us.

Personal Data

Personal data is information that identifies you specifically, including your name, email address, phone number, mailing address, or other demographic details. You provide this information voluntarily through forms, applications, registrations, scheduling tools (e.g., Calendly, Google Forms), or surveys on our website. You are under no obligation to provide this information, but your refusal may prevent you from accessing certain services or making purchases.

Derivative Data

Our servers automatically collect certain technical information when you access our website, such as your IP address, browser type, device type, operating system, dates and times of access, and the specific pages you view. This data may also be collected by third-party analytics providers via cookies, log data, or web beacons, and generally does not identify a specific individual.

Financial Data

We collect payment-related information solely to process purchases. Payment transactions are handled by our secure, PCI-compliant third-party payment processors. We store only the minimum financial data necessary to conduct business. You should review your payment processor's privacy policy for details on how they handle your financial information.

Mobile Device Data

If you access our website or services via a mobile device, we may collect information about your device including device ID, model, manufacturer, and general location data.

Communications Data

If you contact us via email, phone, web forms, or SMS/text messaging, we collect the content of those communications along with your contact details in order to respond and provide support.

Other Data

On occasion, you may provide additional data to enter a contest, participate in a giveaway, or complete a survey. You will be clearly notified when this applies.

2. When and How We Collect Information

We collect information when you:

Fill out a form, application, or registration on our website

Schedule a call or appointment (e.g., via Calendly or Google Forms)

Make a purchase or request a service

Subscribe to our newsletter or email list

Opt in to receive SMS/text message communications

Contact our support team by phone, email, or messaging

Participate in surveys, contests, programs, or giveaways

3. How We Use Your Information

We use the information we collect to serve our legitimate business interests, fulfill contractual obligations to you, and communicate with you effectively. Specifically, we may use your information to:

Process registrations, applications, and purchases

Schedule calls, sessions, and communicate about our services

Deliver digital products and coaching/wellness services you have purchased

Send appointment reminders, program updates, service notifications, and receipts

Send SMS/text messages you have explicitly opted into receiving

Send newsletters, marketing updates, and promotional offers (you may opt out at any time)

Improve our offerings, website, and client experience

Respond to inquiries and provide customer support

Resolve disputes and troubleshoot problems

Comply with applicable federal and Florida state legal obligations

Prevent fraudulent activity and protect the security of our systems

Analyze trends to improve our website and services

4. SMS / Text Message Privacy & Consent

This section governs how we collect, use, and protect information related to SMS and text message communications. This policy is written to comply with A2P 10DLC carrier regulations, the Telephone Consumer Protection Act (TCPA), and applicable FCC guidelines.

IMPORTANT COMPLIANCE STATEMENT: No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. Information sharing to subcontractors in support services, such as customer service, is permitted. All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Text messaging originator opt-in data and consent will not be shared with any third parties, except for aggregators and providers of the Text Message services necessary to deliver SMS communications.

Two Types of SMS Consent

Supersonic Priestess / Heather Kauffer Enterprises, LLC operates two distinct SMS consent tracks. Consent for one type does NOT imply consent for the other. Messages are only sent based on the specific consent provided.

Consent Type 1 — Non-Marketing (Transactional) Messages

Checkbox Language: I consent to receive text messages from Heather Kauffer Enterprises, LLC (Supersonic Priestess) related to masterclass registration confirmations and reminders, program enrollment details, onboarding instructions, follow-up communications, and customer support messages regarding health, wellness, and spiritual education services. Message frequency may vary. Message & data rates may apply. Text HELP for assistance. Reply STOP to unsubscribe at any time.

Non-marketing messages may include:

Masterclass and program registration confirmations

Session reminders and scheduling confirmations (24-48 hours in advance)

Program enrollment details and onboarding instructions

Post-session follow-up and support communications

Account and payment confirmation messages

Customer support responses

Consent Type 2 — Marketing (Promotional) Messages

Checkbox Language: I agree to receive marketing text messages including Promotional Discounts & Deals, New Program Announcements, Special Offers, Educational Content Updates, Customer Loyalty Rewards, Referral Incentives, and Re-Engagement Promotions from Heather Kauffer Enterprises, LLC (Supersonic Priestess). Message frequency varies; msg & data rates may apply. Text HELP for help, STOP to opt out.

Marketing messages may include:

Special offers, discounts, and seasonal promotions

New program and service announcements

Educational content updates and wellness tips

Customer loyalty rewards and referral incentives

Re-engagement and winback offers

Consent Rules

Consent checkboxes are always optional — they are never pre-checked and are never required to submit a form

Messaging is ONLY sent based on the specific checkbox a user selects

Consent for non-marketing messages does not imply consent for marketing messages, and vice versa

Consent is collected at the point of form submission on our website

Message Frequency

Message frequency varies based on your program enrollment and preferences. Non-marketing messages are sent as needed based on your scheduled activities. Marketing messages may be sent up to 4 times per month. Standard message and data rates may apply. Contact your wireless provider with questions about your data plan.

