Osho Leela, Policy Completed: 01/07/2021
The type of personal information we collect
We currently collect and process the following information:
- When you browse our website we collect the Internet protocol (IP) address used to connect your computer to the Internet.
- If you perform a transaction such as a booking an event then we collect additional information such as name, email and phone number.
- We may use analytics tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you when you make a booking, contact us, or subscribe to our newsletter.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
- Legitimate Interest: If you contact us it is clearly in your legitimate interest for us to process your data and respond to your enquiry. We may also occasionally send you informative updates that are relevant.
- Consent: We collect explicit consent when customers subscribe for our marketing newsletter.
How we store your personal information
- Information you supply is stored securely on cloud-based and local servers. Please take care not to share sensitive information in normal correspondence as this can never be guaranteed to be 100% secure.
- Our payment gateway adheres to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Sharing of Data
- We have 3rd party Pixels embedded on our website. These are snippets of code which when enabled send anonymised browsing information to those third parties to help us run effective retargeting campaigns and to monitor patterns of website usage. These pixels are disabled by default until you enable them in our cookies pop-up notice.
Retention Of Data
We find that many customers come back to us time and again. So we retain basic data. We will undergo a review in 2022. In that review we will determine what data we should retain for lawful purposes or for the customer’s legitimate interest, and what data should be deleted.
Non-essential marketing cookies are disabled by default on our website until you accept them. It is also possible to switch off cookies by setting your browser preferences.
Your data protection rights
Under data protection law, you have rights including:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
- You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us by email if you wish to make a request at firstname.lastname@example.org