1.1. Welcome to “NADA YOGA PLACE” private policy statement.
Our private data policy statement is our policy for the protection of private data. We respect private data and are committed to protecting your personal data. By means of this private data privacy statement, you are informed about how we treat your personal data as a member, friend or acquaintance of “Nada Yoga place” or as a simple visitor or user of the site Through the same privacy statement, you receive information about your privacy rights and how you are protected by the current legislation. From our part, we assume responsibility for the collection, management and general processing of your personal data.
1.2. For any clarification regarding this private data policy statement and your legitimate rights, you may contact us directly at the following details:
Michalis Evangelidis – Nada Yoga Place,
Tel : + 30 2111 848283
Email address : firstname.lastname@example.org
Address: Agiou Polykarpoy 1
Postal Code 17124, ATTICA, GREECE
Your Obligation to inform us of any changes
It is important that personal data that we maintain for you is accurate and valid. By declaring this, you are requested to inform us as soon as possible in any case of any change in your personal data that may occur during your association with us.
Categories of information we collect
We reserve the right to collect, store, and to process in general, different kinds of your personal data which we have grouped as follows:
-forms which include the name, surname, username or similar ID such as for example, marital status, occupation, title, birth year for age, gender
-Data contact information which include postal address, email address and phone numbers
-Data Usage information, which includes information on how you use our site
-Promotional and communicational data, including your preferences for receiving promotional material from us and other third parties and your preferences for communicating with us
– Health reports when provided voluntarily by you so as to make our programs, activities and events as safe and effective as possible, and to adjust our programs, activities and events so as to be best suited to your specific needs
-Data Profiles (Profile Form)
When we send or display personalized announcements or content, we may use some techniques defined as “profile training” (-In other words, any form of automated processing of personal data suggested for processing, so as to evaluate certain personal characteristics of an individual, especially for the purpose to analyze or predict personal preferences, interests, behavior, location, health, (in the case where medical data has been voluntarily provided by you), and the credibility or the movements of an individual-). This means that we may collect personal data relating to the different options listed above. This mentioned data is collected and analyzed in order to evaluate and predict your personal preferences and / or interests. Based on our analyses we send or display announcements and / or content which are tailored to your interests / needs.
– The above data may include unique numeric identifiers such as the IP address of your computer or the MAC address of your mobile phone, as well as cookies.
How we collect your information
We collect personal data about you whenever you participate in our programs, activities and events either at Nada Yoga place or at our local official centres or anywhere else, as well as every time you visit our website.
Why we process your information
We process your personal data only when legally permitted to do so.
In general, we process your personal data only:
-If you intend to participate in a program, activity, or event that you are interested in or where you have already informed us that you wish to participate.
-In the event where it is necessary to protect our legitimate interests or to protect the legitimate interests of a third party and your interests and where your fundamental rights do not override the previous mentioned interests
-Where we need to comply with a legal or regulatory obligation
– When a request or consent has been explicitly given to us, by you for us to do so
You are entitled to withdraw your consent to receive any promotional material at any time using the delete link at the bottom of each promotional email or alternatively by contacting us through the contact details mentioned in paragraph 1.2 of this statement.
Change of purpose
We will only use your personal data for the purposes mentioned and for any purposes compatible with these. If you wish to receive clarifications about the compatibility of the current purposes in relation to the original purposes, you may contact us using the contact details in paragraph 1.2. In the event where we may need to use your personal data for any irrelevant purpose or for a purpose which is not compatible with our current purpose, then you will be notified through a modification of this privacy statement.
Third party connections
Our website may include links to third-party sites, microsites, add-ons (plug ins), and applications. If you click on these links, you grant the right to third parties to collect or share personal data about you. We cannot control third-party websites and are not responsible for their own privacy statements. In the event of your participation in third party programs, activities, or events via the booking process, you must be aware that Nada Yoga place is not responsible for the processing of your data on behalf of any of the above mentioned third parties. Therefore, whenever you use these links or microsites or when you leave our site, we encourage you to read the privacy statement of the above third parties
Cookies, web beacons and other similar technology
A cookie is a small data file that is placed on your computer’s hard drive when you visit a site. A “session cookie” expires as soon as you finish your session (that is, when you close your browser). A “persistent cookie” stores information on the hard drive so that when you finish the session and return to the same site at a later time, the cookie information is still available. A web beacon is a small piece of a code that represents a clear graphic image and is used in conjunction with a cookie.
