User Tools

Site Tools


Data Privacy and Protection Policy for Shambhala

Coverage: unless a variant is established, this policy covers all Shambhala digital properties.

Purpose: This privacy policy has been compiled to better serve those who are concerned with how their 'Personally Identifiable Information' (PII) is being used online. PII, as described in US privacy law and information security and in the General Data Protection Regulation (GDPR) in EU, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read this privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your PII.

Definitions: The data protection declaration of the Shambhala is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used. In this data protection declaration, we use, inter alia, the following terms:

  1. Personal data: Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  2. Data subject: Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
  3. Processing: Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  4. Restriction of processing: Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
  5. Profiling: Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
  6. Pseudonymisation: Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
  7. Controller or controller responsible for the processing: Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
  8. Processor: Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
  9. Recipient: Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
  10. Third party: Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
  11. Consent: Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Name and Address of the controller: Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:


2178 Gottingen St,
Halifax, NS B3K 3B4,Canada
phone (902) 425-4275
fax (902) 423-2750
Email: [email protected]

When does Shambhala collect personal information?

We collect information from you when you register for a Shambhala event or program or when you create a Shambhala Account in the Shambhala Database (SDB), subscribe to a newsletter, respond to a survey, fill out a form, register for a program , place an order, or enter information on one of our sites to provide us with feedback of some sort.

What personal information do we collect from the people that visit our websites?

When visiting our websites we collect the Google Analytics data (more details here:, server logs including user IP address and we use cookies (more about this below).

What personal information do we collect from the people that:

  • register for an event organized by any Shambhala entity
  • create or update a Shambhala Account
  • Subscribe to a Newsletter

When registering for a Shambhala event on our websites or when you create a Shambhala Account in Shambhala Database, you may be asked to enter your name, email address, mailing address, phone number or other details to process your record and to help Shambhala provide you with training or support, depending on the program or curriculum in which you are enrolled.

What personal information do we collect from the people that donate on our websites?

When donating on our websites, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information (only 4 last digits of CC number are stored in our database) or other details to process your donation and help you with your experience.

How do we use your information?

When you register, create an account, make a purchase, sign up for one of our newsletters, respond to a survey or marketing communication, browse our web pages, or use certain other site features we may use the information you provide in the following ways:

  • To process your registrations or payments such as dues
  • To track your participation in our curriculum or other programs
  • To assign your meditation practice or study authorization level or access to restricted content
  • To assign and record your teaching authorization level, your role as a volunteer or other kind of participation in Shambhala
  • To allow you manage your email subscriptions and other communication with Shambhala including participation in community forums
  • To personalize your experience and to allow us to deliver the type of content and program offerings for which you are qualified or in which you are most interested.
  • To improve our website or other offerings in order to better serve you.
  • To allow us to better service you in responding to your customer service requests.
  • To administer a survey or other site feature.
  • To follow up with them after correspondence ( email or phone inquiries)
  • There are other uses that are in harmony with the vision

Shambhala subsidiary organizations

What third parties (legally separate organizations) may have access to some of your information?

  • Drala Mountain Center (if you subscribe to their mailing list)
  • Sakyong Potrang (if you subscribe to their mailing list)
  • Contractors (tool vendors)
    • Mailchimp
    • Retreat Guru
    • Google analytics
    • MailGun
    • SurveyMonkey
    • Zoom

Practice and retreat centers may augment this information with other information associated with residential programs.

How do we protect your information?

Your personal information is contained behind secured networks and is only accessible by a limited number of authorized persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.Our websites are behind a firewall. We use regular malware scanning.

Do we use 'cookies'?

Yes. We use cookies to avoid requiring you to repeatedly provide your credentials when using Shambhala websites. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser's Help Menu to learn the correct way to modify your cookies.

For more information about our use of cookies, see our specific cookie policy.

If users disable cookies in their browser:

If you turn cookies off, some of the features that make your site experience more efficient may not function properly.

Third-party disclosure

We do not sell, trade, or otherwise transfer to your Personally Identifiable Information to non-Shambhala entities unless we provide you with advance notice. This does not include website hosting partners and other parties who assist us in operating our websites, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety.

However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Third-party links

Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Google: Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users.

Google, as a third-party vendor, uses cookies to serve ads on our site. Google's use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.

We have implemented the following:

  • Google Display Network Impression Reporting
  • Demographics and Interests Reporting

We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

Opting out:

  • Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.

You will be notified of any Privacy Policy changes:

  • On our Privacy Policy Page (this page)
  • Can change your personal information: By logging in to your Shambhala account

If at any time you would like to unsubscribe from receiving future emails, you can email us at [email protected] or Follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence you specify. You can view and edit your profile at as well as edit your email subscriptions (password protected section. If you don’t have a password then contact [email protected] )

Contacting Us:

If there are any questions regarding this privacy policy, you may contact us using the information below.

Mailing Address: Shambhala
2178 Gottingen St,
Halifax, NS B3K 3B4

phone (902) 425-4275
fax (902) 423-2750

[email protected]

Copyright © 1994-2022. Shambhala International, Shambhala, Shambhala Meditation Center, Shambhala Training, Shambhala Center and Way of Shambhala are used by Shambhala USA pursuant to a license from The Sakyong Potrang corporation.

UPDATED – 2022-08-25

data_privacy_and_protection_policy.txt · Last modified: 2022/08/26 16:57 by john_smith