Compliant with the General Data Protection Regulation [GDPR] of the European Union

Introduction The Adidam Holy Institution and all associated websites and membership portals are committed to protecting your personal data and ensuring your online privacy. This Privacy Policy provides transparent information on how we manage the processing of your personal data. By using our websites, you consent to our privacy policy and the practices described herein.

1. Identity and Contact Details of the Data Controller The Adidam Holy Institution Contact: outreach@adidadm.com.
2. Information We Collect:

• Personal Identifiers: Name, user account names, government ID numbers, signature, and unique identifiers.
• Contact Information: Email address, postal address, billing address, delivery/shipping address, and phone numbers.
• Financial Information: Credit/debit card numbers and other payment information.
• Transaction Information: Purchase and transaction histories.
• Account Information: Username, password, purchase information, address information, and communication preferences.
• Online and Technical Information: IP address, device identifiers, browser type, time zone setting, and browsing data collected via cookies and similar technologies.
• User Content: Product reviews and other feedback.

It is our policy to collect the minimum necessary data.

3. Sources of Personal Information We collect personal information directly from you (e.g., when you provide information on our websites) and automatically (e.g., through cookies and similar technologies).
4. How We Use Your Information

• Provide products and services you request, including processing payments and fulfilling orders.
• Communicate about your account, order status, relevant programs, promotions, and offerings.
• Process personal data for administrative purposes, order-related communication, and the execution of services.
• Send newsletters and information about retreats, courses, or events.
• Improve our website and diagnose technical issues.

5. Legal Basis for Processing

GDPR [the European Union’s General Data Protection Regulation] Compliance:

• Contractual Necessity
• Legitimate Interests
• Consent

CCPA [California Consumer Privacy Act] and US State Law Compliance:

• Disclosures required under CCPA
• Right to opt-out of the sale of personal data

LGPD [Brazilian General Data Protection Law] Compliance:

• Legal Bases for Processing: Consent, contractual necessity, legitimate interests, etc.

6. Retention of Personal Data We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.
7. Sharing Information with Third Parties We may share your data with third parties to perform services on our behalf. We do not sell or trade your personal information without your explicit consent except as required by law.
8. Categories of Third Parties with Whom We Share Data

• Internet and IT infrastructure providers
• Financial administration services
• Newsletter distribution services

9. Minors We only process personal data of minors with the written consent of a parent or guardian, i.e., via email consent to the email address noted in this privacy policy.
10. Security Measures We implement technical and organizational measures to protect your personal data. We will also inform users and authorities within 72 hours if a data breach occurs.
11. Your Rights

GDPR:

• Access: Request access to your personal data.
• Correction: Request corrections to inaccurate data.
• Deletion: Request deletion of your data.
• Objection: Object to data processing for direct marketing.
• Data Portability: Request a copy of your data in a machine-readable format.
• Withdrawal of Consent: Withdraw consent for data processing.

CCPA and US State Laws:

• Right to Know: Know what personal data is being collected.
• Right to Delete: Request deletion of personal data.
• Right to Opt-Out: Opt-out of the sale of personal data.
• Right to Non-Discrimination: Protection against discrimination for exercising CCPA rights.

LGPD:

• Confirmation: Confirm the existence of data processing.
• Access: Request access to your personal data.
• Correction: Request corrections to inaccurate data.
• Anonymization, Blocking, or Deletion: Request anonymization, blocking, or deletion of unnecessary or excessive data.
• Portability: Request portability of your data to another service provider.
• Deletion: Request deletion of personal data processed with your consent.
• Information: Get information about public and private entities with which the controller has shared data.
• Revocation of Consent: Withdraw consent for data processing.

PIPEDA [Canada’s Personal Information Protection and Electronic Documents Act]:

• Access: Request access to your personal data.
• Correction: Request corrections to inaccurate data.

To exercise these rights, contact us at outreach@adidadm.com.

12. Data Transfers Outside the EU If applicable, we will inform you of data transfers outside the EU and the safeguards in place to protect your data.
13. Automated Decision-Making We do not use automated decision-making processes, including profiling, that produce legal effects or similarly significant impacts.
14. Cookies and Automated Information Collection We use cookies to enhance your experience and analyze website usage. You can control cookie settings through your browser, although some features may be unavailable if cookies are disabled.
15. Changes to This Privacy Policy We may update this policy periodically. Changes will be posted on our website and the “Last modified” date will be updated.
16. Contact Information For any questions about this Privacy Policy, contact us at: outreach@adidadm.com.

By using our services, you agree to this Privacy Policy and consent to the processing of your personal data as described.