Date of Last Revision: May 27, 2018
INFORMATION COLLECTED BY PARIYATTI
We collect information that participants provide directly to us in a variety of ways. For example, we collect information when a customer purchases a book or audio or video recording from our online store, creates an account with us, or asks about or registers to join us on a pilgrimage. When you make a donation to Pariyatti or sign up to receive our newsletter, we also gather information.
Website Purchases and Donations. We operate an online bookstore through which customers may purchase literature and other media. As part of these transactions, customers may create an online account with us. Donations in support of Pariyatti can also be made through our website. The personal information that we may collect as part of these transactions includes, but is not limited to:
- E-mail addresses
- Phone numbers
- Company or business name
We do not store bank account or credit card information. Rather, we utilize the services of third-party vendors to process transactions.
Pilgrimages and Workshops. In addition to the information listed above that we collect for website purchases and donations, we may also collect or receive personal information from participants in our pilgrimages and workshops, which may involve international travel or meetings at various destinations. The information we collect may include personal information for emergency contacts , date of birth, nationality, passport numbers, occupational background, previous experience with pilgrimages, similar travel, or workshop study and training, reasons for participating, and sometimes health history information that a participant provides and which might be relevant to pilgrimage-related travel.
Mobile Apps. We administer a mobile app through which users may, if they choose, provide to us the same information collected through our website.
Usage Information. We may collect, either directly or through a third-party service provider, a variety of personally identifiable and non-identifiable information automatically or passively from users as they visit or interact our website or mobile app. Usage Information may include IP address or other device identifiers, the type of browser, device, and operating system a user employs, the URL that referred users to our Services, how and when users interact with our website or mobile app, and other similar information.
If a participant voluntarily provides us with information online or in a paper format, such as when making a donation, completing a survey, or contacting us via email, we may gather personal information through that communication.
Photographs. During the course of our pilgrimages, we may have occasion to take photographs of our activities and participants that might be suitable for use in publications such as brochures and newsletters, or for posting on our website or social media platforms (e.g., our Facebook page). Before taking any photographs of participants on our pilgrimages, we will ask for participants’ consent to be photographed and we will not knowingly publish or post photographs of any individuals without their consent. If you are pictured in a photograph we have published or posted and would like for us to discontinue using the photograph, please contact us at firstname.lastname@example.org.
HOW PARIYATTI MAY COLLECT INFORMATION
Directly from Participants. As noted above, we may collect personal information directly from participants in our organization’s activities that they provide to us.
Automatically through Cookies and Other Tracking Technologies. When you access or use our website or mobile app, we may automatically collect certain information about you, including:
- Log Data. As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, device identifier, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, and other usage data. We may combine this automatically-collected log information with other information we collect about you. We use log data to monitor use of our sites and services, for security purposes and for technical administration.
- Device Information. We may collect information about the device you use to access our web site or mobile applications, including the hardware model, operating system and version, unique device identifiers and mobile network information.
This information is largely collected using cookies and other tracking technologies. We and our service providers may use various technologies to collect information relevant to the performance of our website, mobile app, and electronic communications, including cookies (both session and permanent cookies) and web beacons. Cookies are small data files stored on your hard drive or in device memory that help us to, among other things, improve services through our website and your online experience, see which areas and features of our services are popular, and count visits. Web beacons are clear, electronic images that may be used in our online services or in our emails and help deliver cookies, count visits, understand usage and communication effectiveness and determine if an email has been opened and acted upon.
HOW AND WHY PARIYATTI COLLECTS AND USES INFORMATION
Legitimate Organization Interests. It is our policy to collect and utilize information collected from participants that will aid in the pursuit of our organizational mission and as necessary, while accounting for and respecting participants’ interests and rights. Our mission includes introducing individuals and deepening their contact with the teachings of Buddha and related activities. Our guiding policy is that we collect information in furtherance of our mission and to assess how effective we are in pursuit of our mission, and not for other purposes.
Service Communications. We may contact you using the email address you provide to us for informational and operational purposes, such as account management, delivering requested services (e.g., books ordered from our website or delivery of newsletters or daily teachings), or system maintenance.
