Privacy Policy

Privacy Policy (updated May 15, 2019)

Omega Institute (“Omega,” “we,” “us”) operates websites, providing products and services (“Services”) through mobile and other applications, including eOmega.org (collectively, our “Platform”). We value your trust and respect your privacy. The purpose of this notice (“Privacy Policy”) is to be transparent about how information is collected and used, and to assist you in understanding our Privacy Policy and your rights. By using our Platform, you consent to this Privacy Policy.

A. What information do we collect?

When you register, donate, create a profile, or fill out a form online (catalog request; email sign up; scholarship, employment, or nonprofit retreat applications) on the Platform, we request the information we need to complete your order or request. This information may include your full name, billing address, shipping address, telephone number, email address, gender, and if applicable, credit card number.
 
The information you provide will be used to process your order or request and improve your online experience. Once you have placed your order or donation with us, we will verify with your credit card company that your credit card is valid and send you an email message that confirms your order or donation was successfully received. We will also send you an email order confirmation once your registration, donation, or online form request has been finalized.

B. Information from Other Sources

Omega sometimes employs third parties to perform services for us. We hire agencies to help administer consumer promotions and to analyze data. We may purchase data from agencies to acquire missing details, as well as to better identify or model our customers and inquiries, to help us shape our messages to your interests. These parties have agreed to hold this information in confidence and do not use it for any purpose except to carry out the requested service(s).
We may also obtain information about you from other sources. For example, we may receive background information in connection with employment opportunities. We will provide the applicable policies and procedures to you in such cases. 

C. Surveys

After you have attended a workshop in-person or online we email a survey to gather information about your stay and experience. Periodically we may use surveys, questionnaires, or evaluations to gather additional information from you to inform our programs and other activities. Participation in surveys is entirely voluntary.

D. What do we use your information for?

Any of the information we collect from you may be used in one or more of the following ways:

  • To personalize your experience
  • To improve our Platform
  • To improve customer service
  • To troubleshoot problems
  • To send periodic emails
  • To process your registration, request, donation, or application
  • For business analysis

E. Sharing with teachers and like-minded companies

Information about our participants and visitors is an important part of our business.

  • Omega on occasion may send you an email message inviting you to join the email list of the teachers who taught the workshop you attended. If you choose to join a teacher's email list, you are agreeing to the privacy policy of the teacher's email list and website. Omega has no responsibility for any teacher’s email list or website.
  • We maintain a file of recent U.S. participants and inquirers, who have not specifically opted out, with a list service bureau to share or “rent” information for mailings with other like-minded organizations whose programs or products are of a similar nature to our own. We hope that you appreciate hearing from these organizations. 
  • Like many organizations, we also participate in a cooperative database. Our customer information is added to a central pool for analytical and modeling purposes. Member organizations of this data co-op may mail to anyone who fits their modelling criteria if allowed, though they will not know the source organization. If you have not otherwise opted out of information sharing, you may also receive mail from the other organizations or companies within the data co-op.

If you wish to opt out of having your contact information shared, please refer to the opt-out information for Information Sharing and Mail List below.

F. How to Opt Out

Omega believes in your privacy and we have created easy steps for you to limit or control the way Omega communicates with you and shares your information.

F.1 Promotional eMails
If you do not wish to receive promotional emails from Omega such as our monthly newsletter or weekly email promotions, please follow the instructions at the end of emails you receive from us. From these emails you can unsubscribe or manage your subscription preferences. It can sometimes take up to 5 business days for our systems to reflect your changes.

F.2 Information Sharing and Mail List: If you wish to limit the way Omega shares your contact information please notify us with your preferences and we will update your record in our systems.

Call: 877.944.2002 ext. 9022 (toll free in the United States)
845.256.8144 ext. 9022 (International)

Email: Send an email to our Data Protection Officer: data@eomega.org

Write: Send us a note addressed to:
Omega Institute
c/o Data Services
150 Lake Drive
Rhinebeck, NY 12572-3252

It is most helpful to send us the mail panels of brochures you’ve received, including the key code and customer number.

At a minimum, please include your full name and street address as it appears on the brochure. Please include your email address with your correspondence, in case we need to clarify something.

F.3 The options listed above are specifically designed to limit or control the receipt of promotional materials and the sharing of gathered information. Omega will still contact you regarding customer service, workshop and conference registration, housing, transportation, and other related issues.

