Tara Mandala Privacy Policy

Privacy Policy

Effective as of 4/13/2019

This Privacy Policy is designed to help you understand how Tara Mandala, Inc. (“Tara Mandala”, “we”, “us” or “our”) collects, uses and shares your personal information if you visit our website at www.taramandala.org or another website to which we post this Privacy Policy (the “Sites”), register for or attend our programs, apply for financial aid (together with the Sites, the “Service”) or otherwise interact with us.

Personal Information We Collect

Information you give us.  Personal information you may provide through the Service or otherwise communicate to us includes:

  • Contact information.  Your contact details (such as your name and email address).  
  • Account information.  If you use features of the Service that require a user account, we collect the information you provide to allow us to create and administer your account, which may include your email and mailing addresses, password and your name.
  • Program registration information.  We may collect information that you provide when you register for one of our programs (for example, Gateway and Magyu retreats), such as your name, email and mailing addresses, phone number, gender, occupation, date of birth, dietary preferences and payment information.  
  • Financial aid information.  We may collect information that you provide when fill out our financial aid application form (for example, to apply for a scholarship or deferred payment plan), such as your name, email and mailing addresses, type of financial assistance desired, your income range, current employment status and your reasons for applying for financial aid.
  • Payment information.  We may collect information you provide when you purchase a product or service through our store, such as your email, shipping and billing addresses, phone number and credit card information.
  • User generated content. We may collect content or other information that you provide or create when you interact with the Service, such as the messages on message boards or files you store using your account.  
  • Employment applications.  We may collect information you provide when you fill out an employment application on our Sites, such as your name, email and mailing addresses, your skills, educational and work experience, your resume, cover letter and personal references.
  • Correspondence.  We may collect information about you that you provide when you request information from us or otherwise correspond with us.
  • Other information.  We may collect other information about you that is not specifically listed here and will use it in accordance with this Privacy Policy.

Information automatically collected.  Our servers and third party service providers may automatically record certain information about how you use the Service and the computers or devices you use to access the Service, such as your Internet Protocol (IP) address, device identifier, approximate geographic location, precise geographic location (if you give us permission through your device settings), mobile carrier, domain name, device and browser type, operating system, Internet service provider, referring/exit pages, clickstream data, the pages or features of the Service that you browse and the time you spend on those pages or features, the frequency with which you use the Service, the links that you click on or use and other statistics.  We collect this information in server logs and by using cookies, web beacons and similar tracking technologies. See our Cookie Policy for more information.

Sensitive personal information.  We do not intentionally collect any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin; political opinions, religion or other beliefs; health, biometrics or genetic characteristics; criminal background or union membership) through the Service or otherwise, but if you provide it to us, you must consent to our use of this information as described in this Privacy Policy.

How We Use Your Personal Information

We use your personal information for the following purposes and as otherwise described in this Privacy Policy or at the time of collection:

To operate the Service.  We use your personal information:

  • to provide, operate and improve the Service;
  • to communicate with you about the Service, including by sending you announcements, updates, and support and administrative messages;
  • to understand your needs and interests, and personalize your experience with the Service; and
  • to respond to your requests, questions and feedback related to the Service.

For research and development.  We analyze use of the Service to study trends and users’ movements around the Service, gather demographic information about our user base, improve the Service and develop new products and services.

To send you marketing communications.  We may send you marketing communications but you may opt out of receiving these communications as described in the Opt out of marketing section below.

To create anonymous data.  We may create aggregated and other anonymous data from our users’ information.  We make personal information into anonymous data by removing information that makes the data personally identifiable.  We may use this anonymous data and share it with third parties to understand and improve the Service, promote our business and for other lawful business purposes.  

For compliance, fraud prevention and safety.  We may use your personal information and share it with government officials, law enforcement or private parties, as we believe appropriate:

  • to protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);  
  • to protect against, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity;
  • to comply with applicable laws; court orders, subpoenas and other legal process; and requests from government authorities; and
  • where permitted by law in connection with a legal investigation.

With your consent.  In some cases we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.  

How We Share Your Personal Information

We do not share your personal information with third parties without your consent, except in the following circumstances or as described in this Privacy Policy:

Affiliates.  We may share your personal information with parent companies, subsidiaries and affiliates for use consistent with this Privacy Policy.

