Privacy Policy
Last updated March 5, 2026.
When using our platform (bhaktimarga.lv) we believe you should always know what personal data we collect about you, how we use it, and what control you have over this data. We want to be transparent and explain this information to you in our privacy policy below (“Privacy Policy”).
About Us
We are Bhakti Marga Latvijas draudze, registration number 50801052661 (Registry of religious organisations and their institutions), registered address: “Reinmuižas”, Katlakalns, Ķekavas pagasts, Ķekavas novads, LV-2111, Latvia, operating under the name Bhakti Marga Latvia (“we”, “us” or “our”). We are the controller of your personal data.
You can contact us by:
- e-mail address: info@bhaktimarga.lv
- phone number: +37126579949
- contact form: https://bhaktimarga.lv/connect/?lang=en
About Our Privacy Policy
This Privacy Policy explains:
- what personal data we collect about you;
- how we use your personal data;
- your rights concerning your personal data.
The Privacy Policy applies to the use of the website https://bhaktimarga.lv (“Website”) and our communication concerning the use of the Website.
Definitions
Contact information – data needed to contact you, e.g., e-mail address, phone number, postal address.
Details of the order – details regarding your order, e.g., products and services ordered, order and delivery status, or invoice number.
Payment details – information needed to receive and transfer payments, e.g., payment method, billing address, bank account number, payment card details (including card number, CVV/CVC code, card expiration date).
Payment status – details related to your payment, e.g., whether the payment was successful, payment date, time and place.
Traffic and performance data – information used by a website’s or application’s analytical tools, including third-party cookies and identifiers assigned to you, e.g., IP address, location, device information, demographic data, device type, and internet browsing history.
Website Cookies
Our website uses cookies. Cookies are small text files that are stored on your computer by the websites you visit. They are used to collect traffic and performance data, keep the functionality of the website and to provide information to the website owners. Through the use of cookies, the Bhakti Marga Latvia can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.
We will ask you to consent to our use of cookies when you first visit our website. By using our website, you are in agreement to our use of cookies in accordance with the terms of this policy. You may, at any time, using the cookie banner on our webpages, adjust or prevent our use of cookies (except necessary cookies which ensure basic functionalities and security features of our website). If you deactivate the setting of cookies not all functions of our website may be entirely usable.
How Do We Use Your Personal Data and Why?
We use only the minimum amount of personal data needed. We will indicate where the provision of personal data is voluntary or necessary.
For each topic below, we describe why and how we use your personal data and what is the legal basis.
Registrations & Orders
If you register for our events or paid courses in the events calendar on our website, we will process your title, first and last name, country, address, email address, spiritual name (optional), telephone number (optional), information about the event for which you have registered. Payment data such as credit card number or other bank details is processed directly by the payment service provider Stripe. We do not store full payment card details on our systems. If you register for our free events in the event calendar on our website, we will process your name, email address, spiritual name (optional), (optional), information about the event for which you have registered, among other things. The personal data collected in the context of booking and managing the event will be used in particular to respond to your request.
| What do we do with your personal data and why? | What personal data do we use? | Legal basis |
|
We send you information about your registration/order to inform you about the status of your registration/order.
|
|
|
Contact Form and Seva Form
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent. When using the contact form, we collect your personal data (name, e-mail address, message text) only to the extent that you have provided it. The purpose of the data processing is to establish contact.
When using the seva contact form, we collect your personal data (name, e-mail address, contact details, nationality, telephone number, and others) only to the extent that you have provided it. The purpose of the data processing is to establish contact.
The data you enter in the contact and seva forms will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory legal provisions – in particular retention periods – remain unaffected.
Payments and Donations
We use Stripe (https://stripe.com/en-lv/privacy) services for processing your payments (Stripe Payments Europe Ltd – 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland). The data processing serves the purpose of offering you payment via the payment service. We send them your payment details to receive the payment and we receive from them information about the status of your payment. We do not store full payment card details.