G. Cookies

Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser (if you permit it) that enable the site or service provider’s system to recognize your browser and capture and remember certain information. We use cookies to help us remember and process the items in your shopping cart, understand and save your preferences for future visits, and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We participate in behavioral-based advertising. This means that a third party may use technology (e.g., a cookie) to collect information about your use of our Platform so that they can provide advertising about products and services tailored to your interest. That advertising may appear either on our Platform or on other websites.

If you wish to clear tracking cookies from all of the websites you visit, you can change the preferences or settings in your web browser to control cookies. The Help menu on the menu bar of most browsers will tell you how. In some cases, you can choose to accept cookies from the primary site, but block them from third parties. In others, you can block cookies from specific advertisers or clear out all cookies.

H. Browser and Device Information

Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (e.g., Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version, and the name and version of the Services (such as the App) you are using. We use this information to ensure that the Services function properly.

I. Internet Protocol Address

Your IP address is automatically assigned to your computer by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses the Services, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications, and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems, and administering the Services. We may also derive your approximate location from your IP address.

J. Web Server Traffic, Browsing History, Pixel Tags

We collect standard web server traffic pattern information and your browsing history. General traffic, Platform usage, browser information, and length of stay information are collected and stored in log files. Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Services (including email recipients), measure the success of our marketing campaigns and compile statistics about usage of the Services and response rates.

K. Targeted Outreach and Advertising

We may work with third-party service providers to target advertisements and outreach to you based on your preferences or other information, in some cases combining data we collect from you through online cookies and other technologies with other de-identified data (such as a hashed, non-readable email, or postal address). In addition, we may use third-party service providers to display content-specific advertisements to you after you have left our Platforms when you go to other websites. These third-party service providers may use cookies, web beacons, or similar technologies to tailor advertisements to interests you’ve shown by browsing our Platforms or by visiting other websites. We do not control the third-party service providers' tracking technologies or how they may be used. The collection of your information or use of technologies by third-party service providers is subject to those third-parties’ privacy policies, not Omega’s. For more information on these practices or to learn how to opt-out of receiving targeted advertising from many service providers.

Please visit http://optout.aboutads.info/#!/ and http://optout.networkadvertising.org/.

L. Analytics

We use Google Analytics, which uses cookies and similar technologies to collect and analyze information about your use of the Services and to report on activities and trends. This service may also collect information regarding use of other websites, apps, and online resources. You can learn about Google’s practices by going to www.google.com/policies/privacy/‌partners/ and opt-out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

M. Physical Location

We may collect the physical location of your device by, for example, using satellite, cell phone tower, or Wi-Fi signals. We may use your device’s physical location to provide you with personalized location-based services and content. In some instances, you may be permitted to allow or deny such uses and/or sharing of your device’s location, but if you do, we may not be able to provide you with the applicable personalized services and content.

N. Links

Our Platform contains links to other websites. We do not provide any personally identifiable customer information to these advertisers or third-party websites. Omega has no control over the privacy practices of sites outside our domain. Please note that when you click on one of these links, you are entering another site that is governed by that site’s privacy policy. We are not responsible or liable in any way for, and make no representations or warranties about, the privacy, security, data policies, practices, quality, accuracy, timeliness, or reliability of any third-party sites or their content, advertisements, functionality, and links. We shall not be responsible or liable for any loss or damage of any sort incurred as the result of any dealings between you and any third parties, or your access or use of any third-party site or content.

O. Security

O.1 We implement a variety of security measures to maintain the safety of your personal information when you place an order or access your personal information, including offering use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway provider’s database only to be accessible by those authorized with special access rights to such systems, and they are required to keep the information confidential. However, as with all information submitted online, while we strive to protect personal information, neither Omega nor our service providers can guarantee the security (including but not limited to unauthorized access by third parties, loss, misuse, or alteration) of any information you transmit to us over the Internet.

O.2 After a transaction, your private financial information (credit card numbers or financial information, etc.) will not be stored on our servers. We may retain such information as your name, address, email, and information relevant to your order or reservation, donation, or form submission. Tokenized information, which Omega does receive during a credit card transaction, is not considered financial information under this privacy policy because Omega cannot access bank or card numbers via the token.

