We are glad for you to visit one of our following webpages or blogs
and thank you for your interest in our courses, pilgrimages, products and events etc. offered. The handling of our customers and interested parties is a matter of trust. The trust offered has a great significance for us und thus the relevance and obligation, to handle your data carefully and to protect them from abuse.
For that you feel comfortable in visiting our webpage or blogs, we take the protection of your personal data and its confidential handling very serious. For that we act in accordance to the applicable legal regulation for the protection of personal data and for data security.
With this evidence for data protection we would like to inform you, when we safe which sort of date and how we use them – of course with respect to the prevailing legal norms. The data safety at Bhakti Event GmbH takes account of the standard of the European data security follows in particular the current Federal Data Protection Act (BDSG).
For the internet usage we are oriented towards the German Teleservices Act (TMG) of the Federal Republic of Germany for the protection of your personal data.
For the following services the following elucidations for data security are valid:
Online-Shop / pilgrimages / courses and events / room reservations
Why do we record your data?
We record and process your data for the maintenance of our business relationships in order to provide to you the best possible service in the form of comfortable access to our products and services (e.g. courses and pilgrimages), as well as to provide to you the best possible scope of services in the processing of your order. This means with the order, the delivery of the products or the participation in a course/ event as well as pilgrimages, room reservations in the centre in Heidenrod-Springen and the payment.
Furthermore we use your data anonymised in order to constantly improve your future visits on our webpage. We do not transfere those data to third parties.
We will update you if necessary via e-mail about novelties, offers, services and if wished also about our fundraising program. You can disagree at any times to advertisement and the participation in our fundraising program (firstname.lastname@example.org). For this disagreement there will be no further costs than those you agreed on with you telecommunication and e-mail provider for transmission.
In order do be able to show you particularly interesting offers we collect data on our webpages which we use to create profiles of affinity. For example we can see which webpages are beining visited within our website. For that purpose data is collected by the webanalysis-tool Google-Analytics with the help of cookies, which are being used for the generation of pseudonymous user profiles. For that we help ourselves with the service of Google Inc. (Regarding the cookis please see chapter 4)
Furthermore we collect your data in order to maintain your personal customer data bank in the context of your customer accound with us and the contexts connected to this.
1. Which data do we collect, process and use?
You can visit our webpage without leaving personal data: when surfing without registration we do not collect personal data, but we use cookis only for the so called session-ID and for your language (regarding cookies please see chapter 4 below). By default informations such as you IP address, time, duration of your visit, operation system, browser and page few are being collected.
As far as you register as a customer, course participant or hotel guest etc. we collect data via the respective registration mask of the respective offer of the webpage which you fill in. The data to be collected includes among others your:
- First name, family name
- Birthdate (in order to check on your salesmanship – see below also notes regarding children)
- Post address
- Data of order of ordered product (e.g. product, course- of travel data).
The data requested can deviate on the respective registration mascs from the above mentioned informations according to the offer.
As we are concerned and obligated to your wellbeing, it can be necessary that we request health data from you in the context of your registration for specific courses in order to be able to decide if you can participate in the course. Those data will be deleted immediately after the course by us and our partners (course leader). For that reason it can happen that in a later course you might be asked for your health data another time by us or our partner (course leader).
In general there are compulsory statements on this mask, which we definitely need for the processing of the order, and further voluntary details. The compulsatory statements are marked appropriately and have to be filled in if you want us to take regard of your order. Voluntary details are, as the name indicates, voluntary and do not have to be given. Additionally we put cookies provided you agree to it (regarding cookies please see under chapter 4).
We safe your order data within the context of the order history and send those order data via e-mail to your e-mail-address provided. Furthermore you can see your order data in your customer account. The GTC you find here.
Above we need in the following cases information to your person:
Your register for the consignation of a newsletter or comparable advertisment material or of our program „Friends of Bhakti Marga“.
· You would like to get in touch with us.
