Privacy statement (GDPR)

General information

The following information give an overview which personal data we collect in which occassions and how we deal with them.

We collect personal data (e.g. name, address, email address, date of birth etc.) only if there is an interest that is legitimate for the association. This can be for example the contact by an interested person, the registration for a meditation course, contact with a member of the association, the management and financial accounting of the association, compliance with legal obligations or other activities for performing the aims of the association which are defined in the constitution of the association.

We have disabled data collections, which are not relevant to us, such as for example statistics through the website provider, as far as possible and to the best of our knowledge. For some providers, a disabling of so-called “success measurements” (e.g. MailChimp) is not possible in the free version. We will point out in the following.

Data transfer in the Internet (e.g. communicating by email) may have security vulnerabilities. A complete protection of data against access by third parties is not possible. We take the protection of personal data very seriously and treat personal information confidentially and according to data protection legislation and this privacy policy.

Name and address of the body responsible for data processing

 

Carmen Karsters

Blankenstraat 38

1018SH Amsterdam

The Netherlands

info@vipassana-nederlands.org

(“subject” in the following text)

 

What rights do you have concerning your data?

You have the right to receive information about origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to require correction, blocking or deletion of these data. Should you have given your consent for certain data processing operations, you may revoke it at any time. For this purpose, as well as to further questions on the subject of data protection you can contact us at any time at the above address.

However there is a legitimate interest of the association, to keep certain data (e.g. for chronicle, statistics, etc.).

Furthermore a right of appeal to the competent supervisory authority is possible in case of data protection and privacy violations. This is the Regional Commissioner for data protection and the right to inspection of Brandenburg.[*]

Cooperation with subcontractors and third parties

If we disclose information to other people and businesses during our processing, send to them or otherwise provide them access to the data, this is done only on the basis of a legal permit (e.g. if the data submission to third parties, as for example payment service providers, is required by law according to Article 6 par. 1 lit. b DSGVO), if you have given your consent, if there is a legal obligation or on the basis of our vested interests (e.g. for the use of agents, web hosting providers etc.).

If we hire third parties to process data on the basis of a so-called “processing agreement contract”, this is done on the basis of article 28 DSGVO.

Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European economic area (EEA)) or third-party disclosure, or transfer of data to third parties this is only done to meet our (pre-)contractual obligations, upon your consent, due to a legal obligation or on the basis of the legitimate interests of the subject.

Data collection on our website

Our webpage has been created with Jimdo. Jimdo is an online service with which you can create a webpage with the help of a so-called “modular system”. We have disabled features that track the usage patterns of the website visitor, such as for example the statistics function. We do not use an embedded contact form and instead ask interested persons to get in contact directly via email or telephone. Nevertheless, data might be collected automatically by the IT systems.

We have concluded a so-called order data processing agreement (AV contract) with Jimdo in which Jimdo assures to protect data collected in accordance with the applicable laws and regulations and not to disclose to any third party. It is possible to see the data protection declaration of Jimdo and download the standard AV contract.

The provisions for the use of cookies can be read in the cookie policy (see below).

Contact and email

If you contact us via email, your requests including the contact data specified by you are stored in our Google account for the purpose of processing the request and for the case of follow-up questions. We do not share this data without your consent. If you wish, that this data will be deleted, please tell us. We delete the requests, if they are no longer necessary or if the basis for the legitimate interest of the association will be void. We periodically review the necessity.

Only the Board of Directors[*] of the subject has access to the Google[*] account with email account and contact list.

[*]For details of our email- and contact program Gmail or Google, please refer to the privacy policy of Google.

Newsletter

We have an email (newsletter) through which we send out information about meditation courses, ceremonies, topics of the association and other activities related to our association, the meditation centre and the teachers in our tradition. Therefore your first and last name and the email address is added to our MailChimp account (see below) as well as to our Google account.

There are several ways to sign up for the newsletter:

a) handwritten entry on a form in one of our events

b) request for the inclusion in the registration form (for visitors of a meditation course)

c) automated registration through our webpage

By your subscription to our email list, you agree with the reception and the procedures. If the subscription is not done by one of the personal ways (a and b), but by the registration on our webpage, this is done in the so-called single opt-in procedure. The entries in the email list are recorded to prove the registration process according to the legal requirements.

The sending of the newsletter and the performance measurement associated with it through MailChimp (see below) are based on a consent of the recipient as per article 6 par. 1 lit. a, article 7 DSGVO i.V.m § 7 par. 2 No. 3 UWG or if a consent is not required, on the basis of our vested interests in direct marketing as per article 6 par 1 lt. f. DSGVO i.V.m. § 7 par 3 UWG.