O.3 Incorrect or Fraudulent Information: A credit card transaction may be canceled by Omega if we reasonably determine that the order information you provided is incorrect or fraudulent, or if we reasonably believe the credit card utilized is from an unauthorized party.

O.4 Login Profile: You are responsible for maintaining the confidentiality of your account and password, and for restricting access to the computer(s) you have used to place orders. We recommend you keep this information current. Omega is not responsible for updating login profile information.

O.5 Password: To provide you with an increased level of security, access to your login profile is protected with a password you select. We strongly recommend that you do not disclose your password to anyone. Your password will never be requested through unsolicited communication from Omega.

P. Omega Wellness Center

Omega’s Wellness Center may ask for basic medical information that might impact or preclude you from receiving certain Wellness Services, including information about injuries, surgeries, pregnancy, or medical conditions such as cancer. This information is requested on written, paper intake forms for guests who want to participate in a wellness service and these forms are never transmitted electronically either internally or externally. The paper forms are stored at the Center during the season and then moved to a location outside the Center for final storage in a locked location.

Q. Minors

Minors (anyone under the age of 18) are not eligible to pay for Omega services and we ask that minors do not submit credit card information. Omega is not responsible for a minor's use of their parent's credit card.

Q.1 The Children’s Online Privacy Protection Act (“COPPA”) requires that we inform parents and legal guardians about how we collect, use, and disclose personal information (from children under 13 years of age). The Platform is not directed at children under 13 years of age, but we recognize that with proper adult supervision some parents might permit their children to visit and utilize the Plaform. COPPA requires that we obtain the consent of parents and guardians in order for children under 13 years of age to use certain features of the Platform.

Q.2 When your child attempts to register and/or provide personal information to Omega (including on any of the Services), we require a parent or legal guardian to: complete the registration; review our privacy policy and to submit a valid credit card number to verify that the child’s parent or guardian knows about and authorizes our information practices related to children protected by COPPA; and verify through the use of an email confirmation and second authorization that the parent or guardian consents to any applicable Terms and Conditions and this Privacy Policy.

Q.3 The information we collect may include information from which children can be personally identified, including name, mailing address, telephone number, fax number, email address, buying information (e.g., preferences or history), birth date, birthplace, parent’s name, gender, geolocation information, zip code, biographical information, personal interests, and Facebook/Twitter/Google/ ICQ/AIM/Yahoo/MSN/SKYPE user name (or similar user names), when you register with them, use the particular products or services, or post content on a blog site as a guest with authoring rights, or photos, videos, or audio files that may contain children’s image or voice as applicable. For purposes of this Section Q, persistent identifiers that can be used to recognize a user over time and across different websites or online services, such as a user name, is also considered personal information. Where the Platform or Services collect a persistent identifier and no other personal information, and such identifier is used for the sole purpose of providing support for the internal operations of the Platform or the Service, no notice will be given.

Q.4 Once parental or guardian notice and consent has been verified, the information we collect will be treated the same as information collected from any other user of the Services.Without verified parental notice and consent, we will not knowingly collect personal information of children under 13 years of age, and if we learn that we have inadvertently collected such information, we will promptly delete it, provided that we will not delete the information needed to (i) protect the security or integrity of the Platform or Services; (ii) take precautions against liability; (iii) respond to judicial process; or (iv) to the extent permitted under other provisions of law, to provide information to law enforcement agencies or for an investigation on a matter related to public safety; and where such information is not to be used for any other purpose.

Q.5 How Parents Can Access their Children’s Personal Information: In compliance with COPPA, parents and legal guardians may request us to review, delete, or stop the collection of the Personal Data of their child. In order to do so, you may contact us by letter, phone, or email, using the address information provided in Section F of this Privacy Policy or on our “Contact Us” page of the Platform. If you request that no further information about your child be collected or used, we will be required to terminate your child’s ability to use the sections of the Platform that require a user to “sign in.”

R. Your Consent

By using our Platform, you consent to our online Privacy Policy. Your information, including personal data, may be transferred to—and maintained on—computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are located outside the United States and choose to provide information to us, please be aware that we transfer the data, including personal data, to the U.S. and process it there. Your consent to this Privacy Policy, followed by your submission of information, represents your agreement to that transfer.