Use of social plugins
In order to make our internet bid more attractive and user friendly for our users, we, the Bhakti Event GmbH, work together with selected cooperation partners (z.B. facebook, google, twitter, etc.). These platforms can be temporarely integrated in our a.m. webpages and blogs with the help of so called plugins.
Integration of facebook social plugins
In our webpages and blogs are social plugins („plugins“) of the social networker facebook.com integrated, which is run by the facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA („Facebook“).
The plugins of facebook are recognizable through one of their facebook logos (white „f“ on blue tyle or a „tumbs up“-Zeichen) or they are marked with an adjungt „facebook social plugin“. The list and the look of the facebook social plugins can be seen here: http://developers.facebook.com/plugins .
When you call up a webpage of our web presence which contains such a plugin, your browser builds up a direct connection to facebook. The contents of this plugin will be directly transmitted by facebook to your browser and integrated into the webpage. For that reason we do not have any influence on the scope and contents of the data, which facebook collects with the help of plugins and for that we inform you according to our stand of knowledge.
Through the integration of plugins facebookd receives the information that you have called up the respective page of our web presence. If you are logged in with facebook they can assign this visit to your facebook account. If you interact with the plugins, for example you activate the like-button or you leave a comment, the respective information will be directely transmitted by your browser to facebook and saved there. In case you are not a member with facebook, there is still the possibility that facebook finds out your IP address and saves it.
Please learn about the purpose and scope of the data- acquisition and the further processing and use of those data by facebook as well as your respective right and approach-option (Einstellungsmöglichkeiten) for the protection of your privacy from the data-security-indication of facebook:
In case you are a facebook-member and you do not want facebook to collect data about you via our web presence and connects them to your member-data saved at facebook, you have to log out from facebook before you visit our webpages and delete cookies placed (you find more information about cookies under point 4 of this data security declaration).
Apart from that you can block facebook-social-plugins with add-on for your browser, for example with the „facebook blocker“.
Integration of google plus plugins
In our webpages and blogs are social plugins („plugins“) of the social network of Google Plus integrated, which is operated by Google Inc., 1600 Amphitheatre Parkway, Montain View, CA 94043, United States („Google“).
The plugin of google plus is recognizable through the character „+1“ on white or coloured background.
When you call up a webpage of our internet presence which contains such a plugin, your browser builds up a direct connection with the server of google. The content of the plugin will be directly transmitted to your browser by google and integrated into the webside.
For that reason we do not have any influence on the scope and contents of the data, which google collects with the help of this plugin. According to google no personal data are being collected without clicking on the button. Only data of logged in members are being collected and processed, among others the IP address.
Please learn about the purpose and scope of the data- acquisition and the further processing and use of those data by google as well as your respective rights and approach-options (Einstellungsmöglichkeiten) for the protection of your privacy from the data-security-indication of google: http://www.google.com/intl/de/policies/privacy/ .
In case you are a google-member and you do not want google to collect data about you via our web presence and connects them to your member-data saved at google, you have to log out from google plus before you visit our webpages and delete cookies placed (you find more information about cookies under point 4 of this data security declaration).
Integration of twitter plugins
In our webpages and blogs are social plugins („plugins“) of the social network of twitter integrated, wich is operated by Twitter Inc., located in 795 Folsom St., Suite 600, San Francisco, CA 94107, USA („Twitter“).
The plugin of twitter is recognized by a bird-symbol with the lettering „tweet“.
When you call up a webpage of our internet presence which contains such a plugin, your browser builds up a direct connection with the server of twitter. The content of the plugin will be directly transmitted to your browser by twitter and integrated into the webside.
Through the integration of plugins twitter receives the information that you have called up the respective page of our web presence. If you are logged in with twitter when you are using one of the plugins, twitter can assign this visit to your account. If you interact with the plugins, for example you activate a “tweet” button, the respective information will be directely transmitted by your browser to twotter and saved there. In case you are not a member with twitter or you have loged out with twitter before visiting our webpages, there is still the possibility that twitter finds out your IP address and saves it.
