Data protection


1. introduction


In the following, we inform you, among other things, who is responsible for processing your data, what data we collect in connection with your visit to our website and use of our services, for what purposes we process this data and to whom we may disclose this data. We will also inform you about the duration of the processing of your data, the legal basis for the processing (if such processing is necessary) and about the rights to which you are entitled vis-à-vis us with regard to the processing of your data. This privacy policy applies to all your data that we already have or that we will have in the future. Please note that we may amend the privacy policy from time to time. The current version published on our website applies.


Personal data is all information relating to an identified or identifiable person (hereinafter referred to as ‘personal data’). This includes, in particular, information such as name, address, telephone number, e-mail address and, under certain circumstances, IP addresses and device IDs. In addition to personal data, the generic term ‘data’ also includes non-personal and anonymised data in this privacy policy. Processing means any handling of data, regardless of the means and procedures used, in particular the collection, storage, use, modification, disclosure, archiving or deletion of data (hereinafter ‘processing’).


If you provide us with the personal data of other persons, please ensure that these persons are aware of this privacy policy and only share their personal data with us if you are authorised to do so under applicable data protection law.


2. Name and address of the controller


Responsible for data processing in accordance with this privacy policy is

Bikram Yoga College of India-Zurich GmbH

Grüngasse 21, 8004, Zurich

043 243 35 80

info@bikramyoga.ch



3. Categories of data processed


We collect certain data when you visit our website, use our services and contact us. In principle, we collect this data directly from you. The personal data that we process may include the following data:

  • Data that is collected or disclosed when you visit our website or use our services. This includes, among other things, the IP and MAC address or device ID of the device used, cookies, pages accessed by you and search terms entered, entries in dialogue boxes, ratings, time and duration of visits, clicks, referrer/exit URL, information on the time of use, browser and device type and operating system used and Internet service provider, amount of data transferred.
  • Data exchanged in or in relation to contact with us, e.g. communication by letter, telephone, email, contact form, etc. (in particular name, contact details, gender, marital status, date of birth, job title, photo, employees, language, payment information).
  • Data provided when registering for a newsletter or for downloading files (e.g. software) (in particular e-mail address and name).
  • Data provided when creating a customer account for online shopping and in connection with orders placed (in particular user name, password, selected payment method and delivery address).
  • Data relating to offers and concluded contracts (e.g. contract date, type, content, product, parties, term, value, adjustments, payment details, contact details, contact persons, billing and correspondence addresses, customer feedback, cancellations, disputes, etc.).
  • Data that is disclosed as part of the comment function (in particular your e-mail address, the user name you have chosen, unless you post anonymously, and your IP address).
  • Data that you disclose when participating in competitions, surveys and the like.


The above data does not always constitute personal data. As a rule, we cannot assign data that is generated when using our services without registration (e.g. for a newsletter or online shop) to any individualised person by name. In individual cases, however, this may be possible in combination with other data.


Please note that the information provided in connection with the use of the contact form or the comment function may include particularly sensitive data (e.g. health data) and that you provide this to us voluntarily.


4. processing purposes


We will process personal data, to the extent permitted by applicable law, in particular for the following purposes:


  • Initiation, conclusion, fulfilment and processing of contracts;
  • Offering, developing and improving our services, developing new services, operating, maintaining, optimising and ensuring the security of our services and infrastructure;
  • Administration of the users of our services, identity checks, log-ins and other authentications;
  • Maintaining, administering and developing our customer relationships, communicating with customers and third parties, promotions, advertising and marketing, offering customised services and relevant content;
  • Quality control, compilation of statistics;
  • Compliance with legal and regulatory obligations and internal rules, law enforcement, civil, administrative and criminal proceedings, complaints, combating abuse, investigations and responding to enquiries from authorities and official bodies.


5. Legal basis


We use the personal data for the above purposes on the basis of the following legal bases, insofar as this is required under the applicable data protection law:


  • Contract fulfilment;
  • fulfilment of legal obligations;
  • Consent given to us or third parties;
  • Legitimate interests of us and third parties, in particular
  • Offering and providing services;
  • Advertising and marketing;
  • Maintaining contact and communication with users;
  • User administration, identity checks, log-ins;
  • Compliance with legal and regulatory obligations, law enforcement, civil, administrative and criminal proceedings, complaints, investigations and responding to requests from public authorities.


