Lotus Institute Privacy Policy

Lotus Institute, Inc., Privacy Notice

The European Union (EU) has created new regulations, called the General Data Protection Regulation or GDPR, in order to protect the data and privacy of all individuals within the EU. This legislation was designed to give EU residents control over their personal data. The GDPR became effective as of May 25, 2018.

The Lotus Institute, Inc., is fully committed to complying with the GDPR. This Privacy Notice tells you how we use personal data. Please note that we do not knowingly process the personal data of anyone under the age of 21. By using our website or purchasing goods or services from us, you represent that you are age 21 or over.

Personal Data We Collect

The Lotus Institute collects information from you in one of two ways:
1) Through emails you send us and information you provide us on our website. We collect your name and email address. We rely on your consent when we collect and use that information. You can withdraw your consent at any time by emailing us at
info@lotusinstitute.com.
2) Through contracts you enter into with us for goods or services. We collect your name, email address, physical address and payment information. We rely on our contract with you to collect and use that information.

How We Use Your Personal Data

1) When we collect information from you through emails or our website, we use that information to contact you to answer questions you have asked us. We also email newsletters periodically.

2) When we collect information from you through contracts you enter into with us for goods or services, we use that information to complete the contract and to follow up with you regarding the contract, if necessary.

When We Share Your Personal Data

We do not share your personal data with third parties, accept to provide access to our website, complete a transaction you have requested or to comply with law enforcement or legal processes.

Shopify hosts our website. Shopify’s Privacy Policy:

https://www.shopify.com/legal/privacy

page1image982630592page1image982630928

Network Solutions hosts our email server. Network Solutions Privacy Policy:

https://assets.web.com/legal/English/PrivacyPolicy.pdf

Mail Chimp services our newsletters. Mail Chimp’s Privacy Policy:

https://mailchimp.com/legal/privacy/

How Long We Keep Your Personal Data

We retain your personal data to provide you with newsletters and other information about the Lotus Institute. You may ask us to remove your contact information from our mailing list by emailing us at info@lotusinstitute.com.

Transactional data is retained only as long as necessary to complete the transaction.

EU Residents’ Rights Under the General Data Protection Regulation

The General Data Protection Regulation (GDPR) provides European Union residents with certain rights. These rights are:
1) The right to be informed. You have the right to know the purposes for processing your personal data, how long your data will be kept and who your data will be shared with.

2) The right of access. You have the right to access your personal data.
3) The right to rectification. You have the right to have inaccurate personal data rectified or completed if it is incomplete.
4) The right to erasure. You have the right to have your personal data erased in certain circumstances, also known as “the right to be forgotten.”
5) The right to restrict processing. You have the right to request the restriction of processing of your personal data in certain circumstances.
6) The right to data portability. You have the right to receive personal data that you have provided to one controller and have it transmitted to another controller. 7) The right to object. You have the right to object to the processing of your personal data in certain circumstances.
8) Rights related to automated individual decision making and profiling. The GDPR places restrictions on automated individual decision-making (making a decision by automated means without any human involvement) and profiling (automated processing of personal data to evaluate personal aspects about an individual).

You can exercise the above rights by contacting us at info@lotusinstitute.com.

When We Transfer Your Personal Data Out of the EU

If you reside in the EU, the Lotus Institute transfers your personal data to third countries out of the EU, usually the United States, when you explicitly consent to the transfer after having been informed of the possible risks or to perform a

page2image983722000page2image983722336

contract you have requested between you and the Lotus Institute. The Lotus Institute relies on GDPR Article 49(1)(a) and (b) as the bases for the transfers.

Our Data Protection Officer

We have assigned Kelly Harrington, Executive Director of the Lotus Institute, Inc., as our Data Protection Officer to oversee the compliance with these regulations.

How to Make a Complaint

If you are an EU resident and wish to exercise any of your rights above, please contact us with your request at: info@lotusinstitute.com.