Please learn about the purpose and scope of the data- acquisition and the further processing and use of those data by google as well as your respective rights and approach-options (Einstellungsmöglichkeiten) for the protection of your privacy from the data-security-indication of twitter: https://twitter.com/privacy .
In case you are a twitter-member and you do not want twitter to collect data about you via our web presence and connects them to your data saved at twitter, you have to log out from twitter before you visit our webpages and delete cookies placed (you find more information about cookies under point 4 of this data security declaration).
For the “like-button” and +1- buttons (Google), as well as for „tweet“ respectively the bird-symbol-button“, which can be found on our pages, we installed a two-steps-solution: for that you can click on one side on our above mentioned webpages or blogs “like”, “+1” or the button with the bird-symbol, you first have to click on that button in order to activate it. Only then a connection will be established with facebook, google or twitter- servers. With a second click you can recommend the contribution to your friends/ contacts.
Also see: “2 clicks for more data security (heise.de)
1. We register your data
We use the principle of data minimisation and data avoidance. This means we register and use only as much data as necessary to handle the ordering and reservation process and to get in contact with you.
This includes for example all data of bookkeeping which we have to work with and to keep due to legal provisions.
Your personal data will only be stored when you supply this on our homepage for registration as a customer or participant. We save this data with your permission as your personal profile and in case of further visits on our homepage you can register with your user name and your password. This has the advantage that you do not have to enter your address data every time you place an order or a reservation. You can contradict to the use of your data at any time. In this case for any future order or reservation a complete new registration is necessary.
We also register your data if you subscribe to our newsletter or take part on a fundraising program of Bhakti Marga Yoga gGmbH. Therefore, we act upon the double-opt-in-procedure. This means, immediately after your registration on our homepage you confirm once again per mail your wish to subscribe our newsletter or other comparable information and news regarding our fundraising program of Bhakti Marga Yoga gGmbH.
We use a so-called cookie-technology to ensure a comfortable user-friendly operation for orders/reservations in our shop and our other websites regarding all our stated services. For example, cookies guarantee a personal welcome on our homepage at your next visit or information individually coordinated with your needs.
Our websites and blogs use Google Analytics, a web analysis service of the Google Inc. („Google“). Google Analytics uses so-called cookies, text files which are stored on your computer and which allows an analysis of the use of the website by you. The information generated by the cookie concerning your use of this website will be passed on to a Google server in the USA and saved there.
In case of activation the IP-anonymisation on this website, your IP-address of Google will be shortened within the member states of the European Union or in other Contracting States to the Agreement on the European Economic Area.
Only in exceptional cases the complete IP-address will be transferred to a server of Google in the USA and will be shortened there. On this homepage the IP-anonymisation is active. Under the authority of the provider of this website, Google will use this information to evaluate your use of this website, to produce reports on website activities and to provide other services related to the use of the website and of the Internet to the website operator.
The IP-address transferred from your browser as a part of Google Analytics will not be used in connection with other Google data. You can avoid the installation of cookies by appropriately adjusting your Browser Software. We advise you that in this case you eventually cannot use all functions on this website. Furthermore, you can prevent the registration of data generated by cookies and data referring to your use of the website (incl. your IP-Address to Google as well as the processing of the data. Therefore, download and install the browser-plugin, available here: http://tools.google.com/dlpage/gaoptout?hl=de .
The following links provide information about this possibility for the most used browsers:
- Internet Explorer
- Google Chrome
3. How can you access your data?
With your registration as a customer or course participant etc. you assign a user name and a personal password. Your user name and your personal password secure that only you have access to your profile. We have no access to your password because it is stored encrypted in a secure database.
We always have access to your data stored in our system. The data of your profile (for example your delivery address) can always be changed during the ordering proccess. Also you can update your data in a secure area. If you are updating your information, we usually keep a copy of your earlier data in our files.
