(information in accordance with Article 13 GDPR, 18 July 2019)
Date: 3 October 2022
Controller of all processing activities is:
Prana Group LLC
2331 n Pennsylvania st , Indianapolis IN
Company Register: Indiana, US
For all inquiries concerning the protection of your personal data please contact:
Prana Group LLC
1. Who We Are and What this Policy Is
Welcome to https://prana-group.co , the website of prana group llc, (“PRANA,” “we,” “us” and “our” etc.). We are a sober living community service provider firm. For additional information, please visit https://prana-group.co.
“Personal Information” means any information that either (a) personally identifies a natural person; or (b) pertains to an identifiable natural person, i.e. someone who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity, or (c) constitutes individually identifiable information about an individual consumer collected by us online through this website and that we maintain in an accessible form, or that (d) we are otherwise required to protect under applicable data privacy laws (including, but not limited to, national, international and supranational data protection and privacy laws, directives, regulations and comparable legal acts). Examples of Personal Information include your contact details such as your name, email address, birthday or phone number as well as information about your professional education and experience, skills, preferences, membership in professional organizations, etc.;
“Processing” means any operation or set of operations which is performed on Personal Information or on sets of Personal Information, whether or not by automated means, such as the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, restriction, erasure or destruction;
“Sensitive Personal Information” means Personal Information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the Processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation; “Site” means / and all web pages hosted at that domain.
3. Processing of Your Personal Information
We process personal data
for the purposes of the performance of our (pre-) contractual duties (art 6 para 1 point b GDPR; eg in case we provide any information to you upon your request) according to our contractual relationship with you or
for the purposes of our legitimate interests (eg, operation, analysis and improvement of our website, cookies). You have the right to object to the processing of your personal data based on our legitimate interests with effect for future processing activities (see under Section 5 "Your rights")
The following Personal Information may be processed by us for the purposes as set out in the following:
3.1. Marketing activities
Our website provides you with the possibility to submit information regarding you and your company to us. We will process your personal data (name, address, e-mail-address, in order to provide you with alerts and information about news and developments as well as articles from experts and invitations to events of PRANA, in case you have expressed your interest in such information.
3.1. Marketing activities
Session Cookies These are cookies that allow our Site to collect information about what you do during a browsing session each time you visit the Site. When connecting to our server, your device will be allocated a session ID, which enables our server to identify your device during the session and facilitates Site usability. These cookies are temporary and are set to be deleted when you leave the Site;
Persistent Cookies These are cookies that are stored by your Internet browser for more than a session and are set to expire within a defined time period. Persistent cookies enable us to remember your settings and information, so you do not have to keep re-entering them whenever you visit our Site. They also measure how you use and interact with the Site and enable us to personalize the Site. For example, they may allow us to alter the rotation of images on the Site so that different images will be displayed on your next visit;
First-Party Cookies These are cookies that we store and access on your device in our capacity as controller of your Personal Information when you visit our Site. They might include cookies related to third-party service providers, provided that we control and determine the purposes and means of the Processing of your Personal Information logged by such cookies. As a result, first-party cookies might log user-related Personal Information accessible to and Processed by third parties on our behalf and subject to our instructions.
However, please be aware that this might render certain functions of our Site inoperable or more difficult to use. Depending on the Internet browser you use, you might also be able to specifically reject third-party cookies. In this context, please note, however, that third parties might still have access to your Personal Information to the extent that such information is logged by first-party cookies. For additional information on first-party and third-party cookies used on our Site in the context of third-party services and for information on how you might stop such cookies from being stored on your device, please see “Third-Party Services” below.
3.3. Third-Party Services
We use Google Analytics on our website. This is a web analytics service provided by Google Inc., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Our legitimate interest in using Google lies in the analysis, optimization, and economic operation of our site.
Through certification according to the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active Google guarantees that it will follow the EU's data protection regulations when processing data in the United States.
The Google Analytics service is used to analyse how our website is used. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization, and economic operation of our site.
Usage and user-related information, such as IP address, place, time, or frequency of your visits to our website will be transmitted to a Google server in the United States and stored there. However, we use Google Analytics with the so-called anonymization function, whereby Google truncates the IP address within the EU or the EEA before it is transmitted to the US. The data collected in this way is in turn used by Google to provide us with an evaluation of visits to our website and what visitors do once there. This data can also be used to provide other services related to the use of our website and of the internet in general. Google states that it will not connect your IP address to other data. In addition, Google provides further information with regard to its data protection practices at https://www.google.com/intl/de/policies/privacy/partners, including options you can exercise to prevent such use of your data.
To secure our website and to optimize loading times, we use the CloudFlare CDN (content delivery network).
This is a service of Cloudflare Inc., 101 Townsend Street, San Francisco, California 94107, USA ("CloudFlare").
Through certification according to the EU-US Privacy Shield
(https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active) CloudFlare guarantees that it will follow the EU's data protection regulations when processing data in the United States. The legal basis for collecting and processing this information is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the secure operation of our website and in its optimization. If you access our website, your queries are forwarded to CloudFlare servers. Statistical access data about your visit to our website is collected and CloudFlare stores a cookie on your terminal device via your browser. Access data includes:
your IP address;
the page(s) on our site that you access;
type and version of internet browser you are using;
your operating system;
the website from which you came prior to visiting our website (referrer URL);
your length of stay on our site; and
the frequency with which our pages are accessed.
