Your information privacy is extremely important to us. We have prepared this EU Privacy Notice (“Notice”) to explain how we collect, use, protect, and disclose information and data. This EU Privacy Notice applies to you if you are in the European Union (EU) or European Economic Area (EEA) and:
1. you visit the Self Realization Fellowship websites at yogananda-srf.org (collectively the “Site”), and use any other internet services offered by Self Realization Fellowship (collectively the “Services”);
2. you have applied to study the Self-Realization Fellowship (SRF) Lessons, have applied for Kriya Yoga initiation, sought spiritual guidance and counselling from us, or have otherwise been in contact with us, whether over the internet or otherwise (we refer to you as a “member”); or
3. you are a volunteer or have applied to become a volunteer (SRF “Volunteers” include SRF members who volunteer with our meditation groups, volunteer Council Members, Service Readers, Ushers, Sunday school teachers and other volunteers with SRF or SRF groups).
1. SRF as a Data Controller
This Notice is provided by the Self-Realization Fellowship (SRF), which is the data controller for your data under the EU General Data Protection Regulation 2016/679 (“GDPR”).
Our contact details are as follows:
Self-Realization Fellowship, 3880 San Rafael Ave, Los Angeles, CA, 90065 USA
If you reside in the United Kingdom, Germany or Italy, you may also serve as a Volunteer with one of our sister organizations in your country. For purposes of this Notice our sister organizations are the following:
- In the UK: Self-Realization Fellowship Church-UK (“SRF-UK”) and the SRF London Centre (“LC”)
- In Germany: Gemeinschaft (“GSV”)
- In Italy: Ente della Chiesa della Fratellanza nella Realizzazione del Sé (“Ente di Culto”)
The SRF sister organization in your area may share personal data with us, so that each organization can assist the other in carrying out our responsibilities to the SRF community. SRF and the SRF sister organizations referred to above are each data controllers. This means each entity is responsible to you for how each processes your data.
2. The Categories of Personal Data We Process
You are free to explore the Site without providing us with Personal Information. However, when you have contact with us whether over the internet or otherwise—by using our Site or Services, creating an account on our MemberPortal, applying to study our Lessons, participating with SRF as a member, through other contact with us, or by volunteering—we may process the following categories of personal data about you.
- Names, titles, and photographs (if you provide them).
- Contact details such as telephone numbers, addresses, and email addresses.
- Personal information that you provide to us including information in correspondence with us, or information you provide in the course of pursuing the SRF Lessons and meditation techniques, spiritual counseling, or requesting prayers. This information may include information you provide to us about spiritual matters, personal or familial health, financial, marital, work-related matters, and other information about matters of a confidential nature.
- Records of your donations or purchases and related payment information (such as bank account numbers, payment card numbers, payment/transaction identifiers).
- Records relating to your bequest to SRF, including estate planning documents (wills, trusts and powers of attorney) and beneficiary designation forms.
- SRF church records containing your personal data including information about your study of SRF Lessons, Kriya Yoga Registration, Marriage & Christening Certificates.
- Other operational personal data created, obtained, or otherwise processed in the course of carrying out our activities, including but not limited to SRF reference number, and your history of volunteer activities with SRF.
- The data we process may constitute sensitive personal data because, as a church, we necessarily process data suggestive of your religious beliefs. We may also process other categories of sensitive personal data including about your mental and physical health, family or employment relationships, and other information of this nature that you have provided us.
Usage Data and Site Activity
- We automatically collect the following information about your device and your use of our Site or Services through cookies, web beacons, and other technologies: your domain name; your browser type and operating system; web pages you view; links you click; your IP address, MAC address, Unique Device Identifiers (UID), and other persistent identifiers; the length of time you visit our Site and or use our Services; and the referring URL, or the webpage that led you to our Site (“Usage Data”). We use this information to monitor and improve the Site and Services, enhance your online experience and to enable us to provide you with an easier and more personalized experience and level of service.
Cookies and Anonymous Identifiers
3. Why We Process Your Personal Data
We use your personal data for some or all of the following purposes:
- To provide you with religious and spiritual services including the SRF Lessons, guidance, spiritual counselling, prayers, Kriya Yoga initiation materials, and other services that you request;
- To contact and communicate with you: (i) in relation to your volunteer activities; (ii) to keep you informed about news and events, activities and services in which you may be interested; and/or (iii) to respond to communications from you;
- To provide you with the Site and Services, including allow you to post content and to send you alerts about your account;
- To improve your browsing experience by personalizing the Site and to improve our online services and to better understand how users access and use our Site and Services, to maintain, support, and improve our Site, and for research and analytical purposes;
- To process your nomination for a volunteer role with SRF, determine your qualifications and fitness for the role, and to provide you with support and guidance in performing your volunteer role;
- To process any purchases or donations or to receive your bequest documents;
- To process your registration for attending an SRF Convocation or retreat;
- To maintain SRF’s church records;
- To guide and administer the SRF meditation groups and sister organizations with which you may participate, provide them with financial and administrative support, and help the groups carry on their activities in accordance with policies and guidelines established by SRF;
- To enable us to meet all legal and statutory obligations or requirements, and obligations to third parties;
- For personnel, administrative, accounting and management purposes, for example to maintain our accounts, manage our Volunteers’ schedules and responsibilities, reimburse Volunteers as needed, and to monitor performance of groups and expenditures;
- For safeguarding purposes (including diligence and complaints handling), with the aim of ensuring that all children and adults are provided with safe environments in connection with SRF activities;
- To deliver SRF’s religious mission to our world-wide membership, and to carry out any other voluntary or charitable activities for the benefit of the SRF community.