S. International Visitors to Our Platform

If you are located outside of the U.S., the personal information you provide to us will be transferred to the U.S. and governed by applicable U.S. laws and regulations and this Privacy Policy. Some of this information may be transferred to, processed, and stored temporarily by our service providers in other countries. By submitting your personal information, you consent to its transfer to and storage in the U.S. and other countries designated by us, its exclusive governance by the law and regulations of the State of New York and of the U.S., and its use in accordance with the purposes for which it was originally collected and as set forth in this Privacy Policy.

T. GDPR Data Privacy Statement

FOR RESIDENTS OF THE European Economic Area (EEA) ONLY.

We endeavor to ensure that any personal data we collect about you will be held and processed strictly in accordance with the Data Protection Act of 1998 (DPA) and the European General Data Protection Regulation (GDPR). Terms with meanings under GDPR are identified here:

  1. “controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by EU or other applicable law, the controller or the specific criteria for its nomination may be provided for by EU or other applicable law. We are considered a “Data Controller”. Data Controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

  2. We utilize “Data Processors (or Service Providers),” which means any person (other than an employee of the Data Controller) who processes the data on behalf of the Data Controller.

  3. You, or any User, would be considered a “data subject”. A data subject is any living individual who is the subject of personal data.

  4. “personal data” means any information relating to a data subject, such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

  5. “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

  6. “recipient” means a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with EU or other applicable law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

Legal Basis

We process personal data based on at least one of the following statutory sources:

  • Permission of the data subject to the processing of his/her personal data concerning one or more specific purposes (Art. 6 Para.1 S.1 lit.a GDPR);
  • Completion of a contract with the data subject or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6 Para.1 S.1 lit.b GDPR);
  • Compliance with a legal obligation we are subject to (Art. 6 Para.1 S.1 lit.c GDPR);
  • Protection of the vital interests of the data subject or of another natural person (Art. 6 Para.1 S.1 lit.d GDPR);
  • Protection of our legitimate interests or those legitimate interests of a third party (Art. 6 Para.1 S.1 lit.f GDPR)

The respective legal basis of individual processing operations is referred to below in this Data Privacy Statement within this Privacy Policy.

Disclosure of personal data to recipients

We only share personal data with recipients (processors of personal data or other third parties) to the extent necessary and only under one of the following conditions:

  • Permission of the data subject to the transfer of his/her personal data;
  • The transfer is necessary for the fulfillment of contractual obligations or in order to take steps at the request of the data subject prior to entering into a contract;
  • We are legally obligated to transfer the data;
  • The disclosure is based on our legitimate interests or those legitimate interests of a third party.

Under European data protection law, you have:

  1. The right to access: You may request a copy of your personal data;
  2. The right to rectification: You may request correction of your personal data that you believe is inaccurate or incomplete;
  3. The right to erasure: You may request that we erase your personal data, under certain conditions enumerated under Article 17 (https://gdpr-info.eu/art-17-gdpr/);
  4. The right to restrict processing: You may request that we restrict the processing of your personal data, under certain conditions;
  5. 5he right to object to processing: You may object to our processing of your personal data, under certain conditions;
  6. The right to data portability: You may request that we transfer to another organization, or to you, the data we have collected about you, under certain conditions; and
  7. The right to withdraw your consent: You may request that we not process your personal data for marketing purposes. As described in this Privacy Policy, we will usually inform you (before collecting your personal information) if we intend to use your personal data for such purposes or if we intend to disclose your information to any third party for such purposes.

You can exercise any of these rights by contacting us as follows:

Call: 877.944.2002 ext. 9022 (toll free in the United States)
845.256.8144 ext. 9022 (International)

Email: Send our Data Protection Officer an email: data@eomega.org

Write: Send us a note addressed to:

Omega Institute
c/o Data Services
150 Lake Drive
Rhinebeck, NY 12572-3252

If you believe that we have not complied with our obligations under this Privacy Policy or European law, you have the right to make a complaint to an EU Data Protection Authority.

Deletion and Limitation of Personal Data

We delete personal data processed according to Art. 17 GDPR and restrict the processing of personal data pursuant to Art. 18 GDPR. Unless otherwise specified herein, personal data is deleted if it is no longer necessary for the purposes for which it was collected or otherwise processed and the deletion does not conflict with any statutory requirements of safeguarding the personal data. If personal data is required for legally permissible purposes, it will not be deleted but its processing will be limited to such purpose. This applies, for example, to personal data that must be retained by us for commercial or tax law reasons.