Service providers.  We may share your personal information with third party companies and individuals as needed for them to help us provide the Service or support our business activities (such as website analytics, email delivery, marketing/advertising, payment processors, IT providers, technical support, and legal and other professional advice).  

For compliance, fraud prevention and safety. We may share your personal information for the compliance, fraud prevention and safety purposes described above.  

Business transfers.  We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business deal (or potential business deal) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

Your Choices

Opt out of marketing.  You may opt out of marketing-related emails from us by following the unsubscribe instructions in the email.  You may continue to receive Service-related and other non-marketing emails.

Cookies and similar technologies.  See our Cookie Policy for your choices regarding limiting the information collected by cookies and similar technologies.  

Do Not Track.  Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit.  We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Other Important Privacy Information

Third party sites and services.  The Service may contain links to other websites and services operated by third parties.  These links are not an endorsement of, or representation that we are affiliated with, any third party.  We do not control third party websites, applications or services, and are not responsible for their actions.  Other websites and services follow different rules regarding their collection, use and sharing of your personal information.  We encourage you to read their privacy policies to learn more.

Security practices.  The security of your personal information is important to us.  We employ a number of organizational, technical and physical safeguards designed to protect the personal information we collect.  However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.  If you have a user account for the Service, you are solely responsible for maintaining and protecting the confidentiality of your account password and other account information in your possession.

International data use.  We are headquartered in the United States, and your personal information may be collected, used and stored in the United States or other locations outside of your home country.  Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country.

Children.  The Service is not directed at, and we do not knowingly collect personal information from, anyone under the age of 13.  If we learn that personal information of someone under the age of 13 has been submitted to us, we will take appropriate steps to delete it.

Privacy Policy Changes.  We reserve the right to modify this Privacy Policy at any time.  If we make changes to this Privacy Policy, we will post them on the Sites and indicate the effective date of the change.  If we make material changes to this Privacy Policy, we will notify you by email or through the Sites.

How to Contact Us

Please direct and questions or comments about this Privacy Policy to this page:

Tara Mandala, Inc.
Attn: Executive Director
PO Box 3040
Pagosa Springs, CO 81147

Notice to European Users

The following applies to individuals in the European Economic Area and the United Kingdom.

Controller.  Tara Mandala  is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation.  

Legal bases for processing.  Our legal basis for processing the personal information described in this Privacy Policy will depend on the type of personal information and the specific context in which we process it.  However, the legal bases we typically rely on are set out in the table below. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law).  If you have questions about the legal basis of how we process your personal information, contact us on this page.

Processing Purpose (click link for details) Legal Basis
To operate the Service You have entered a contract with us for the provision of the Service and we need to process your personal information to provide services you have requested or take steps that you request prior to providing services.  If we have not entered into a contract with you, we process your personal information based on our legitimate interest in providing the Service you access and request.
For research and development
To send you marketing communications

To create anonymous data
These activities constitute our legitimate interests.  
For compliance, fraud prevention and safety These activities constitute our legitimate interests or, in some cases, processing is necessary to comply with our legal obligations.
With your consent Processing is based on your consent.  Where we rely on your consent you have the right to withdraw it anytime in the manner indicated when you consent or in the Service.
To share your personal information as described in this Privacy Policy This sharing constitutes our legitimate interests, and in some cases may be necessary to comply with our legal obligations.


We retain personal information where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested; to comply with applicable legal, tax or accounting requirements; to establish or defend legal claims; or for fraud prevention).  When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible for technical or other operational reasons (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.  

Your Rights

European data protection laws give you certain rights regarding your personal information.  You may ask us to take the following actions in relation to your personal information that we hold:

  • Access.  Provide you with information about our processing of your personal information and give you access to your personal information.
  • Correct.  Update or correct inaccuracies in your personal information.
  • Delete.  Delete your personal information.
  • Transfer.  Transfer a machine-readable copy of your personal information to you or a third party of your choice.
  • Restrict.  Restrict the processing of your personal information.
  • Object.  Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.  

You may submit these requests on this page or our postal address provided above.  We may request specific information from you to help us confirm your identity and process your request.  Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.  If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction.  You can find your data protection regulator here.  

Cross-Border Data Transfer

If we transfer your personal information from the European Economic Area to a country outside of it and are required to apply additional safeguards to your personal information under European data protection legislation, we will do so, for instance, by entering into standard contractual clauses for the transfer of data as approved by the European Commission.  Please contact us for further information about any such transfers and the safeguards applied.