Opt-Out Instructions

You may stop receiving text messages at any time by replying STOP to any message we send. Upon receiving your STOP request, we will send one final confirmation message and immediately cease all further SMS communications to your number. If you wish to re-subscribe, you may sign up again as you did originally, and messages will resume.

HELP Keyword

For assistance with our SMS program, reply HELP to any message or contact us directly at [email protected]. We will respond promptly.

Carrier Disclaimer

Carriers are not liable for delayed or undelivered messages. If you experience issues receiving messages, please contact [email protected] or reply HELP.

5. Data Sharing — We Do Not Sell Your Data

Heather Kauffer Enterprises, LLC does not sell, trade, rent, or transfer your personally identifiable information to outside parties for marketing or promotional purposes. Your data will never be sold, exchanged, or given to any other company for any reason without your consent, other than as strictly necessary to deliver services you have requested.

No Mobile Information Shared for Marketing

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes.

Limited Sharing With Service Providers

We may share your information with trusted third-party service providers who assist us in operating our website, processing payments, or delivering services — provided those parties agree to keep your information confidential and use it only for the specific purpose for which it is shared. These providers include:

Payment processors — solely to process your payments securely

Email service providers — solely to send communications you have opted into

Scheduling platforms (e.g., Calendly) — solely to facilitate appointment booking

Website hosting services — solely to host and maintain our website

SMS aggregators and carriers — solely to deliver text messages you have opted into receiving; SMS opt-in data is never shared beyond what is necessary for message delivery

CRM platforms — solely to manage client records and communications

Other Permitted Disclosures

We may also disclose your information only in the following limited circumstances:

As required by law or to comply with a valid legal process (e.g., subpoena, court order)

When necessary in good faith to protect our legal rights, your safety, or the safety of others

To investigate or prevent fraud or security threats

In connection with a merger, acquisition, or sale of assets — in which case the successor entity's privacy policy will govern

6. Cookies and Tracking

Our website may use cookies — small files placed on your device — to enhance your browsing experience, analyze site traffic, and support marketing efforts. We may use both first-party and third-party cookies, including analytics cookies (e.g., Google Analytics) and advertising cookies (e.g., Facebook Pixel).

You can manage cookie preferences through your browser settings at any time. You may choose to be notified when a cookie is being set or disable cookies entirely. Note that disabling cookies may limit certain features of our website.

To opt out of Google Analytics, install the Google Analytics opt-out browser add-on at: https://tools.google.com/dlpage/gaoptout

7. Data Security

Heather Kauffer Enterprises, LLC takes the security of your personal information seriously and implements reasonable administrative, technical, and physical safeguards to protect it from unauthorized access, use, alteration, or disclosure. Our security practices include:

Secure Socket Layer (SSL) / TLS encryption for all data transmitted through our website

Restricted access to personal data, limited to authorized personnel only

All payment transactions processed through secure, PCI-compliant third-party gateways — financial data is not stored on our servers

Regular review of our data collection, storage, and processing practices

Prompt investigation and notification of any known data breach that may pose risk to you

While we implement all reasonable security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information, and your transmission of data to us is at your own risk.

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes described in this Privacy Policy, comply with applicable legal obligations under federal and Florida state law, resolve disputes, and enforce our agreements. Specifically:

Account and purchase records are retained for the duration of our business relationship and as required by applicable law

Marketing and communications data is retained until you opt out or request deletion

SMS opt-in consent records are retained as required to demonstrate compliance with A2P 10DLC carrier regulations and the TCPA

Data collected for specific, limited purposes (e.g., a survey or giveaway) is deleted once that purpose is fulfilled

When your data is no longer needed, we will securely delete or anonymize it. You may request deletion of your data at any time by contacting [email protected].

9. Your Rights

You have the following rights with respect to your personal data. To exercise any right, please contact us at [email protected]. We may ask you to verify your identity before fulfilling your request.

Access and Confirmation

You have the right to request confirmation of what personal data we hold about you, how it is used, and whether it is shared with third-party service providers.

Correction

You have the right to request correction of any inaccurate or incomplete personal data we hold about you.

Deletion

You have the right to request deletion of your personal data. We will delete your data without undue delay, subject to exceptions required by law or necessary for the exercise or defense of legal claims.

Copy of Your Data

You have the right to request a digital copy of the personal data we hold about you. Your first request will be provided free of charge; subsequent requests may incur a reasonable fee.

Opt-Out of Marketing Communications

You may opt out of marketing emails at any time by clicking the unsubscribe link in any email, or by contacting us directly. You may opt out of SMS marketing messages at any time by replying STOP.

Restriction of Processing

In certain circumstances, you may request that we restrict the processing of your data, such as when you contest its accuracy or have objected to its use pending verification.

Complaints

If you believe we have misused your data or violated your rights, you have the right to file a complaint with us directly or with a relevant regulatory or data protection authority.