You can use a fundraising function on our website. If you make a donation, we process your information and payment details. The processing of donations is handled by Stripe Payments Europe Ltd – 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. Privacy Policy: https://stripe.com/en-lv/privacy. DPA: https://stripe.com/legal/dpa. Your data may be transferred to the USA. Stripe complies with EU-U.S. Data Privacy Framework: https://stripe.com/ie/legal/data-privacy-framework.
| What do we do with your personal data and why? | What personal data do we use? | Legal basis |
|
We collect and exchange your data with payment service providers to receive payments and to give refunds
|
|
|
|
We store your data to have a proof of our transaction for tax and accounting purposes.
|
|
It’s required by law (local tax and accounting laws) |
Newsletter
Through our website you have the opportunity to subscribe to receiving news and updates from us (newsletter). We would like to point out that our newsletter contains tracking pixels. A tracking pixel is a thumbnail image embedded in an email. These are sent in HTML format to enable the recording and analysis of log files, such as a statistical analysis of the success or failure of our online marketing campaigns. Based on the built-in tracking pixel, we can see if and when an email has been opened and which links have been opened. Such data is stored and analyzed by us in order to optimise the sending of the newsletter and to adapt its content for future newsletters, tailored to the interests of the data subjects. This personal data will not be shared with third parties. We will only use your e-mail address to send newsletters for our own advertising purposes. The processing takes place with your consent on the basis of Article 6(1) (a) GDPR.
We use the following marketing tools that process personal data for sending newsletters: Brevo (Sendinblue). You can unsubscribe from our mailings at any time by clicking the unsubscribe link at the bottom of our emails or by requesting it via our contact form on the website.
Brevo (Sendinblue): Customer management as well as process and sales support with personalized customer care with multi-channel communication, i.e. management of customer inquiries from different channels, as well as with analysis and feedback functions;
Service Providers: Sendinblue – 106 boulevard Haussmann, 75008 Paris, France. Website: https://www.brevo.com ; Privacy Policy: https://www.brevo.com/legal/privacypolicy/. DPA: https://www.brevo.com/legal/termsofuse/#appendix-3-data-processing-agreement-dpa
- Legal basis: Legitimate interests (Art. 6(1)(f) GDPR);
- Basis for third-country transfer: EU-US Data Privacy Framework (DPF).
- In the event of revocation, your personal data will be deleted.
| What do we do with your personal data and why? | What personal data do we use? | Legal basis |
|
We send you marketing information (e.g., newsletters, information on events, products, or services) to keep you updated about our offers.
|
|
|
|
We analyse your reactions to our marketing messages to understand the effectiveness of our messages and marketing campaigns.
|
|
It’s important for us to understand the results of our marketing campaigns, to provide even better campaigns in the future and improve our communication with our users (legitimate interests)
|
Photo and Video Recording at Live Events
When you register for and attend our live events (including courses, seminars, concerts, satsangs, darshans, and other spiritual gatherings), we may take photographs, video recordings, and audio recordings during the event for documentation and promotional purposes.
During events, we may capture:
- Photographs of event participants and activities
- Video recordings of event sessions, presentations, and group activities
- Audio recordings of teachings, talks, and group singing/chanting
These materials are used for:
- Creating promotional content for future events
- Documenting our spiritual community activities
- Sharing event highlights with our wider community
- Publishing on our social media channels: Instagram (@bhaktimarga_latvia), Facebook (@bhaktimargalatvia), Telegram (@bmlatvija), and YouTube (@bhaktimargalatvia)
- Internal archival and educational purposes
When you register for an event through our website, you will be asked to provide your explicit consent for the recording and use of your image, voice, and likeness. This consent is obtained through a checkbox or consent field in the registration form.
By providing consent, you acknowledge and agree that:
- Photos and videos taken during the event may include your image and voice
- These materials may be published on our website and social media channels
- The materials may be viewed by the public on platforms such as Instagram, Facebook, Telegram, and YouTube
- We may use these materials for promotional purposes.
| What do we do with your personal data and why? | What personal data do we use? | Legal basis |
|
We may take photos, videos and audio recordings during our events to document our spiritual activities and for creating promotional materials
|
|
|
You have the following rights regarding photos and videos of you that were taken :
Right to withdraw consent: You may withdraw your consent to the use of your image at any time by contacting us at info@bhaktimarga.lv. Please note that withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Materials already published may remain online unless you specifically request removal.
Right to object: During event registration, you have the option to decline consent for photography and videography. We will make reasonable efforts to exclude you from photography and videography. However, we cannot guarantee complete exclusion if you choose to participate in group activities.
Right to request removal: If specific photos or videos have been published and you wish them to be removed, you may submit a request to info@bhaktimarga.lv. We will review your request and remove the content where reasonably possible, taking into account the nature of the material and platform limitations.