  1. Processing operations
    1. Hosting

      To make our Platform available to the public, we use hosting services provided by hosting providers, such as the supply of web servers, disk space, database services, security, and maintenance services. Therefore we and our hosting provider are processing personal data of users of our Platform on the basis of our legitimate interests under Art. 6 Para. 1 lit. f GDPR.

    2. Access Data and Log Files

      When you access our Platform or one of its pages, the browser on your device automatically sends information to the Platform’s server. This information is stored in so-called log files by us or our hosting provider. The following information is stored:

      • IP address of the computer requesting access to our Platform
      • Date and time of the access
      • Name and URL of the retrieved file
      • Platform from which access is made (referrer URL)
      • The browser used and, if applicable, the operating system of your computer
      • Database changes and errors

      This data is processed for the following purposes, and the legal basis for such data processing is Art. 6 Para. 1 p. 1 lit. of GDPR:

      • Providing the Platform, including all functions and contents
      • Enabling an unobstructed dial-up connection to the Internet
      • Enabling easy utilization of our Platform
      • Ensuring system security and stability
      • Anonymized statistical evaluation of visitors accessing our Platform
      • Platform optimization
      • Other administrative purposes
    3. Registration / User Account

      You have the opportunity to register on our Platform. Registering requires the providing of personal data. The registration is voluntary and is in accordance with Art. 6 Para. 1 p. 1 lit. a GDPR on the basis of your voluntary consent. The personal data being transferred depends on the data input in the registration form. The personal data recorded is used as described above and to contact you. You may access your personal data and make changes to it. Your data will be stored until you delete the user account or instruct us to delete your data. Other than obligations to retain your personal data on the basis of statutory retention periods, under tax and commercial law, the processing of your personal data will be restricted until the retention period expires, and then the data will be deleted.

      If you register on our Platform or create a user account, we store the IP address and the time of the respective use. This storage is based on our legitimate interest under Art. 6 Para. 1 p. 1 lit. f GDPR in providing such options. The user account and data stored in connection with it also facilitate purchases, access to historical orders, and the writing of customer reviews. Transfer of this data to third parties does not take place unless it is required to fulfil contractual obligations according to Art. 6 Para. 1 lit. b GDPR or for the prosecution of any claims or if there is a legal obligation according to Art. 6 Para. 1 lit. c GDPR.

    4. Contract Data

      In connection with and for the purpose of fulfilling pre-contractual measures and contractual obligations via our Platform upon request of the data subject, we process the data of the data subject required for the fulfillment of the contract. This includes:

      • Data of the contractor, such as name, address and contact details, if applicable different delivery or billing addresses or recipients, roommate request, and gender;
      • Contractual data, such as subject of the contract, duration, and customer category;
      • Payment data, such as bank details, credit card data, and payment history.

      The legal basis for the data processing is Art. 6 Para. 1 p. 1 lit. b GDPR. The data will be transferred to third parties only to the extent to fulfil pre-contractual and contractual obligation, e.g. to banks, payment service providers, and credit card companies for the payment transaction and to email service providers.

    5. Application Form

      By using our application form you are asked to submit your name, contact information, and further application information, so we can consider your application and contact you personally. Data to process your application is processed according to Art. 6 Para. 1 sentence 1 lit. a GDPR on the basis of your voluntarily given consent.

  2. Communication
    1. Email Marketing to Customers

      If you are our customer and we have received your email address in connection with the sale of a good or service, we are authorized to use your email address for purposes of customer service, direct marketing of similar goods or services. This only applies if you have not objected to such use and we have explicitly informed you about the possibility to object to such use when collecting the email address and every time we use your email address. Legal basis of such processing is our legitimate interest in direct marketing according to Art. 6 Para. 1 lit. f GDPR.

    2. Newsletter

      If you would like to receive our newsletter, we require your email address. The data processing for the purpose of sending you our newsletter is carried out pursuant to Art. 6 Para. 1 p. 1 lit. a GDPR on the basis of your voluntary consent by means of the so-called double opt-in procedure. Your email address and other provided details will be used and stored for this purpose until you revoke your consent or unsubscribe from receiving the newsletter. It is possible to unsubscribe from our newsletter at any time, for example via a link at the end of each newsletter. Alternatively, you can unsubscribe at any time by sending an email to the email address documented under II.

