Updated May 2018.
The Rigpa Lerab Ling Congregation is committed to protecting and respecting your privacy. This policy explains when and why we collect personal information about people who visit our websites and use our services, how we use their information, the conditions under which we may disclose it to others and how we keep it secure.
The rules on processing of personal data are set out in the General Data Protection Regulation (EU) (the “GDPR”).
Who are we?
Rigpa Lerab Ling Congregation is a French religious congregation established by the Ministry of Interior’s decree issued on 29 January 2002 (published in the Official Journal dated 5 February 2002). The Congregation is located in l’Engayresque, 34650 Roqueredonde in France and is registered with the Siret number 482 522 000 00017.
How do we collect information from you?
We obtain information about you when you use our websites, contact us about courses, events, products and services, to make a donation or if you register for courses or events, or subscribe to our newsletter.
What type of information is collected from you?
The personal information we collect might include, but is not limited to, your name, address, email address and phone number. If you make a donation online or place an order, your card and other payment information is not held by us, but may be collected by our third party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions, as explained below.
How is your information used?
We may use your information to:
- Process a donation that you have made;
- Process an event or course registration or subscription;
- Carry out our obligations arising from any contracts entered into by you and us;
- Seek your views or comments on the services we provide;
- Notify you of changes to our services;
- Post out any printed material to you;
- Send you communications which you have requested and that may be of interest to you. These may include newsletters, appeals and other fundraising activities;
- Communicate activities, promotions of associated Rigpa entities.
We review our retention periods for personal information on a regular basis.
We will hold your personal information on our systems for as long as is necessary for the relevant activity, as long as is set out in any relevant contract you may hold with us, as long we are legally obliged to hold the data or until you request that it is deleted. We are legally required to hold some types of information to fulfil our statutory obligations (for example for tax-exempt donations).
What is our lawful basis for processing your personal data?
Our lawful basis for processing your general personal data under Article 6 of GDPR is as follows:
- Consent of the data subject.
We will directly ask for your consent to process data when you sign up for any of our email or mailing lists.
- Processing necessary for the performance of a contract with the data subject or to take steps to enter into a contract. We will collect and use your personal data in the following circumstances:
- When you place an order on our websites, so that we can process your payment, confirm transaction details and arrange confirmation of registration and subscriptions, and delivery of any goods and services.
- When you register for events so that we can process your application and any payments, and where applicable, arrange accommodation and activities.
- When you apply for any courses, so we can process your application and any payment involved as well as inform you of venue and other details.
- When you subscribe to any of our mailing lists, so we can inform you on a regular bases about our activities.
- Processing necessary for the purposes of the legitimate interests of the data controller or a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of the data subject;
- We will use your personal data to process and facilitate any membership of Rigpa received from a national Rigpa organization.
Who has access to your information?
Rigpa Lerab Ling Congregation requires access to personal information as outlined above. It is important to note:
- We will not sell or rent your information to third parties.
- We will not share your information with third parties for marketing purposes.
Third Party Service Providers working on our behalf - We may pass your information to our third party service providers, agents, subcontractors and other Rigpa-related organisations for the purposes of completing tasks and providing services to you on our behalf (for example, to process donations or websites payments, or to mail your copy of printed materials). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and future contracts will require them to keep your information secure and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties beyond Rigpa Lerab Ling Congregation and associated entities for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
When you are using our secure online donation pages or make a purchase through the websites, your donation or payment is processed by a third party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.
- If you are not satisfied by our reply you have the right to lodge a complaint with the relevant data protection authority or with the relevant court if you consider we have not respected your rights.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with SSL encryption. When you are on a secure page, a lock icon will appear on your web browsers such as Microsoft Internet Explorer or Google Chrome.
Non-sensitive details (your email address etc.) may be transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We recommend you don't share your password with anyone.
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud and credit risk.
Our websites use Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and web page usage.
Links to other websites
In addition, if you linked to our websites from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
16 or Under
We are concerned to protect the privacy of children aged 16 or under. We do not obtain or process anyone’s data aged under 16 without their parent/guardian’s explicit permission.
Transferring your information outside of Europe
As part of the services offered to you through Rigpa Lerab Ling Congregation’s websites, the information which you provide to us may be transferred to countries outside the European Union (“EU”). For example, this may happen if any of our servers are located in a country outside of the EU. These countries may not have similar data protection laws to Europe. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
How to make a complaint?
If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Commission Nationale informatique et liberté.
Review of this Policy