Where Do We Obtain Your Personal Data?
We will obtain your personal data:
- directly from you (for example, when you fill a registration form, purchase a service, contact us with a question or complaint or sign-up to receive marketing communications)
- from payment service provider (Stripe)
- from e-mail marketing service provider (Brevo)
- from photographs and videos taken at our events
To Whom We Disclose Your Personal Data?
We disclose your personal data to the following categories of data recipients:
- payment service providers: Stripe
- e-mail marketing service provider: Brevo (Sendinblue)
- accounting service providers
- hosting services provider: Sebastian Gates – Web development and Hosting
To offer you a convenient website user experience, we use third party online services: (Google Maps, and YouTube.
We use the Google Maps map embedding function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”).
The function enables the visual display of geographical information and interactive map. In addition, Google also collects, processes and uses data from visitors to the websites when visiting pages in which Google Maps maps are integrated. The data processed may include, in particular, IP addresses and location data of users; Service Provider: Google Cloud EMEA Limited, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland; Website: https://mapsplatform.google.com/; Privacy Policy: https://policies.google.com/privacy. DPA: https://cloud.google.com/terms/data-processing-addendum. Your data may be transferred to the USA. There is an adequacy decision by the EU Commission for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself in accordance with the TADPF and is therefore obliged to comply with European data protection principles.
- Legal basis: Legitimate interests (Art. 6(1)(f)) GDPR);
- Basis for third-country transfer: EU-US Data Privacy Framework (DPF).
We use the YouTube video embedding function of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”). The feature displays videos that have been deposited with YouTube in an iFrame on the website. In doing so, the “Advanced Privacy Mode” option is activated. As a result, YouTube does not store any information about the visitors to the website. Only when you watch a video is the information about it transmitted to YouTube and stored there. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Website: https://www.youtube.com; Privacy Policy: https://policies.google.com/privacy. DPA: https://cloud.google.com/terms/data-processing-addendum. Your data may be transferred to the USA. There is an adequacy decision by the EU Commission for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself in accordance with the TADPF and is therefore obliged to comply with European data protection principles.
- Legal basis: Legitimate interests(Art. 6(1)(f)) GDPR);
- Basis for third-country transfer: EU-US Data Privacy Framework (DPF).
Presence in social networks
We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us.
We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users’ rights. Furthermore, user data is generally processed within social networks for market research and advertising purposes. For example, user profiles can be created based on user behaviour and the resulting interests of users. The user profiles can in turn be used, for example, to place adverts within and outside the networks that presumably correspond to he interests of the users. For these purposes, cookies are usually stored on the user’s computer, in which the user’s usage behaviour and interests are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
For a detailed description of the respective forms of processing and the opt-out options, please refer to the data protection declarations and information provided by the operators of the respective networks.
Further information on processing operations, procedures and services:
- Instagram: Social network; Service provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6.(1(f)) GDPR); Privacy Policy: https://privacycenter.instagram.com/policy. DPA: https://www.facebook.com/legal/terms/dataprocessing. Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and is therefore committed to complying with European data protection principles.
- Facebook pages: Profiles within the social network Facebook – We are jointly responsible with Meta Platforms Ireland Limited for the collection (but not the further processing) of data from visitors to our Facebook page (so-called “fan page”). This data includes information about the types of content users view or interact with, or the actions they take (see under “Things you and others do and provide” in the Facebook Data Policy: https://www.facebook.com/policy), as well as information about the devices used by users (e.g. IP addresses, operating system, browser type, language settings, cookie data; see under “Device information” in the Facebook Data Policy: https://www.facebook.com/policy). As explained in the Facebook Data Policy under “How do we use this information?”, Facebook also collects and uses information to provide analytics services, so-called “Page Insights”, for page operators so that they can gain insights into how people interact with their pages and the content associated with them. We have concluded a special agreement with Facebook (“Information on Page Insights”, https://www.facebook.com/legal/terms/page_controller_addendum), which regulates in particular which security measures Facebook must observe and in which Facebook has agreed to fulfill the rights of data subjects (i.e. users can, for example, send information or deletion requests directly to Facebook). The rights of users (in particular to information, deletion, objection and complaint to the competent supervisory authority) are not restricted by the agreements with Facebook.
Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal basis: Legitimate interests ((Art. 6(1)(f)) GDPR)); Website: https://www.facebook.com
Privacy Policy: https://www.facebook.com/privacy/policy/.