Organization Announcements and Marketing. We do not rent, sell, or share personal information about our participants with other people or nonaffiliated companies for their direct marketing purposes, unless we have the users’ express permission. We may use your personal information and other information to communicate with you by email or push notification to provide you with information we think may be of interest to you. For example, with our customers’ consent, we may notify them about new event schedules, texts, or programming. Users may opt out of marketing emails or newsletters at any time by using the opt-out link in an email or by contacting us at email@example.com. In Canada, we will send such email messages only with your consent, which we will ask you for when you register your account or provide us with your email address.
Mission Partners. We may receive information collected about individuals from other organizations dedicated to introducing the teachings of Buddha and organizing meditation retreats that serve as qualifiers for participation in our pilgrimages and Pāli workshops to ascertain eligibility for participation in our pilgrimages and Pāli workshops.
Security. We monitor and maintain records of some customer activity to detect and prevent fraud and misuse of our Services.
Specific User Request or Consent. We process user information by request, for example, to deliver user-requested materials or to respond to an inquiry with user consent.
Aggregate Data. We may de-identify and aggregate data collected through the Services and use it for any purpose. It is important to remember that such information does not identify you individually.
Legal Obligations. We obtain and maintain some information to comply with legal obligations (e.g., records for sales tax collections), and we may be required to share certain information in response to a lawful request (e.g., insurance).
HOW PARIYATTI MAY SHARE INFORMATION
Vendors and Service Providers. We may share any information, including Personal Information, that we receive from users with vendors and service providers retained in connection with the provision of the Services we provide. For example, we may use a third-party service provider to process payments, and in such cases, we will share applicable Personal Information, including payment method information, with that provider as necessary to fulfill an order.
As Required By Law and Similar Disclosures. We may access, preserve, and disclose Personal Information, other account information, and content if we believe doing so is required or appropriate to: (i) comply with law enforcement requests and legal process, such as a court order or subpoena; (ii) respond to user requests; or (iii) protect users’, ours’ or others’ rights, property, or safety.
With Your Consent. We may also disclose your Personal Information or User Content with your permission.
Links to Other Sites. Our website contains links to affiliated vendor sites, such as social media sites. We are not responsible for the content or the privacy practices employed by those other sites. A link to another website does not constitute endorsement of that site or any of the content or information provided by that site. We encourage our users to be aware when they leave our Site and to read the privacy policies of each website that collects personal information.
SECURITY OF YOUR INFORMATION
With respect to the deletion of data, our practices are as follows:
- Automatic Deletion: We store a customer’s data for as long as a customer remains our customer. Some data, such as transaction data, may be stored longer for record-keeping purposes. Some aggregate data collected about our service may be kept as long as the product or service is being used.
- Deletion by Request: A customer may request the deletion of his or her information, but we cannot guarantee that such a customer will be allowed to remain our customer, as some of the information is necessary for the fulfillment of our Services. Furthermore, while we will honor requests to delete personal information and refrain from using such information in the delivery of our Services, we may need to retain certain information for limited historical record-keeping purposes (e.g., identification of which individuals attended a pilgrimage or workshop, purchase history or receipts for bookkeeping).
Unfortunately, the Internet is not completely secure, and we cannot ensure or warrant the security of any information you provide to us. We do not accept liability for unintentional disclosure.
By using or receiving our Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on our website or by sending an email to you. You may have a legal right to receive this notice in paper or hard copy format. To receive free written notice of a security breach in paper or hard copy format (or to withdraw your consent from receiving electronic notice), please notify us at firstname.lastname@example.org.
USER RIGHTS AND CHOICES
Opt-Out. If you established an account with us or receive email or other communications from us and do not wish to receive communications from us, you may unsubscribe at any time. You may decline to submit any personal information through the Services, in which case we may not be able to provide certain Services to you.
If you would like to opt out of targeted advertising on our Services, please refer to your mobile device or browser’s technical information for instructions on how to delete and disable cookies and other tracking or recording tools. Please be aware that disabling cookies or similar tools may disable many of the features available through the Service.