      We send our newsletters with a so-called counting pixel. A counting pixel is a miniature graphic embedded in the HTML format of the newsletter to allow for analysis of reader behavior. In this context, we store whether and at what time a newsletter was opened by you and which of the links contained in the newsletter you accessed. We use this data to generate statistical evaluations about the success or failure of a marketing campaign in order to optimize the delivery of newsletters and to better tailor the content of future newsletters to your interests. The collected data will not be passed on to third parties and will be deleted after the statistical evaluation.

    3. Act-On

      All email marketing is sent via Act-On. The provider of Act-On is Act-On Software Inc., 121 SW Morrison St, #1600, Portland, Oregon 97204, USA (hereafter “Act-On”). Act-On is used for the distribution and analysis of the reach of our email marketing. For this purpose, your email address as well as any other data required by Act-On for the supply of our email marketing will be processed on our behalf. The legal basis for processing by Act-On is Art. 6 Para. 1 lit. f GDPR and our legitimate interest to establish a user-friendly and secure newsletter system.

      The collected personal data is stored on servers in the U.S. Act-On has entered the EU/U.S. PrivacyShield and therefore complies with the requirements of the EU to legitimize the transfer of personal data to the U.S. Information on Act-On’s commitment concerning the PrivacyShield can be found at https://www.privacyshield.gov/participant?id=a2zt0000000KzMNAA0&status=Active. For more information about how Act-On handles your personal data, please see the privacy policy of Act-On at https://www.act-on.com/privacy-policy/.

  3. Payment Service Provider
    1. PayPal

      This Platform uses PayPal as a payment service provider. Provider is PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereafter “PayPal”). PayPal assumes the function of an online payment provider as well as a trustee and provides buyer and seller protection services. In case of payment via PayPal, credit card via PayPal, debit via PayPal, or – if offered – purchase on account via PayPal, your name, email address, purchased products, invoice amount, and billing and shipping address will be transferred to PayPal within the scope of the payment. If the payment methods credit card via PayPal, debit via PayPal, or – if offered – purchase on account via PayPal are used, PayPal will, if applicable, request a credit rating query, to verify creditworthiness and minimize payment defaults when deciding to accept the payment transaction. Probability values will be used for a credit rating query (so-called score values), and address data will be included into the calculation. A recognized mathematical-statistical method is the foundation of calculating those score values. If the credit rating is insufficient, PayPal can reject the chosen payment method. Legal basis of such processing: Art. 6 Para. 1 lit. b GDPR.

      If you disagree with the data transfer or you consider your credit rating is not suitable for the chosen payment method, we ask you to use another payment method. For more information about how PayPal handles your personal data, please see the privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=en_EN.

  4. Statistics and Analysis
    1. Facebook Pixel

      Within our website we use the so-called “Facebook-Pixel”. Provider is Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. Responsible for the processing of personal data of individuals in the EU is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

      Facebook has entered the EU/U.S. PrivacyShield, is thereby committed to comply with European privacy standards and therefore is in compliance with the requirements of the European Union to legitimize the transfer of personal data to the U.S. Information on Facebook’s commitment concerning the PrivacyShield can be found at https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

      The use of this technology enables Facebook to assign the visitors to our Platform to certain groups (e.g. visitors to our Platform or rather according to the fields of interest we have passed on to Facebook, so-called “custom audiences”) for the display of specific advertisements and to be able to recognize them. This ensures that these users are shown only personalized advertisements and so harassment by improper advertising can be avoided. By using Facebook-Pixel we can also understand the effectiveness of our Facebook advertisements for statistical purposes and track whether and how a user has used our offer after clicking on the advertisement.

      More information about Facebook-Pixel and how it works can be found at https://www.facebook.com/business/help/651294705016616. Details about Facebook’s processing of data and general information about Facebook advertisements can be found in the Facebook at https://www.facebook.com/about/privacy/update. You can opt out of the collection of your data by Facebook-Pixel, and its advertisement functions, in your Facebook account under the heading “settings”. Information about these settings can be found at https://www.facebook.com/settings?tab=ads (login required).