The data is used by CloudFlare for statistical evaluations of the accesses as well as for the security and optimization of the offer. If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your browser. Further details can be found in the section about cookies above. CloudFlare offers further information about its data collection and processing as well your rights and your options for protecting your privacy at this link: https://www.cloudflare.com/privacypolicy/.
Our websites regularly uses content from the online marketing services of the provider Mixpanel Inc., 405 Howard Street, Floor 2, San Francisco, CA 94105 ("Mixpanel"). Our legitimate interest in using Mixpanel lies in the analysis, optimization, and economic operation of our site.
Mixpanel's services allow us to evaluate user interactions on our website in a more targeted manner. For these purposes, a code of Mixpanel will be executed when calling up our and other websites on which Mixpanel is active and it will be integrated into the website so-called (re)marketing tags (invisible graphics or code, also called "web beacons"). With their help, an individual cookie, i.e. a small file, is stored on the user's device (comparable technologies can also be used instead of cookies). In this file it is noted which websites the user visits, which contents he is interested in and which offers he has clicked, as well as technical information on the browser and operating system, referring websites, visiting time and other information on the use of the online offer. Mixpanel may also link the aforementioned information to such information from other sources.
Further information as well as possible objections to the registration by Mixpanel can be found in the data protection regulations of Mixpanel: https://mixpanel.com/legal/privacy-policy/. In addition, Mixpanel offers an opt-out add-on at https://mixpanel.com/optout/.
We use Hotjar on our website. This is a web analytics service provided by Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe ("Hotjar").
Hotjar is used to analyze how our website is used. Our legitimate interest lies in the analysis, optimization, and economic operation of our site. Hotjar allows us to monitor your usage behaviour on our website, such as logging and evaluating your mouse movements or mouse clicks. However, your visit to our website will be anonymized. In addition, information about your operating system, your internet browser, incoming or outgoing links, the geographical origin of your access, and the type and resolution of the device you are using are evaluated by Hotjar and processed for statistical purposes. Hotjar can also obtain direct feedback from you. Hotjar offers further information about its data protection practices at https://www.hotjar.com/privacy.
In addition, you have the option of terminating the analysis of your usage behavior by opting out. By confirming the link https://www.hotjar.com/opt-out a cookie is stored on your device via your browser to prevent any further analysis. Please note, however, that you must click the above link again if you delete the cookies stored on your end device.
We use the services of Sentry (Functional Software, Inc. dba Sentry, 132 Hawthorne Street, San Francisco, CA 94107) ("Sentry"). Sentry is an open-source error tracking software that helps developers monitor and fix crashes in real time. It documents bugs and error reports for our front end services, which includes error parameters as well as user and session information. The user data (which might also be personal data), such as information on the device or time of error, are collected anonymously and are not used for personal purposes and are subsequently deleted. Further information on this can be found in Sentry's data protection declaration: https://sentry.io/privacy/.
4. Data Security and Transfer of Data
We transfer personal data to third parties such as:
Host providers: Amazon Web Services und Google Cloud Services.
Newsletter mailing: Mailchimp (certified under the EU-US Privacy Shield Agreement).
Tracking providers: Mixpanel, Hotjar, Google, Sentry, CloudFlare.
Feedback tools: Hotjar, Typeform.
We therefore comply with the provisions of Article 32 DSGVO in order to guarantee the confidentiality and security of your personal data and take appropriate technical and organisational security measures.
Notwithstanding efforts to maintain a consistently high level of due diligence, the possibility cannot be excluded that information that you provide to us via the Internet may be viewed and used by others. Please note that we therefore accept no liability whatsoever for the disclosure of information due to errors in data transmission and/or unauthorized access by third parties not caused by us (e.g. hacker attack on email accounts or telephone, interception of faxes).
5. Your Rights
Right to information
As long as we process your Personal Information, you have the right to information about the purposes of Processing, the categories of personal data, the origin and the recipients of your personal data, the duration of storage. Your right to information might be subject to our professional duty of confidentiality.
Rectification and erasure of data
If we process inaccurate or incomplete Personal Information, you have the right to rectification of such data. If your Personal Information is processed unlawfully, you may also request us to erase your Personal Information. You may also request the erasure of your Personal Information if your data is processed unlawfully, subject to legal obligations preventing the erasure of your personal data.
Limitation of processing
You may request us to limit the processing of your Personal Information in certain cases.
You have the right to receive the Personal Information, which you have provided to us, in a structured, commonly used and machine-readable format. You have the right to direct transmission of those data to another controller as far as this is technically feasible.
Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of Personal Information concerning you which is based on our legitimate interests according to art 6 para 1 point f GDPR. If you object to processing of your Personal Information we shall cease to process this data unless our legitimate interests to processing your Personal Information prevail. Where Personal Information are processed for direct marketing purposes, you shall have the right to object at any time to processing of Personal Information concerning you. In this case we will cease the processing or your Personal Information for marketing purposes immediately.
You have the right to lodge a complaint with the Austrian Data Protection Authority (Österreichische Datenschutzbehörde), Wickenburggasse 8, 1080 Wien, +43 1 531 15-202525, E-Mail: email@example.com if you believe that your rights to protection of your personal data have been infringed.