Correction. You have the right to access your personal information and to correct, amend, or delete such personal information if it is inaccurate. You can exercise these rights by logging into your account on our website and viewing your profile and billing information. Customers can also submit requests for other information we may have collected to email@example.com. If you delete any account information, we may retain certain information as required by law or for legitimate business purposes. Furthermore, if you delete certain information, you may no longer be able to receive our Services.
Portability: You may request to obtain certain data from us, in a generally readable format, and will be provided with a file containing their data. Alternatively, a file with your data may be forwarded to another entity at your request.
California Privacy. If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information by Pariyatti or its affiliates to a third party for the third party’s direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org.
European Union Data Protection. If our processing of your information is subject to the General Data Protection Regulation 2016/679 (“GDPR”), we have additional obligations and you have additional rights under the GDPR. These rights and obligations are as follows:
We will process your personal data in order to provide the Services. The lawful bases for processing your data may include:
- When you have given consent
- When processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract
- When processing is necessary to protect our legitimate interests or that of a third party, except where such interests are overridden by your interests or fundamental rights.
We may rely on more than one of the lawful bases for processing your information described above. If our processing is based on your consent, you have the right to withdraw the consent at any time. However, if your consent is necessary in order to complete a transaction or provide a service you have requested, we may no longer be able to complete the transaction or provide the service. Subject to your right to erase personal data, we will store your information for as long as necessary for us to provide the Services.
You have the right to be informed about your personal data and how it is being processed, to access, correct and erase personal data, to restrict further processing, to obtain and reuse your data for your own purposes across different services and to object to processing. You also have the right to lodge a complaint with the relevant EU supervisory authority.
If your information is transferred to us or to another recipient in a manner that requires to leave the boundaries of the European Economic Area (“EEA”), we will ensure that at least one of the following shall apply: (i) the transfers will be to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; (ii) we have used specific model contracts approved by the European Commission which are intended to give personal data the same protection it has in Europe; (iii) where we use providers based in the US, we may transfer information to them if they are part of the Privacy Shield, which requires them to provide similar protection to personal data shared between the Europe and the US, provided that if a competent authority determines in the future that Privacy Shield offers insufficient protection, we will utilize a different transfer method; or (iv) any alternative transfer mechanism that can under GDPR lawfully support the transfer. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Erasure: You may ask for your data to be erased from our system. We will comply with a request to erase all customer data, even though this means we will no longer be able to serve this individual as a customer, and all services and products will be revoked. Finally, an affiliate party that has requested the data of this customer (such as an entity that has provided the customer with one of our products) and already gained access to customer data in the past will need to be contacted separately by the customer.
Restriction of Processing: You may place a restriction on the processing of your data, and the request will be accommodated. But please note that restrictions on processing your data may inhibit your ability to utilize the Services.
Objection to Processing: A user may, at any time, object to our processing of his or her data. We will stop all processing of customer data if the objection was raised with respect to direct marketing purposes. If an objection was raised with respect to processing of data that is essential to the performance of our duties with respect to the Services, we will no longer be able to provide the Services to our customer.
Our Services are intended for adults older than 18 years of age, and we therefore do not knowingly collect, maintain, or use personal information from children under 18 years of age without parental consent, and no part of the Services is directed to children under the age of 18. If you learn that a child has provided us with personal information without your consent, you may alert us at email@example.com. If we learn that we have collected any personal information from children under 18 years of age without parental consent, we will promptly take steps to delete such information and terminate the child’s account.
We will retain your customer information for as long as your account is active or as needed to provide you the Services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you no longer wish to use the Services, you may deactivate your account by sending us an email to firstname.lastname@example.org. After you deactivate your account, you will not be able to sign into the Services or access any information stored in connection with previous receipt of our Services. You may open a new account at any time. If you deactivate your account, we may still retain certain information associated with your account for analytical purposes and recordkeeping integrity, as well as to prevent fraud, collect any fees owed, take actions we deem necessary to protect the integrity of the Services or our users, or take other actions permitted by law.
UPDATE YOUR INFORMATION OR POSE A QUESTION OR SUGGESTION