If you don’t wish further information, you can unsubscribe at any time at the end of each newsletter with a single click. You can also send an e-mail to the subject. Only the Board of Directors[*] of the subject has access to this data. We can save the swept email address before we delete it to prove a consent formerly given, up to three years on the basis of our legitimate interests. The processing of these data is limited to the purpose of a possible defense of claims. An individual application for cancellation is possible at any time, provided that at the same time, the former existence is confirmed consent.

MailChimp

For most of our bulletins, announcements and newsletters, we use MailChimp´s services. Provider is the rocket science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

MailChimp is a service with which the sending of newsletters can be organized and analyzed. When you enter data for the purpose of receiving the newsletter (first and last name, email address, language) they are stored on the servers from MailChimp in the United States.

MailChimp is used on basis of our legitimate interests according to article 6 par 1 lit. f. DSGVO. Furthermore, we have completed a job processing contract with MailChimp. The MailChimp privacy policy can be viewed and the standard AV contract can be downloaded and viewed.

MailChimp has a certificiation under the privacy shield agreement and this offers a guarantee to comply with the European data protection level.

Bulletins can be analyzed with the help of MailChimp. When you open an email sent with MailChimp, a contained file in the email (so called web beacon) connects to the servers from MailChimp in the United States. Like this it can be determined, whether a message was opened and which links have been clicked on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type, and operating system). This information cannot be associated with the respective receiver. They serve exlusively the statistical analysis of the mailings. The results of these analyses can be used to adapt future bulletins to the interests of the recipients.

If you do not want an analysis by MailChimp, you must unsubscribe from the email list. For this purpose we provide a link in each round mail. In addition, you can always send an email to the subject and ask for cancellation. The withdrawal shall be without prejudice to the legality of already existing data processing operations.

The data stored by you with us for the purpose of the newsletter will be stored by us until your removal from the email list and deleted after the cancellation of both our Google account and our MailChimp account. Data saved for other purposes with us (such as email addresses for the members area, data of students) remain unaffected.

Stay at the meditation centre

People who are staying overnight at the meditation centre fill out a registration form. We require this information so that you can participate in the course and we are informed about personal characteristics that are relevant to the course.

Processed data include inventory and master data of students (e.g. name, address, date of birth etc.), contact information (e.g. email address, telephone etc.) and the contract data (e.g. previously attended courses, names of contact persons, time of your stay, duration etc.). In the course of our statutory activity, we use also special categories of data according to article 9 par 1 DSGVO, in particular information on the health of the client, if necessary with reference to their sex or sexual orientation, ethnic origin or religious or ideological beliefs.

The master and contact data as well as partial contract data are saved in our contact database for the purpose of later contacts, for donation certificates, in the framework of the implementation of our statutory duteis, as well as for activity report to authorities.

The contact file is password protected and only the Board of Directors of thesubject has access and possibly helpers acting on behalf of the association.

The special categories of data as per article 9 DSGVO par 1 are not digitally captured and stored, but filed in paper form and are usually only accessible for the Executive Board and persons directly related with the activity (e.g. teachers, assistants). They are stored safely up to 20 years in paper form.

If it is necessary for carrying out our statutory activity or if ti should be required by law, we reveal the data in order to communicate with other professionals, teachers, as well as necessary involved third parties, if it is necessary to provide our services, if it is prescribed by law, if it is within the framework of the legitimate interests of us or the participant or if it is necessary to protect vital interests of participants or another natural person, or in order to a consent. In other cases we do not disclose any personal data to third parties without personal consent or request.

Photos

We do not publish photos on the internet[*] (for example on the webpage or other social platforms). For documentary purposes we take pictures at regular intervals during the meditation classes, helper days and larger events. These images might be given to the respective participants stating not to publish them online and to use only for private purposes. Furthermore, we produce a yearbook for the identification of activities and to report on the development of the meditation centre in our main monastery in Thailand once a year. A copy of the yearbook can be seen in the meditation centre. It serves as a chronicle of the association life.

At larger events we point out in the invitation, that it is common in association events, that pictures are made to capture the association life. So people who do not want pictures to be done have the possibility to decide in advance to stay away from the event or deliberately to avoid group pictures.

If other guests or participants privately make pictures and then publish them in a different way, that eludes the sphere of influence of the association and no responsibility can be taken for this.

Cookie Policy

With this cookie policy, we would like to inform you about the use of cookies or similar storage technologies (hereinafter “cookies”) on our websites.

What are Cookies?

Cookies are small text files that are stored by your browser on your device to save certain information or image files, such as pixels. The next time you visit our website on the same device, the information saved in the cookies will subsequently be transmitted either to our website (“First Party Cookie”) or to another website to which the cookie belongs (“Third Party Cookie”).

Through the information saved and returned, the respective website recognizes that you have already accessed and visited it with the browser you use on that device. We use this information to be able to design and display the website in an optimum way in line with your preferences.

In that respect, only the cookie itself is identified on your device. Beyond this extent, your personal data will only be saved upon your express consent or if it is strictly necessary to be able to use the service offered to and accessed by you accordingly.