      The use of Facebook-Pixel helps us advertise our products and services in an appropriate, tailored manner. The legal basis for such use of Facebook-Pixel is the legitimate interests of us and third parties for these purposes according to Art. 6 Para. 1 lit. f GDPR.

  5. Services of Google

    Provider of the following Google services: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereafter “Google”).

    The legal basis for using the following Google services is our legitimate interest according to Art. 6 Para. 1 lit. f GDPR. Google has entered the EU/ U.S. PrivacyShield, is thereby committed to comply with European privacy standards, and is in compliance with the requirements of the European Union to legitimize the transfer of personal data to the U.S. Information on Google’s commitment concerning the PrivacyShield can be found at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

    For more information about how Google handles your personal data, please see the privacy policy of Google at https://www.google.com/intl/en/policies/privacy/.

    Information about Google’s use of data for advertising purposes, settings and options, can be found at the following:

    1. Google Analytics

      This Platform uses Google Analytics by Google. Google Analytics uses cookies. Google collects data about the user visits of our Platform and the user behaviour. This data serves the purpose of ensuring usability and a continuous optimization of our Platform, to measure the success of marketing measures and to create statistical evaluations. In this context pseudonymised user profiles are created and cookies are used. Information provided through a cookie about your usage of this Platform such as browser type/version, utilized operating system, referrer-URL (before visited page), host name of the accessing computer (IP address), and time of server request will be transmitted to and stored on a server of Google in the U.S. User and use data will be deleted after 26 months. This information will also be transferred to third parties if required by law or if third parties process this data on behalf of us or Google. Under no circumstances will your IP address be merged with any other data of Google. IP addresses will be anonymized. You can avoid cookie storage by adjusting your browser software settings. Without cookies, some functions of this Platform may not work. You can avoid the collection of data generated by the cookie and related to your use of the Platform, as well as the collection and processing of data by Google Analytics, by downloading and installing a browser plugin that can be found at https://tools.google.com/dlpage/gaoptout?hl=en. This add-on ensures that no visitor data from your browser will be collected and stored by Google Analytics on future visits to this Platform. Note that if you delete your cookies the add-on will be deleted as well and you may have to activate it again.

    2. Demographic Characteristics by Google Analytics

      Our Platform uses the function “demographic characteristics” as part of Google Analytics so reports can be created containing information such as age, gender, and interests of Platform visitors. This data comes from interest-based advertising from Google and third-party visitor data. This data cannot be assigned to a specific person. The legal basis for the use of these Google services is our legitimate interests to optimize and optimally market our Platform according to Art. 6 Para. 1 lit. f GDPR. You can disable this feature at any time through the display settings in your Google account or generally prohibit the collection of your data by Google Analytics as outlined above.

    3. Google Maps

      This Platform uses Google Maps by Google to display site plans, maps, terrain data or geographic maps. This service collects your IP address, notes Platform pages you have visited, and, if applicable, collects other data required by Google to provide Google Maps (e.g., location data). Generated information will be stored on a server in the U.S. This information will be transferred to third parties if required by law or if third parties process these data on behalf of us or Google. The terms of use for Google Maps can be found at https://developers.google.com/maps/terms-20180207.

    4. Google Tag Manager

      This Platform uses Google Tag Manager for tagging. This service allows Platform tags to be managed by a single interface. No cookies are used and no personal data is collected. The Google Tag Manager triggers other tags which may collect data. However, Google Tag Manager does not access this data. If there is a deactivation at the domain or cookie level, it will remain in effect for all tracking tags if they are implemented with the Google Tag Manager.

  6. Social Media Plugins

    Our Platform uses social media plugins of social networks. If a page of our Platform is opened with such a plugin, your browser establishes a direct connection to the server of the respective plugin, whereby the respective provider learns which page of our Platform was accessed and from which IP address. The same applies to any interaction with the respective Social Media Plugin (e.g., liking or sharing content, or commenting on a post).

    If you are logged in to the respective social network at the same time, the respective provider of that social network can directly match the visit to the page of our Internet offer to your user account there. If you click on the button of the respective plugin, the corresponding information will be transmitted to the respective provider and published there as a post in the profile of your social network. If you do not want the provider to be able to match the data collected on our Platform to your respective user account from the provider, you must first log out of the respective social network. The purposes of plugins are to make our Platform better known and to share content from our Platform in social networks. The legal basis for the use of social media plugins is our legitimate interests according to Art. 6 Para. 1 lit. f GDPR of making our Platform better known through social media.