DPA: https://www.facebook.com/legal/terms/dataprocessing.
Data Protection Addendum: https://www.facebook.com/legal/terms/Privacy
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta has certified itself in accordance with the TADPF and is therefore committed to complying with European data protection principles.
Agreement on joint controllership: https://www.facebook.com/legal/terms/information_about_page_insights_data. The joint controllership is limited to the collection by and transfer of data to Meta Platforms Ireland Limited, a company based in the EU. The further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which in particular concerns the transfer of the data to the parent company Meta Platforms, Inc. in the USA (on the basis of the standard contractual clauses concluded between Meta Platforms Ireland Limited and Meta Platforms, Inc.). - Telegram channels: We use the Telegram platform to send messages to subscribers of our Telegram channel; Service provider: Representative in the European Union: European Data Protection Office (EDPO), Avenue Huart Hamoir 71, 1030 Brussels, Belgium; Website: https://telegram.org/; Privacy Policy: https://telegram.org/privacy ; Further information: We process the personal data of subscribers only to the extent that we can view and delete the subscribers as recipients of the channel. Beyond this, i.e. in particular for the sending of messages, the evaluation and provision of anonymous sending statistics for the channel operators and the administration of subscribers, Telegram is responsible under data protection law.
- YouTube LLC: Service: Video hosting. Service provider: Google LLC, 901 Cherry Ave., 94066 San Bruno, CA, USA. Privacy Policy: https://policies.google.com/privacy
DPA: https://cloud.google.com/terms/data-processing-addendum.
Your data may be transferred to the USA. There is an adequacy decision by the EU Commission for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Youtube has certified itself in accordance with the TADPF and is therefore committed to complying with European data protection principles.
How Long Do We Store Your Personal Data?
We will not store your personal data longer than it is necessary. Once we have determined that we no longer need to hold your personal data, we will destroy it.
The criteria used to determine the period of storage of your personal data are:
- the nature of the purpose, why personal data was collected;
- the length of time, while we have a contractual relationship with you;
- the existence of a legal obligation under the applicable law;
- the necessity to store the data in the light of our legal position (such as applicable statutes of limitations, litigation or regulatory investigations).
What Rights Do You Have In Relation to Your Personal Data?
You have various rights in relation to the personal data that we process about you. We have described these rights in the table below. There are some exceptions to these rights, however. If we refuse your request, we will explain to you the reasons for doing so.
If you wish to exercise any of these rights, please contact us. Our contact information is in the Privacy Policy’s “About us” section.
| Your rights | Explanation |
| Right to request access | You are entitled to ask us if we are processing your data and, if we are, you can request access to your personal data. |
| Right to rectification | You may request that we rectify any inaccurate or incomplete personal data that we process about you. |
| Right to erasure (“right to be forgotten”) | You have the right to request that we erase your personal data. |
| Right to restrict processing |
You have the right to request that we restrict our processing of your personal data where:
we no longer need to process such data for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not want us to delete it. |
| Right of data portability | You have the right to transfer your personal data between data controllers. This means that you can request your personal data we process about you in a structured, commonly used and machine-readable format and transfer this data to a third party. |
| Right to object | Where we are processing your personal data based on our legitimate interests (or those of a third party), you have the right to object to such processing on grounds relating to your particular situation. |
| Right to withdraw consent | If you have consented to our processing of your personal data, you have the right to withdraw consent at any time, free of charge. |
How to Complain?
If you have any concerns about our use of your personal data, you can make a complaint to us. Our contact information is in the Privacy Policy’s section “About Us”.
In case you could not solve your problem with us directly, you can also lodge a complaint with the supervisory authority responsible for data protection in Latvia:
Datu valsts inspekcija
Elijas iela 17
Rīga, LV-1050
Latvia
https://www.dvi.gov.lv
Events with Paramahamsa Sri Swami Vishwananda: Livestreams, Media Recordings and Publication of Event Content
1. Scope
During Bhakti Marga events with Paramahamsa Sri Swami Vishwananda, photo, video and audio recordings may be made. These recordings serve the purposes of documenting spiritual events, spiritual education, and providing livestreams and video-on-demand content for the Bhakti Marga community.
The recordings may reveal information about religious or spiritual beliefs and may therefore constitute special categories of personal data within the meaning of the GDPR.