10. Florida Privacy Rights

Heather Kauffer Enterprises, LLC is a Florida limited liability company headquartered in Dunedin, Florida. We operate in compliance with applicable Florida privacy and data protection laws, including:

Florida Information Protection Act (FIPA) — Fla. Stat. § 501.171

FIPA requires businesses that collect personal information of Florida residents to take reasonable measures to protect that data and to notify affected individuals of a data breach without unreasonable delay (and no later than 30 days after determination of a breach). In the event of a breach affecting your personal information, we will:

Notify you by email within 30 days of determining that a breach has occurred

Notify the Florida Department of Legal Affairs if the breach affects more than 500 Florida residents

Provide you with information about what data was affected and steps you can take to protect yourself

Florida Deceptive and Unfair Trade Practices Act (FDUTPA) — Fla. Stat. §§ 501.201-501.213

We operate in compliance with FDUTPA, which prohibits unfair or deceptive acts or practices in the conduct of trade or commerce. We do not engage in deceptive data collection practices, and we honor all privacy commitments stated in this policy.

Telephone Consumer Protection Act (TCPA) — Federal

We comply with the TCPA, which governs automated or pre-recorded telephone calls and text messages to cell phones. We only send SMS messages to individuals who have provided explicit prior written consent. We maintain records of all SMS consent obtained and honor all opt-out requests immediately.

11. California Privacy Rights (CCPA)

Although Heather Kauffer Enterprises, LLC is a Florida business, we may serve clients who are California residents. In compliance with the California Consumer Privacy Act of 2018 (CCPA), Cal. Civ. Code §§ 1798.100 et seq., California residents have the following rights:

The right to know what personal information we have collected about you and how it is used and shared

The right to request deletion of your personal information, subject to certain exceptions

The right to opt out of the sale of your personal information (we do not sell personal data)

The right to non-discrimination for exercising your CCPA rights

To exercise any CCPA right, California residents may contact us at [email protected]. We will respond within the timeframes required by law. We DO NOT sell personal data. California residents may contact us to explicitly request to opt out of any future sale of their data, should our policies ever change.

12. Children's Privacy (COPPA)

Heather Kauffer Enterprises, LLC does not knowingly collect personal information from children under the age of 13. Our website and services are not directed at children under 13. If we learn that we have inadvertently collected information from a child under 13, we will delete it promptly. If you believe we may have collected such information, please contact us immediately at [email protected].

13. Legal Grounds for Processing Your Data

Legitimate Business Interests

We process your data where necessary to operate our business, communicate with you, deliver our services, and improve our offerings — consistent with your reasonable expectations.

Performance of a Contract

We process your data to enter into and perform our contractual obligations to you, including delivering coaching services, wellness programs, and digital products, and processing payments.

Consent

For SMS messaging, marketing communications, and certain data processing activities, we process your data based on your explicit consent. You may withdraw your consent at any time by contacting us or using the opt-out mechanisms described in this policy. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Legal Obligation

We may process your data as required to comply with applicable federal law (including TCPA, CAN-SPAM, COPPA) and Florida state law (including FIPA and FDUTPA).

14. Fair Information Practices & Data Breach Notification

In the event of a data breach that exposes your personal information to unauthorized access or risk:

We will notify affected users by email within 7 business days of becoming aware of the breach

If the breach affects Florida residents, we will comply with all FIPA notification requirements (Fla. Stat. § 501.171), including notifying the Florida Department of Legal Affairs if more than 500 Florida residents are affected

We support your right to pursue legally enforceable remedies against data collectors or processors who fail to adhere to applicable law

15. CAN-SPAM Act Compliance

In compliance with the CAN-SPAM Act (15 U.S.C. § 7701 et seq.), all commercial emails we send will:

Use accurate and non-deceptive subject lines and sender information

Clearly identify the message as commercial communication where applicable

Include our valid physical business address: 1205 Curlew Rd., Dunedin, Florida 34698

Include a clear and functioning mechanism to unsubscribe from future emails

Honor all unsubscribe requests promptly (within 10 business days)

To unsubscribe from email communications, click the unsubscribe link in any email we send, or contact [email protected] directly.

16. International Data Transfers

Our website is hosted on servers located in the United States. If you reside outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States. Privacy laws in the United States may differ from those in your country. By using our website and providing us with your information, you consent to this transfer and processing. We take all reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy.

17. Changes to This Policy

We reserve the right to update or modify this Privacy Policy at any time in response to legal changes, regulatory requirements, or business changes. All updates will be posted to this page with a revised effective date. Your continued use of our website or services after any changes are posted constitutes your acceptance of the updated policy. We encourage you to review this policy periodically to stay informed.

18. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, or to exercise any of your rights described herein, please contact us:

Heather Kauffer Enterprises, LLC

dba Supersonic Priestess

1205 Curlew Rd., Dunedin, Florida 34698

Email: [email protected]

Website: www.supersonicpriestess.com

© Copyright 2026 Heather Kauffer Enterprises, LLC dba Supersonic Priestess. All rights reserved.

This Privacy Policy was prepared in compliance with A2P 10DLC carrier regulations, TCPA, CAN-SPAM, COPPA, Florida Information Protection Act (Fla. Stat. § 501.171), Florida Deceptive and Unfair Trade Practices Act (Fla. Stat. §§ 501.201-501.213), and California Consumer Privacy Act (CCPA). This document does not constitute legal advice. Consult a qualified attorney for legal guidance specific to your situation.