Consent to the use of Cookies

Cookies that are not absolutely necessary to make the services available on our website are only used when we receive your consent. As soon as you actively use our website by continuing to use our website after the cookie banner has been displayed, you consent to the use of cookies.

You can, of course, customize your cookie settings at any time, for example by activating or deactivating individual cookie categories.

You can find out how to deactivate or delete cookies in general (i.e. including the essential cookies) in your browser can be found under the last point this Cookie Policy.

Cookie Categories

We divide the cookies we use into the following categories based on their purpose and function:

  • Strictly Necessary Cookies;
  • Functional Cookies;
  • Performance Cookies; as well as
  • Marketing / Third Party / Consent Based Cookies

STRICTLY NECESSARY COOKIES

Strictly necessary cookies guarantee functions without which you cannot use our web pages and service as intended. These cookies are used exclusively by us and are therefore first party cookies. This means that all information stored in the cookies will be returned to our website.

Strictly necessary cookies serve, for example, to ensure that you as a registered user always remain logged in when accessing various subpages of our website and thus do not have to re-enter your login data every time you access a new page.

The following strictly necessary cookies are used on our website:

Name Purpose Term
ckies_functional Opt-out for functional cookies 1 year
ckies_performance Opt-out for performance cookies 1 year
ckies_marketing Opt-out for marketing/third party/consent based cookies 1 year

The use of strictly necessary cookies on our website is possible without your consent. For this reason, strictly necessary cookies cannot be activated or deactivated individually. However, you can deactivate cookies in your browser at any time.

The legal basis for the use of these first party cookies is our legitimate interest (i.e. interest in the analysis, optimization and economic operation of our website and services) within the meaning of Art. 6 (1) (f) GDPR).

FUNCTIONAL COOKIES

Functionality cookies enable our website to store information already provided (such as registered name or language selection) and to offer you improved and more personalized functions based on this information. These cookies collect and store only anonymous information so that they cannot track your movements on other websites.

The following functional cookies are used on our website:

Name Purpose Term
cookielaw Store information if cookie banner was dismissed 1 year
shd Will be set during the login process 1 year
has_close_teaser Indicates whether the user has closed a Teaser so that it shall not be displayed to them once more. Session

You can opt out of using Functional Cookies at any time by adjusting your Cookie Settings accordingly.

PERFORMANCE COOKIES

Performance cookies collect information about how our websites are used in order to improve their attractiveness, content and functionality. These cookies help us, for example, to determine whether and which subpages of our website are visited and in which content users are particularly interested. In particular, we record the number of visits to a page, the number of subpages accessed, the time spent on our website, the order of the pages visited, which search terms led you to us, the country, region and, if applicable, the city from which access is made, and the proportion of mobile devices accessing our websites. The IP address of your computer transmitted for technical reasons is automatically made anonymous and does not allow us to draw any conclusions about the individual user.

The Jimdo user also has the right to object to the processing of personal data that is used for statistical purposes in accordance with Art. 89 para. 1 GDPR for reasons that arise from the particular situation of the user in question. In order to exercise the aforementioned and other data subject rights, the affected party may, at any time, contact Jimdo via the contact address provided in the imprint or privacy policy.

The following Performance cookies are used on our website:

Name Purpose Term

You can opt out of using Performance Cookies at any time by adjusting your Cookie Settings accordingly.

MARKETING / THIRD PARTY / CONSENT BASED COOKIES

Marketing / Third Party / Consent Based Cookies originate from external advertising companies (among others) and are used to gather information about the websites visited by the user, in order to e.g. create targeted advertising for the user.

The following Marketing / Third Party / Consent Based Cookies are used on our website:

Name Purpose Term
__utma Jimdo statistics (Google Analytics) 2 years
__utmb Jimdo statistics (Google Analytics) 1 day
__utmc Jimdo statistics (Google Analytics) Session
__utmz Jimdo statistics (Google Analytics) 6 months
__utmt_b Jimdo statistics (Google Analytics) 1 day

You can withdraw your consent to the use of Marketing / Third Party / Consent Based Cookies individually at any time with effect for the future by adjusting your Cookie Settings accordingly.

Due to the described uses (see § 6. a.), the legal basis for the processing of personal data using cookies is set out in Article 6 (1) lit. f GDPR. Where the Jimdo user / visitor has given us consent to the use of cookies on the basis of a notice given by us on our websites (“cookies banner”), the legality of the use is additionally governed by Art. 6 (1) sentence 1 lit. a GDPR.

Administration and deletion of cookies

You can set your web browser in such a way that cookies are generally prevented from being saved to your device and/or that you are asked each time whether you are in agreement with cookies being enabled. You can also at any time delete cookies that have been enabled again. You can find out how all this works in detail from your browser’s help function.

Please note that generally deactivating cookies may lead to functional restrictions of our website.