This section applies to all photo, video and audio recordings created in connection with Bhakti Marga events, including but not limited to:
● Darshan events
● Satsangs
● Festivals
● Pilgrimages
● Spiritual seminars
● Hybrid and online events
This applies irrespective of whether participation takes place physically or digitally.
2. Nature of the Data Processed
During events, photo, video and audio recordings may be created.
Such recordings may include:
● Images of participants
● Voice recordings
● Statements or testimonials
● Participation in spiritual activities
● Spiritual names (if voluntarily provided)
● Event registration data (name, email, language preference)
Participation in a spiritual event may reveal religious or philosophical beliefs. Therefore, processing may involve special categories of personal data within the meaning of Art. 9 GDPR.
Above all, Paramahamsa Sri Swami Vishwananda and the ceremonial area surrounding Him are filmed as part of the spiritual documentation of the event.
3. Controllers and Joint Controllership (Art. 26 GDPR)
For the creation and use of media recordings, the following act as joint controllers pursuant to Art. 26 GDPR:
● Bhakti Marga Latvijas draudze
“Reinmuižas”, Katlakalns,
Ķekavas pagasts, Ķekavas novads,
LV-2111, Latvia
E-mail: info@bhaktimarga.lv
● Bhakti Event GmbH
Am Geisberg 1–8
65321 Heidenrod-Springen
Germany
E-mail: dataprotection@bhaktimarga.org
Responsibilities are allocated as follows:
Bhakti Marga Latvijas draudze
● Information of participants
● Collection and documentation of consent
● Implementation of on-site opt-out mechanisms
Bhakti Event GmbH
● Media production
● Technical processing and storage
● Publication via the Bhakti+ platform
● Processor management
● Security implementation
Participants may exercise their rights against either joint controller.
Where users outside the EU/EEA access content via regional structures, processing may additionally occur under separate responsibility of Bhakti Marga Church (USA), acting as an independent controller under applicable law.
4. Legal Basis for Processing
4.1 Explicit Consent (Primary Legal Basis)
Processing of identifiable media content is based on:
● Art. 6(1)(a) GDPR
● Art. 9(2)(a) GDPR
Consent is voluntary and may be withdrawn at any time with effect for the future.
Withdrawal does not affect processing carried out prior to withdrawal.
4.2 Contractual Basis (Where Applicable)
If a participant signs a specific participation or production agreement, processing may additionally be based on:
● Art. 6(1)(b) GDPR
4.3 Legitimate Interest (Limited Scope)
In strictly limited cases, processing may additionally rely on:
● Art. 6(1)(f) GDPR
This applies exclusively to:
● Overview or wide-angle recordings
● Documentation of the general atmosphere
● Situations where individuals are not the focus of the recording
The legitimate interests pursued consist in:
● Public communication of spiritual activities
● Documentation and preservation of spiritual teachings
● Enabling the worldwide spiritual community to participate in and experience the spiritual event, including members who cannot attend physically
● Maintaining historical archives of Bhakti Marga activities
A documented balancing test has been conducted.
Where recordings reveal special categories of personal data in a targeted manner, processing is carried out exclusively on the basis of explicit consent.
5. Film Zones and Opt-Out Mechanisms
To safeguard participants’ rights:
● Clearly marked film zones may exist.
● Targeted close-up recordings occur only within such zones or on the basis of consent.
● Outside film zones, only non-focused overview recordings may be made.
● Livestream-free zones are provided.
● Participants may notify organisers if they do not wish to be filmed.
● Visible identifiers (e.g., wristbands) may be used to protect opt-out participants.
6. Publication Channels
Media content may be published via:
Internal Platform
● Bhakti+ Media Platform (Bhakti+ App)
Official External Channels
● YouTube
Official channels including:
○ @ParamahamsaVishwananda108
○ @BhaktiMarga1008
○ @BhaktiMargaMusic
○ @BhaktimargaLatvia
● Facebook
Official Bhakti Marga pages
● Flickr
● Official Bhakti Marga websites (including country websites)
Publication may occur worldwide.
7. Regional Operation of the Bhakti+ Platform
The Bhakti+ platform is operated on a regional basis:
- For users within the EU/EEA, the collection and processing of personal data is carried out by
Bhakti Event GmbH,
Am Geisberg 1–8, 65321 Heidenrod-Springen, Germany. - For users outside the EU/EEA (ROW), personal data is collected and processed independently by
Bhakti Marga Church (USA) as a controller within the meaning of the GDPR or the applicable national data protection laws.