When you visit our site, we reserve the right to use both a session cookie and a permanent cookie. This cookie placed by NADA YOGA PLACE can contain information (such as a unique user ID) that is used to record the use of our site by you and, in some cases, to record your email address. Your e-mail address is only stored in this cookie that is placed by NADA YOGA PLACE provided you are registered with NADA YOGA PLACE. The web beacon allows us to record specific types of information about actions taken during a visit to a site, such as a visitor’s cookie number, time, date, duration and number of page views, a description of the page on which the web beacon is placed and details of the programs, activities and events for which the user was interested in or submitted their participation to.
You have the right to disable cookies. Internet browser settings are usually programmed by default to accept cookies. However you can easily adjust these settings by changing the settings in your browser.
We do not knowingly collect any information from any person under sixteen (16) years of age, unless there is a legal consent of his / her parents or guardians or persons exercising parental responsibility and supervision. Our site, programs, activities and events are exclusively addressed to individuals who are at least 16 years of age or older unless there is an escort or legal consent of their parents or guardians or persons exercising parental responsibility and custody of them. If you are under the age of sixteen (16) years, do not use or provide any information on this site or sign up to any, or through any of its services, and do not provide us with any information about you, whether your name, address, phone number or your email address.
If we ascertain that we have inadvertently collected or received personal data of a person under the age of sixteen (16) years, we will immediately erase that data unless this consent has been previously granted or authorization from the parent or guardian or persons who have custody and supervision of them.
If you believe that we may have personal data from or for a person less than sixteen (16) years of age, you may contact us by using the contact details in paragraph 1.2.
Who can access your information?
To serve you better, we reserve the right to share your personal data with third parties who provide support services to us or help us to promote our programs, activities and events. These service providers are committed to us through a special agreement not to use your personal information in any other way and for any other purpose other than to assist us in organizing programs, activities and events for which you are interested in participating or joining.
We also reserve the right to disclose your personal data to a third party either when you ask us to do so, or when you give us your consent to disclose it, when it is our duty to do so, by law, or when required by our privacy data policy statement.
Countries with access to your personal information
Our servers, which store and protect your information, are located within the European Economic Area (EEA). However, in the event that personal data is transferred outside the EEA, a similar level of protection is ensured, by ensuring that one of the following protection measures is implemented:
– Your personal data will only be transmitted to countries for which the European Commission considers provide an adequate level of protection for personal data
– Wherever specific service providers are used, we reserve the right to use specific contracts authorized by the European Union which provide personal data with the same protection as in Europe.
We implement appropriate protection measures, including encryption, anonymous or pseudo-tampering procedures, where necessary to prevent the unauthorized loss, alteration, disclosure, use or unauthorized access to your personal data. In addition, we limit access to your personal data to employees and other third parties such as our members and volunteers who need to know them in order to fulfill their professional or voluntary duties. All of these persons process your personal data solely in accordance with our instructions and are bound in writing to comply with the relevant confidentiality requirements.
We have put in place procedures for handling any suspected personal data breach and will notify you and any competent authority or service of any possible violation. We will do so voluntarily in the above mentioned notice, but also in cases where we are required by law to do so.
Retaining your information
We will only retain your personal data in order to fulfill the purposes for which we have collected it, including fulfilling any legal or reporting obligation of ours.
To determine the appropriate period of retaining personal data, we examine the quantity, nature and sensitivity of your personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process personal data, while taking into account whether we are able to fulfill these purposes by other means and in accordance with applicable legal obligations.
Details of retention periods of different personal data categories are available upon contact with us through the contact details of paragraph 1.2.
In some cases, we reserve the right to make your personal data anonymous so that it cannot be associated with you for statistical research or research purposes. In this case, we reserve the right to use this information indefinitely without any further obligation to notify you any further.
You have the right to:
14.1. Request access to your personal data (“data subject access request “).
This enables you to receive a copy of the personal data we maintain for you and to confirm that we process it in accordance with the law.
14.2. Request a correction of the personal data we maintain for you. This enables you to correct incomplete or inaccurate data we retain for you. In this case, we reserve the right to ask you thereafter to validate the accuracy of the new data you provide us with.
14.3. Request the deletion of your personal data. This enables you to ask us to delete or remove your personal data when there is no reasonable reason, to continue processing it, according to your assessment. You also have the right to ask us to delete or remove your personal data in cases where you have successfully exercised your right to oppose processing (you may refer to his right for you to do so, in the next sub-paragraph) when we may have processed the information unfairly, according to your assessment or when there is a need to comply with local regulations. Please know however that we may not always be able to satisfy your request for deletion due to specific legal reasons, for which you will be notified of, if necessary, following the submission of your request.