4. To whom do we pass your data?
Within the ordering process we pass data (for example your delivery address) to our service provider (e.g. Deutsche Post AG) or our partner companies (e.g. companies producing goods for us). These partners and service providers are only allowed to use your data for fulfilling their tasks on our order. They are obliged to abide by data protection regulations.
Within courses/events we pass data to our speakers or seminar organizers. These partners are only allowed to use your data for fulfilling their tasks on our order. They are obliged to abide by data protection regulations.
This is also the case with related third parties during pilgrimage.
Furthermore our sister company Bhakti Marga Yoga gGmbH receives your data after your definite confirmation by double-opt-in-procedure (please find more information above).
On a regular basis you will receive relevant current information about fundraising events.
5. How do we protect your data?
We developed organisational and technical measures to protect the data received from you reliably. Sufficient information and trainings of our employees and their commitment to our data protection regulations guarantee that your data will be treated confidentially. Our security measures also include that we will ask you for a proof of your identity, especially during a contact by phone.
We urge you to care for all possible protective measures to protect your data while working online. Please change your password regularly. We recommend to use a combination of letters and numbers for your password and ensure to work on the Internet with a secure SSL enabled Browser. Please log-out after using your computer if you are not using it alone. Do not allow access to your password to third parties.
On any websites where personal data is stated (e.g. area „Warenkorb/Shopping car“ and „Mein Konto/My account“) we use the industry standard SSL (Secure Sockets Layer) for encoding your data. Before transferring your data to our server, it will be modified with the SSL encryption and third parties cannot reconstruct it. Because of this the confidentiality of your data and your bank data for transactions via Internet is guaranteed.
6. Technical data regarding security
Encryption of sensitive data transfers with SSL certificate.
Securing of server: Our servers are protected by a firewall system against attacks.
An internal security system and authorisation concept guarantee that your sensitive data is not available for our employees without special authority.
We are not interested in a targeted collection of personal data of children. If we become aware that such data is transferred to us without approval of the parents or guardians we will delete it immediately. Therefore, we are dependent to your suitable tips from you as parents and guardians.
8. Deletion and block
We delete your personal data if the business purpose connected with the data does no longer exist. At your request we will block your data completely or partly. Therefore, please inform us to which extent and how long it should be blocked. As far as we have technical possibilities you are able to exclude processing and use of your data for certain areas.
Our web pages might contain hyperlinks, this means electronic cross links to other web pages of other organisations, companies etc. On these linked websites the specific privacy statement does not apply, only the private policy valid on these websites.
Furthermore we wish to point out:
As a provider we are responsible for our own contents according to general law. We do not have any responsibility for contents which have been submitted through external links and which are separately marked. For illegal, incorrect and incomplete contents as well as damage, which will occur due to use or not use the information, the owner of the external website is reliable.
A constant supervision of the external links without any indication of violations of the law is not reasonable to the provider. Such external links and advertisements will be immediately deleted when noticing any violations of the law.
1. Questions relating to data protection / opposition to data use for promotional or advertising purposes
If you have questions to our standards of data protection or you want to contradict to the use and transmission of your data for purpose of promoting Bhakti Marga Event GmbH, the fundraising of Bhakti Marga Yoga gGmbH, please contact us:
Public procedure catalog of Bhakti Event GmbH
The German Federal Data Protection (Bundesdatenschutzgesetz, short BDSG) stipulates in section 4g (§ 4g) that the following informations have to be made available towards everybody according to section 4e in a suitable way by the data protection representative.
Name of the authority responsible:
Bhakti Event GmbH
Responsible manager for data processing
Address of the authority responsible:
Am Geisberg 1 – 4, D – 65321 Heidenrod – Springen
phone: +49 (0) 6124-605-9000
mobile: +49 (0) 1577-540-9400
internet: www.bhaktievent.de or www.bhaktimarga.org
Intendes purpose of data collection, data processing and use of data
Operation of an online shop
Implementation of courses/events
Operation of room bookings at the location of Heidenrod-Springen
Additional purposes are attendant or supporting functions in administration of personals, agents, suppliers and service providers.
