Who we are
The organisation SRBY (UK) is a registered educational charity (Registered Charity No. 1127729). We run courses teaching Jangama meditation and are staffed 100% by volunteers, there are no paid staff. We also have regular meditation groups running each week to help support the meditation practice and courses. We regularly post news items on meditation, our courses, events and groups on Facebook, Instagram, Twitter and by email.
Types of data we collect
You will be asked to provide your personal information when registering for a course or newsletter, making donations or requesting communications.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. This will not happen unless you choose to opt in. If you agree, the file is added and the cookie helps analyse web traffic. The cookie is provided by a third party service, Google Analytics, to collect anonymous information of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the website. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
Visitors can subscribe to our email newsletter and be kept informed of our meditation courses, news about meditation and events. We never pass email addresses to other organisations and businesses. We use a third-party email service: (Fluent CRM, Amazon AWS) to deliver our newsletters. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. You can unsubscribe at any time by clicking the unsubscribe link at the bottom of any of our emails or by emailing us at email@example.com
Booking contact information
When booking our courses, your personal information (name, email or phone number) that you provide us, will be used to contact you about the course. We do not pass your information to anyone else.
Facebook, Instagram and Twitter
What is the legal basis for processing the data
Data protection under GDPR sets out a number of different reasons for which a company may collect and process your personal data, including:
In specific situations we can collect and process your data with your consent. When collecting your personal data we will always make clear to you which data is necessary in connection with a particular service. For example: Newsletter, booking a course.
In certain circumstances, we need your personal data to comply with our contractual obligations. For example: Booking a residential retreat. Making a donation.
If the law requires us to, we may need to collect and process your data. For example: we can pass on details of people involved in fraud or other criminal activity affecting SRBY (UK) to law enforcement .
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our charity and which does not materially impact your rights, freedom or interests. (For example donations, purchases or dietary and emergency contact details for a residential retreat.)
Will the data be shared with any third parties
We use third-party providers: (Fluent CRM, Amazon AWS) to deliver our newsletter, PayPal for donations. We do not pass your personal information to any other third parties.
How will the information be used
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. Information collected will be used for the purpose that it was collected for, eg. meditation courses, news about meditation and meditation events. We also analyse the data collected to help us make decisions on how to provide future meditation courses, news items, and meditation events.
How long will the data be stored for
Whenever we collect or process your personal data, we will only keep it for as long as is necessary for the purpose for which it was collected. At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis.
How we protect your personal data
We secure access to all transactional areas of our websites and apps using ‘https’ technology. Access to your personal data is password-protected, and sensitive data such as payment card information is secured and tokenised by the payment provider (PayPal) to ensure it is protected.
What rights does the data subject have
You have the right to request:
- Access to the personal data we hold about you.
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop any consent-based processing of your personal data after you withdraw that consent.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.
If you make a request, we will expedite it as soon as practically possible. In certain circumstances it can take up to 1 month for us to complete the request. If, in exceptional circumstances, it may take longer than 1 month we will inform you. You can send a request to firstname.lastname@example.org
How can the data subject raise a complaint
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office www.ico.org.uk/concerns