4. Legal Bases for Processing Your Personal Data
We will process your personal data pursuant to GDPR Article 6(1)(b) if it is necessary to deliver services that you have requested, or to take steps to provide those services. Thus, we process your data when it is necessary to: (i) provide you SRF Lessons, Convocation registration/information, spiritual counseling, prayers or other services that you request from us, or that you expect when you become a member; (ii) provide you with the Site and Services, including communications related to your account; (iii) provide communications that you request from us, such as when you request our eNewsletter; or (iv) process your orders or donations or to receive your bequest documents.
We process your personal data pursuant to GDPR Article 6(1)(f) because it is necessary for our legitimate interests, or the legitimate interests of a third party (such as one of our SRF groups or for safeguarding you or other members). Our legitimate interests are: (1) to contact and communicate with you about our activities; (2) to determine your eligibility for studying the SRF Lessons and advanced meditation techniques; (3) to determine your qualifications and fitness to serve as a Volunteer; (4) to support and assist you in fulfilling your volunteer role with SRF, an SRF group or sister organization, and provide the required guidance and support to help your group carry on its activities in accordance with policies and guidelines established by SRF; (5) to maintain our accounts and records, including our church records; (6) to fulfill our legal obligations, and for our personnel, administrative and management purposes; (7) to further our religious objectives; (8) to perform diligence or safeguarding tasks and respond to any complaints or problems that may arise; (9) to better understand how users access and use our Site and Services, to maintain, support, and improve our Site and Services, to respond to user preferences, and for research and analytical purposes.
We obtain your consent (pursuant to GDPR Article 6(1)(a)) if you have volunteered to be the contact person of your meditation group, and we would like to share your contact information with others.
As a religious organization, we process special categories of information, including about your religious and philosophical beliefs or health information, in connection with our purposes of providing religious and spiritual teaching, services and support, and maintaining church records. This processing is pursuant to GDPR Article 9(2)(d).
5. Sharing Your Personal Data
Your personal data will be treated as strictly confidential, and we will never sell your information to others. It will only be shared with others, including third parties or other data controllers, where it is necessary for the performance of our tasks or where you first give consent. It is likely that we will need to share your data with others in the following circumstances:
- In limited circumstances we share information with our third-party Service Providers. For example, we may ask a commercial provider to send out eNewsletters on our behalf, in which event we will share your email address with that third party. We also share your payment information with third-party payment processors and financial institutions as necessary to process a payment or donation from you. We only provide our Service Providers with the information necessary for them to perform these services on our behalf, and Service Providers are prohibited from using Personal Information other than as specified by us.
- In the event that a communication with you requires translation and our Monastics (Nuns and Monks) do not have the required language skills, we may ask a member of our organization to assist us with translation, but only after we have removed any names or contact information from the communication.
- If you are a Volunteer, we may share your contact information with other Volunteers so that they may contact you in connection with your volunteer role and for organizational and administrative purposes.
- Where you have volunteered to be the contact person for your meditation group, and consented to have your contact information shared with others, we will share your contact information with others who are interested in participating in your meditation group.
- We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose personal data and any other information about you to government or law enforcement officials or private parties if, in our discretion, we believe it is necessary or appropriate in order to respond to legal requests (including court orders and subpoenas), to protect the safety, property, or rights of our organization or of any third party, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law.
- We use third-parties to host our websites (including yogananda.org and the website of our bookstore and Member Portal. Your information is not disclosed to any such third party, but data that you transmit to or through our websites will be transferred through, or reside on, computers owned by our third-party website hosting providers.
- We may disclose to third parties, certain Usage Data regarding the Site and Services. However, in such cases, your Usage Data is aggregated with the Usage Data of others and does not identify you individually and is not Personal Data.
6. How Long We Keep Your Personal Data
We will keep some records permanently, including our church records of membership status, Kriya Yoga Registration, Marriage & Christening Certificates, or if we are legally required to do so. We may keep some other records for an extended period of time, including safeguarding records. In general, we will endeavor to keep data only for as long as we need it. This means that we may delete it when it is no longer needed.