14.4. Object to the processing of your personal data when we rely on our legitimate interest or have a legitimate interest in a third party and if you have reason to wish to object to its processing, according to the above legitimtate interests, when you believe it compromises your fundamental rights and freedom You also have the right to oppose the processing of your personal data for direct promotional activities
14.5.Request that the processing of your personal data is limited This enables you to request ask us to suspend the processing of your personal data in the following cases: (a) if you want to confirm the accuracy of the data (b) when the use of our data is unfairly processed according to your assessment, but you do not wish to be deleted by us (c) when you wish we retain your data even if we do not request it, where it is necessary for you to exercise, defend or validate your legal claims (d) when you have objected to our use of your personal data but you must confirm if we have significant legitimate grounds to do so.
14.6. Request the transfer of your personal data to you or a third party. We will provide you, or any third person you designate to us, with your personal data in a structured and common, computer legible format. This specific right concerns only automated information for which you have given your consent to us for use.
14.7. Withdraw your consent at any time if our processing of your personal data is based on your consent. However, this cannot influence the legitimate processing that took place before you withdrew your consent. However, if in the event you withdraw your consent, it is possible that you may not be allowed to participate in our programs, activities, and events. We will ensure to inform you in such a case upon withdrawal or after withdrawal of your consent.
If you wish to obtain clarifications about your rights or exercise any of the rights described above, you may contact us through the contact details mentioned in paragraph 1.2 at the beginning of this statement.
No fee is usually required
You will not need to pay a fee to access your personal data or to exercise any other right related to your data. However, we reserve the right to charge a reasonable fee if your application is clearly unfounded, repetitive or abusive. Alternatively, we reserve the right to refuse to comply with your request for these same reasons
What we may need from you
We reserve the right to ask you for specific information in order to verify your identity and to guarantee your right to access your personal data or to exercise any other of your rights. This is a protection measure that is particularly useful for your benefit by ensuring that personal data is not disclosed to any person who is not entitled to receive it. We also have the right to contact you for more information about your request in order to reduce our response time.
Time limit to respond
We try to respond to all your legitimate requests within one (1) month. We may need more than one month to respond to your request, especially if your request is very complex or if a number of requests have been made. In this case, however, we will make sure to inform you of this.
You are entitled to submit complaints to the supervising authority on personal data protection issues in your country. In Greece, the competent authority is the Hellenic Data Protection Authority. However, we would especially appreciate it if you were given the opportunity to manage your concerns before contacting the Data Protection Authority. For this reason, you are requested to contact us using the contact details mentioned in paragraph 1.2 above.
Changes to the privacy statement
This version of the privacy statement was updated on May 24, 2018. This statement replaces any previous editions and disclosures we may have provided about information practices. We reserve our right to change this statement by applying any change to the information previously collected, as required by law. In the event of future changes to our present statement or to our activities related to personal data, you will be notified accordingly through our notification of the the above changes on our site, www.nadayoga.gr (PERSONAL DATA PROTECTION POLICY –PRIVATE DATA POLICY STATEMENT).
Personal data is information that can be associated with a person. Data is considered personal if the person concerned can be identified, directly or indirectly. Examples include name, identity card number, birth date, location data, and contact information. This does not include any data for which identifying information (anonymous data) has been removed.
Sensitive personal data or specific categories of data is data such as: religious, ideological, political opinion or activities, health information, gender or biometrics, racial or ethnic origin, or criminal activities or penalties.
Profile training is any form of automated processing of personal data that uses personal data to evaluate specific personal attributes associated with a person
A data subject is a natural person with whom personal data is linked.
Data processing is any activity, transaction or set of transactions carried out on personal data or sets thereof, irrespective of the process and means (automated or not) applied such as, for example, the collection, recording, organization, structure, storage , adaptation or modification, retrieval, search for information, use, revision, disclosure by transmission, dissemination or any other form of being made available, association or combination, interconnection, blocking, deletion, archiving , viewing and destruction of it.
A data file is any structured set of personal data that is accessible in such a way as to enable that person to be identified by the data.
Disclosure means access of person data to any third party, unauthorized or non-authorized.
Data protection impact assessment is a systematic process for identifying, assessing and documenting the risks and impact of personal data processing activities on the rights of individuals.
Data controller is the legal person who decides on the purpose and means of processing personal data.
Data Processor is the natural or legal person processing personal data on behalf of the data controller.