Video surveillance is used at the location for recording events and for collection of proof in case of vandalism, break-in, assault or other offences. Availability and use of video cameras is shown appropriate by warning labels.
Implementation of saving, data processing of personal data for own purpose as well as by order and name of single companies according to available service agreements within the association of enterprises.
Data collection, data processing and data using take place in execution of the purposes listed before.
Description of person affected and relating data/datacategories
Essentually relating to the following personal groups personal data will be collected, processed and used:
Customers data – online shop (in particular data of name, gender, date of birth, address, contract, calculation)
Data of attendee – courses/events (in particular data of name, gender, date of birth, address, if necessary data of health, course/event, calculation)
Speakers/OMH – courses/events (in particular data of name, gender, photo, address, course/event, calculation)
Data of guests – room booking (in particular data of name, gender, date of birth, domicile, calculation)
Data of pilgrims – pilgrimages (in particular data of name, gender, date of birth, identity card, insurance, journey, calculation)
Data of interested party for courses/events/room booking (in particular data of name, gender, date of birth, course/event, requested stay)
Data of employees, candidates, social security agencies (in particular data of personal and salary)
Business partners, external service companies (in particular data of address, calculation, performance, contract)
Data of suppliers (in particular address, calculation, performance, contract, if necessary data of function)
Unclassifiable group of people: video recording at events and for safety
Categories of addressees data can be reported to beside our internal departments as there are:
- Online shop
- Staff responsible for booking of courses/events and pilgrimages
- Speakers and organizers
can also be third party as there are:
- Third party in customers order
- Third party for conducting/fulfillment of determination purpose that is listed before
- External contractor according to BDSG section 11 to data processing of contracts (for example speakers, oganizers, hotels, transit companies etc. within the bounds of order processing, course- and event organisation, booking of hotel and flight for pilgrimages etc.)
- Bhakti Marga Yoga gGmbH (sister company, at your explicit agreement for the fundraising programme)
- receive data from us for order processing.
Furthermore data can be given to the following addressees:
Public institutions who receive data because of public acts (for example social insurer)
Internal institutions that are involved in performance and fulfillment of the current business process (for example personnel management/personnel control, accounts, marketing, IT-Organisation, management)
Rule limits for deletion of data
The legislator has issued diverse obligations to preserve business records and safekeeping retention. After deadline the relevant data will be deleted routine, if it is not necessary anymore for current performance of a contract (buying, course participation, booking of rooms, pilgrimages, etc.) So the data of commercial law and financially active data of an annual account will be deleted after ten years on, according to the legal regulation as far as no longer obligations for preserving business records are stipulated or necessary because of legitimated reasons. In the area of personnel management and personnel control shorter periods of time on special fields are used. This applies particularly to refused applications or cautions.
Registration forms appropriate to the law of registration are kept at the hotel business of the centre in Heidenrod-Springen according to the legal required minimum duration and afterwards supplied to deletion by special precautionary measure in accordance with Data Protection Act.
Planned data delivery to third countries
Data delivery to external contracting parties (for hotels, transit companies, etc.) in third countries are just produced for communications whithin the bounds of contract fulfillment of pilgrimages as well als other explicit scheduled exceptions in section 4c of BDSG.
Guarantee of security in data processing
Bhakti Event GmbH brings in technical and organizational safety measure according to section 9 of BDSG to give protection to their administered data against manipulation by chance or intential, loss, destruction or access by not allowed people. The installed safety measures are constantly improved according to technological development. The access on data is just possible for a few allowed and committed to data privacy protection persons, who are concerned with technical, administrative or editorial responsibility.
Name and address of controller for data protection
Bhakti Event GmbH
Controller for data protection
Am Geisberg 1 – 4
D – 65321 Heidenrod – Springen
State of public procedure directory: 1st of March 2013
The person responsible for content of public procedure directory:
The Controller for data protection at Bhakti Event GmbH