7. Managing Your Email Preferences and Member Portal Information
You can review, correct, update, delete, or change your Personal Information through your Member Portal account or by emailing us at GDPR@yogananda-srf.org. You can also opt-out of receiving certain e-mails and other communications from us through your Member Portal account, or by using the “unsubscribe” link in the emails, or e-mailing us at GDPR@yogananda-srf.org. You are able to opt out of receiving our eNewsletter and most e-mails from us; however, you cannot opt out of receiving all e-mails from us, such as e-mails about the status of your account or orders.
8. Your Rights Regarding Your Personal Data under the GDPR
You have the following rights with respect to your personal data. When exercising any of the rights listed below, in order to process your request, we may need to verify your identity for your security. In such cases we will need you to respond with proof of your identity before you can exercise these rights.
a. The right to access information we hold on you
- At any point you can contact us to request access to and be provided with information on the processing of your personal information. Once we have received your request we will respond within one month.
- There are no fees or charges for the first request but additional requests for the same data may be subject to an administrative fee.
- However, this right may not apply where it would adversely affect the rights and freedoms of others.
b. The right to correct and update the information we hold on you
- If the data we hold on you is out of date, incomplete or incorrect, you can inform us and your data will be updated.
c. The right to have your information erased
- If you feel that we should no longer be using your data or that we are illegally using your data, you can request that we erase your data.
- When we receive your request we will confirm whether your data has been deleted or the reason why it cannot be deleted (for example because we need it for our legitimate interests or regulatory purpose(s)).
d. The right to object to processing of your data
- You have the right to request that we stop processing your data for direct marketing (such as sending a paper or electronic newsletter) or for processing based on our legitimate interests. Upon receiving the request we will contact you and let you know if we are able to comply or if we have legitimate grounds to continue to process your data.
e. The right to data portability
- To the extent that you provided us personal data, we process that data by automated means, and the legal basis for our processing of your data is: (i) consent; or (ii) that the processing is necessary for the provision of services to you or to take steps at your request to provide you services, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right may not apply where it would adversely affect the rights and freedoms of others.
f. The right to withdraw your consent to the processing at any time where the legal basis for our processing is your consent.
- You can request to withdraw your consent easily by telephone, email, or by post (see Contact Details below).
g. The right to restrict processing of your data
- You have the right to restrict the processing of your data in certain circumstances including: (i) if you contest its accuracy; (ii) if the processing is unlawful and you oppose the erasure; (iii) if it is no longer needed for the purposes set out in this Notice but you require it for the defense of a legal claim.
h. The right to lodge a complaint with the supervisory authority, in the Member State where you have your habitual residence, place of work, or where an alleged infringement of the GDPR has taken place.
9. Transfer of Data Abroad
SRF is located in the United States. When you provide personal data to us, you transmit that information to the United States. SRF does not transfer your personal data internationally except to European Union Member States.
10. Updates to this Notice or Changes in Processing
If we wish to use your personal data for a new purpose, not covered by this Notice, then we will provide you with a new Notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
In other circumstances, if we decide to change this Privacy Notice, we will inform you by posting the revised Privacy Notice on the Site. Those changes will go into effect on the “Revised” date shown in the revised Privacy Notice. By continuing to use the Site or Services after that date, you are consenting to the revised Privacy Notice.
11. Online Tracking
12. Be Careful When You Share Information with Others
Please be aware that whenever you share information on any public area of the Site or Services , that information may be accessed by others. In addition, please remember that when you share information in any other communications with third parties, that information may be passed along or made public by others. This means that anyone with access to such information can potentially use it for any purpose, including sending unsolicited communications.
We maintain physical, electronic, and procedural safeguards to protect the confidentiality and security of information transmitted to us. Although no data transmission over the Internet or other network can be guaranteed to be 100% secure, we strive to protect your personal data on or through the Site or Services so that it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. However, we cannot and do not guarantee the security of any information you transmit on or through the Site or Services, and accept no liability for any unintentional disclosure or misuse.
15. Children’s Privacy and Our Site and Services
The Site and Services are intended for users who are 16 years old or older. We do not knowingly or intentionally collect Personal Information from children under the age of 16 in connection with the Site or Services. If we become aware that we have inadvertently received Personal Information from a child under the age of 16 in connection with the Site or Services, we will delete such information from our records.
16. Changes to this Notice
We keep this Privacy Notice under regular review and we will place any updates on our website yogananda.org under “EU Privacy Notice.” This Notice was last updated May 25, 2018.
17. Our Contact Details
Please contact us if you have any questions about this Notice or the information we hold about you or to exercise all relevant rights, queries or complaints at:
Mail: Attention: Legal Department, Self-Realization Fellowship, 3880 San Rafael Ave, Los Angeles, CA, 90065 USA
Telephone: 1 (323) 225-2471