No transfer of user account or profile data from Bhakti Event GmbH to Bhakti Marga Church (USA) takes place.
8. International Data Transfers (Chapter V of GDPR)
Where publication occurs via platforms operated by providers located outside the EU/EEA, personal data may be transferred to third countries.
Safeguards may include:
● Standard Contractual Clauses (Art. 46 GDPR)
● Adequacy decisions (Art. 45 GDPR), where applicable
Residual risks relating to access by foreign authorities cannot be entirely excluded.
9. Processors (Art. 28 GDPR)
Bhakti Event GmbH uses carefully selected service providers as processors within the meaning of Art. 28 GDPR to operate the Bhakti+ platform and to technically implement media content.
Appropriate data processing agreements (DPAs) are in place with all service providers.
a) Hexaglobe, Paris, France
Service: Video hosting and embedding services
Website: https://www.hexaglobe.com
Privacy Policy: https://www.hexaglobe.com/en/privacy-policy
DPA: https://www.hexaglobe.com/en/legal
Safeguards: EU hosting (no third-country transfer)
b) Shopify International Ltd., Ireland
Service: Hosting of the app infrastructure and platform-related services
Website: https://www.shopify.com
Privacy Policy: https://www.shopify.com/legal/privacy
DPA: https://www.shopify.com/legal/dpa
Safeguards: DPA and Standard Contractual Clauses (SCCs), where applicable
c) Flickr (Yahoo! Inc.), USA (optional)
Service: Optional image galleries
Website: https://www.flickr.com
Privacy Policy: https://www.flickr.com/help/privacy
DPA: https://www.flickr.com/help/dpa
Safeguards: Standard Contractual Clauses (SCCs)
d) YouTube (Google Ireland Ltd.)
Service: Video hosting or informational content, if used
Website: https://www.youtube.com
Privacy Policy: https://policies.google.com/privacy
DPA: https://cloud.google.com/terms/data-processing-addendum
Safeguards: SCCs pursuant to Google DPA
e) Meta Platforms Ireland Ltd. (Facebook)
Service: Optional social media communication, if used
Website: https://www.facebook.com
Privacy Policy: https://www.facebook.com/privacy/policy/
DPA: https://www.facebook.com/legal/terms/dataprocessing
Safeguards: SCCs pursuant to Meta DPA
Public authorities (e.g., tax authorities) receive personal data only where a legal obligation exists.
10. Storage Period
Personal data is stored only for as long as necessary for the respective processing purposes.
Data will be deleted once the purpose of processing no longer applies or consent has been effectively withdrawn, unless statutory retention or archiving obligations require longer storage.
Media content (photo, video and audio recordings) may be stored for a longer period for documentation and archival purposes of spiritual events, provided that a valid legal basis exists.
Personal data is stored only as long as necessary for the purposes described.
Media content may be stored for longer periods for:
● Documentation
● Archival purposes
● Preservation of spiritual teachings
Deletion occurs:
● Upon withdrawal of consent, unless overriding legal grounds apply
● When the purpose no longer applies
● Subject to statutory retention obligations
Exemptions under Art. 17(3) GDPR may apply.
11. Data Subject Rights
Under the GDPR, you have the right to:
● Access (Art. 15)
● Rectification (Art. 16)
● Erasure (Art. 17)
● Restriction (Art. 18)
● Data portability (Art. 20)
● Objection (Art. 21)
● Withdraw consent at any time (Art. 7(3))
● Lodge a complaint with a supervisory authority (Art. 77)
Identity verification may be required.
12. Technical and Organisational Measures (Art. 32 GDPR)
We implement appropriate technical and organisational measures, including:
● Role-based access controls
● Encrypted data transmission (SSL/TLS)
● Secure hosting infrastructure
● Logging and monitoring
● Confidentiality obligations
● Regular review of security measures
In the event of a personal data breach, notification obligations pursuant to Art. 33 and 34 GDPR apply.
13. Contact
For data protection enquiries or to exercise your rights, please contact:
Bhakti Event GmbH
Am Geisberg 1–8, 65321 Heidenrod-Springen, Germany
Email: dataprotection@bhaktimarga.org
Bhakti Marga Latvijas draudze :
“Reinmuižas”, Katlakalns,Ķekavas pagasts, Ķekavas novads, LV-2111, Latvia
E-mail: info@bhaktimarga.lv