    1. Twitter Tweet-Button

      Our Platform uses the Twitter plugin provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, or Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. The plugin is recognizable by the Twitter logo. Information such as your IP address and which of our Platforms you have visited will be collected, as well as, if applicable, other data that Twitter identifies in the context of the connection. If you are logged in to your Twitter account at the same time, Twitter can match the visit to the Platform to your Twitter account.

      Generated information will be stored on a server in the U.S. Twitter has entered the EU/U.S. PrivacyShield and therefore is in compliance with EU requirements to legitimize the transfer of personal data to the U.S. Information on the EU/U.S. PrivacyShield can be found at: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active. Further information on privacy settings in your Twitter account can be found at http://twitter.com/account/settings. For more information about how Twitter handles your personal data, please see the privacy policy of Twitter at http://twitter.com/privacy.

  7. Media Content

    To improve or complement our content, the Platform also uses content from providers such as YouTube (Google), Vimeo, and Adobe TypeKit. The legal basis for using the following social media plugins is our legitimate interest in improving or complementing the Platform with third-party content, according to Art. 6 Para. 1 lit. f GDPR.

    1. YouTube

      Our Platform displays content from YouTube, whose provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereafter “Google”). This service collects your IP address and, if applicable, any other data required by Google for YouTube. Information generated regarding your use of this Platform is stored on a server in the U.S. This information may also be transferred to third parties if required by law or if third parties process such data on behalf of us or Google. If you are logged in to YouTube at the same time, Google can directly match the visit to the page of our Platform and your YouTube user account. If you do not want Google to be able to match the data collected on our Platform to your respective user account on YouTube, you must first log out of YouTube.

      Google has entered the EU/ U.S. PrivacyShield, thereby complying with EU requirements concerning the transfer of personal data to the U.S. Information on Google’s commitment to the PrivacyShield can be found at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. For more information about how Google handles your personal data, please see the privacy policy of Google at https://www.google.com/intl/en/policies/privacy/.

    2. Vimeo

      Our Platform uses media content of the Vimeo platform. Provider is Vimeo, LLC headquartered at 555 West 18th Street, New York, NY 10077 USA (hereafter “Vimeo”). The purpose is the display of contents of the platform Vimeo in the context of our Platform. This service collects your IP address and, if applicable, any other data required by Vimeo. The generated information about your use of this Platform is stored on a server in the U.S. This information may also be transferred to third parties if required by law or if third parties process these data on behalf of us or Vimeo. If you are logged in to Vimeo at the same time, Vimeo can directly match the visit to the Platform to your user account. If you do not want Vimeo to be able to match the data collected on our Platform to your respective user account on Vimeo, you must first log out of Vimeo. More information about data processing and data protection by Vimeo, can be found at https://vimeo.com/privacy .

    3. Adobe Typekit

      This Platform uses external font types by Adobe Typekit. Provider is Adobe Systems Incorporated, San Francisco, 345 Park Avenue San Jose, California 95110, USA (hereafter “Adobe”). Your browser will load the required fonts into the browser cache when you visit the Platform. If your browser does not support this feature a standard font will be used by your computer to display the Platform. This service collects your IP address, which of our Platforms you have visited and, if applicable, any other data required by Adobe for the provision of the fonts. The generated information about your use of this Platform is stored on a server in the U.S.

      Adobe has entered EU/ U.S. PrivacyShield and therefore is in compliance with EU requirements to legitimize the transfer of personal data to the U.S. Information on Adobe’s commitment concerning the PrivacyShield can be found at https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active. For more information about how Adobe handles your personal data, please see the privacy policy of Adobe at https://www.adobe.com/en/privacy/policy.html, as well as additional information for Adobe Typekit at https://www.adobe.com/en/privacy/policies/typekit.html.

U. Changes to this Privacy Policy

This Privacy Policy may be amended from time to time. Any modifications will be reflected online, so check back periodically. If we make a significant or material change in the way we use your personal information, we will make you aware by prominently posting a notice on our Platform.

Contact Us
If there are any questions regarding this Privacy Policy you may contact us using the information below.

Omega Institute
150 Lake Drive
Rhinebeck, New York 12572
eOmega.org
registration@eomega.org
845.266.4444