GDPR Privacy Policy - Rigpa UK
centres

Rigpa UK

Tibetan Buddhist Meditation Centre

GDPR Privacy Policy

This Policy was last updated in May 2018.

 

Rigpa Fellowship (Rigpa) is committed to protecting and respecting your privacy

This policy explains when and why we collect personal information about people who visit our website, how we use it, the conditions under which we may disclose it to others and how we keep it secure.

Any questions regarding this Policy and our privacy practices should be sent by email to enquiries@rigpa.org.uk or by writing to Rigpa, 330 Caledonian Road, London N1 1BB.

The rules on processing of personal data are set out in the General Data Protection Regulation (the “GDPR”).
 

Who are we?

Rigpa is a Buddhist charity. We are classed under the GDPR regulations as a data controller. That means we decide how your personal data we receive is processed and for what purposes. Rigpa is a registered charity. The registered address is the address above.

How do we collect information from you?

We obtain information about you when you use our website, register to join Rigpa, contact us about courses, events, products and services, to make a donation or if you register for courses or events.

We also receive and process personal information regarding membership applications and renewals, as well as details to enrol members.

What type of information is collected from you?

The personal information we collect might include your name, address, email address, phone number, IP address, and information regarding what pages are accessed and when. If you make a donation online or place an order, your card and other payment information may not held by us, but may be collected by our third party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions, as explained below.

How is your information used?

We may use your information to:

  • Process a donation that you have made;
  • Process an event or course ticket order or subscription;
  • Process applications or renewals of membership;
  • To carry out our obligations arising from any contracts entered into by you and us;
  • Seek your views or comments on the services we provide;
  • Notify you of changes to our services;
  • Post out any printed material to you;
  • Send you communications which you have requested and that may be of interest to you. These may include newsletters, information about campaigns, appeals, and other fundraising activities;
  • Activities, promotions of associated Rigpa entities, including in other countries.

We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations (for example the collection of Gift Aid). We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you may hold with us.

What is our legal basis for processing your personal data?

Our lawful basis for processing your general personal data under article 6 of GDPR is as follows.

Consent of the data subject. We will directly ask for your consent to process data –

  • When you sign up for any email or mailing list;
  • When you register for membership of Rigpa directly on our website or through paper forms or over the phone.

Processing necessary for the performance of a contract with the data subject or to take steps to enter into a contract. We will collect and use your personal data in the following circumstances –

  • When you place an order on our website, so that we can process your payment, confirm transaction details (typically via email) and arrange confirmation of tickets and subscriptions, and delivery of any goods and services.
  • When you book tickets for events so that we can process your application and any payments, and where applicable, arrange accommodation and activities.
  • When you apply for any courses, so we can process your application and any payment involved as well as inform you of venue and other details.

Processing necessary for the purposes of the legitimate interests of the data controller or a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of the data subject;

  • We will use your personal data to process and facilitate any membership of Rigpa received either directly or passed to us via an affiliated entity.

Who has access to your information?

Rigpa requires access to personal information such as name, address, phone and email details in order to process any membership of Rigpa, as well as to facilitate any events or courses you might attend. It is important to note:

  • We will not sell or rent your information to third parties.
  • We will not share your information with third parties for marketing purposes.

Third Party Service Providers working on our behalf

We may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process donations or website payments, or to mail your copy of printed materials). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and future contracts will require them to keep your information secure and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties beyond Rigpa and associated entities for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.

When you are using our secure online donation pages or make a purchase through the website, your donation or payment is processed by a third party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.

We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation, or if we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property or safety of our supporters and customers. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.

Your choices

You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct communications from us, then you can select your choices on forms or webforms on which we collect your information.

We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. We will not contact you for marketing purposes by post if you have indicated that you do not wish to be contacted. You can change your marketing preferences at any time by contacting us by email: enquiries@rigpa.org.uk, or by letter to the above address.

How you can access and update your information

The accuracy of your information is important to us. If you change email address, or any of the other information we hold is inaccurate or out of date, please email us at: enquiries@rigpa.org.uk, or write to us at the address above.

You have the right to ask for a copy of the information Rigpa hold about you (we may charge £10 for information requests) to cover our costs in providing you with details of the information we hold about you.

Security precautions in place to protect the loss, misuse or alteration of your information

When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with SSL encryption. When you are on a secure page, a lock icon will appear on web browsers such as Microsoft Internet Explorer or Google Chrome.

Non-sensitive details (your email address etc.) may be transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Profiling

We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud and credit risk.

Use of ‘cookies’

Like many other websites, the Rigpa website uses cookies. ‘Cookies’ are small pieces of information from a website, stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. For example, we use cookies to store your country preference. This helps us to improve our website and deliver a better more personalised service.

It is possible to switch off cookies by setting your browser preferences. Turning cookies of may result in a loss of functionality when using our website.

Links to other websites

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.

16 or Under

We are concerned to protect the privacy of children aged 16 or under. We do not process anyone’s data aged under 16 without their parent/guardian’s explicit permission. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.

Transferring your information outside of Europe

As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.

If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.

How to make a complaint?

To exercise all relevant rights, queries or complaints, please in the first instance contact us via email at: enquiries@rigpa.org.uk, or write to us at the above address.

If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 03031231113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.

Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.

Review of this Policy                                        

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.