6. Publication and disclosure of data


We may publish and share data as follows:


Contract data processors


We may commission third parties with the provision of certain services (e.g. in the area of IT, operation of applications, administration, dispatch, etc.) and with the processing and storage of data (so-called ‘contract data processors’). Contract data processors may have access to personal data and process it on our behalf. In doing so, we oblige the processors to comply with data protection law and only process data in the same way as we do ourselves. Contract data processors who may receive personal data may be located in any country, in particular in Switzerland, Germany, Israel and the USA.


Contractual partners


We may pass on data to contractual partners (e.g. sales partners, service providers, financial companies, etc.). This is done, for example, to fulfil contractual obligations, to offer certain services, for debt collection and marketing purposes, to analyse the use and operation of our services, systems and infrastructure and for payment processing. Possible recipients may also be purchasers or parties interested in acquiring business divisions, the companies or parts thereof. Contractual partners may obtain access to personal data and process it for their own purposes (e.g. for the fulfilment of contracts or the fulfilment of their own legal obligations). They are themselves obliged to comply with applicable data protection laws. Contractual partners who may receive personal data may be located in any country, in particular in Switzerland, in EU and EEA countries and in the USA.


Transfers to authorities


In certain situations, we may disclose data to authorities, official bodies and other third parties. We do this in cases where we are officially or officially requested to do so or are obliged to do so in our judgement.


7. Storage period


We store personal data for as long as this is necessary for the purpose for which we collected it. Certain personal data is also subject to legally binding retention obligations of ten or more years, which we take into account. We may also store personal data for at least the duration of the applicable statute of limitations, which in many cases is five or ten years. We generally delete personal data that is generated in connection with the use of our services (e.g. protocols, logs, analyses, etc.) and that is not subject to such retention or limitation periods earlier as soon as we no longer have an interest in processing it. Data can also be stored for longer in anonymised form. Subject to an express contractual agreement, we are under no obligation to you to retain data for a specific period of time.

8. Data security


We use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

9. Your rights (rights of data subjects)


Every data subject has a right of access to personal data concerning them. They also have the right to request that we rectify, erase or restrict personal data concerning them and to object to such processing of personal data. The exercise of such rights generally requires that the data subject can clearly prove their identity. If the processing of personal data is based on consent, the consent can be revoked by the data subject at any time. In certain cases, the data subject has the right to receive the data generated when using online services in a structured, commonly used and machine-readable format that enables further use and transmission. Requests in connection with these rights should be sent to the above address. We reserve the right to restrict the rights of the data subject within the framework of the applicable law and, for example, not to provide complete information or not to delete data. We would also like to draw your attention to the fact that if your personal data is deleted, services may no longer be available or usable in whole or in part.


Every data subject has the right to lodge a complaint with the competent data protection authority. In the case of a controller in Switzerland, this is the Federal Data Protection and Information Commissioner. In the case of a controller in the Principality of Liechtenstein, this is the Liechtenstein Data Protection Authority.


10. cookies, web analysis and tracking tools

We use various common technologies to collect, store and analyse data when you visit our website and use our services.


These include, in particular, cookies that can be used to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you are using. When you call up a service again, it can recognise your browser or device with the help of the cookie. Cookies can save user settings and other information. We use session cookies. These are necessary in order to be able to perform the basic functions of the services and are automatically deleted again after our services have been used. We also use temporary and permanent cookies, which remain stored on your computer or mobile device for longer. The information collected using cookies enables us to improve our website and services in line with customer requirements and to provide you with customised offers.


You can block the use of cookies in your browser settings or delete them there. Please note that if you do not allow cookies, you may not be able to use all the functions of a service to their full extent, and that if you delete cookies, any opt-out cookies you have set will also be deleted. Such opt-out cookies would then have to be reactivated when you visit the relevant service again. Otherwise, you will be recognised as a new user and your data will be collected again.


In addition to cookies, we use web analysis and tracking tools to measure and evaluate the use of our website and services, to personalise the services and to display offers and advertising tailored to you. For data processing by such tools, which are usually provided by third parties, the terms of use and data protection provisions of these third parties apply.


Cookie Declaration only loads on the live website. This message will disappear on the live website.


Error: The domain MY.EU.DUDA.CO is not authorised to show the cookie declaration for domain group ID 0a3a5f19-d829-473c-bb43-df2700a3e588. Please add it to the domain group in the Cookiebot Manager to authorise the domain.



11. integration of third-party offers

We integrate third-party services and content on our websites that may enable you to interact with third parties (e.g. YouTube video or online payment via a payment service provider). For this purpose, any data provided will be forwarded to these third parties for processing and execution of the corresponding service or processed directly by them.


Please note that the data processing of these third parties is subject to their terms of use and data protection provisions.

Version 1.0.0


Share by: