Privacy Policy

1. Personal Data Controller

M.I.S.A. Association – Movement for Spiritual Integration into the Absolute, acting as a personal data controller, processes personal data collected through its official website and in connection with its organizational activities.

Official Name: M.I.S.A. Association – Movement for Spiritual Integration into the Absolute

Legal Form: Non-profit association established under the laws of Romania.

Registered Office: 2 Sălaj Street, Building 126A, Ground Floor, District 5, Bucharest, Romania

Tax Identification Number (CIF): 4829126

2. Purpose of this Privacy Policy

This Privacy Policy is intended to inform users, members, students, instructors, collaborators, and participants in the activities organized by the M.I.S.A. Association, in a clear and transparent manner, about:

the categories of personal data collected;
the purposes for which such data are processed;
the applicable legal bases for processing;
the retention periods;
the recipients of the data;
the rights of data subjects.

All personal data processing operations are carried out in accordance with Regulation (EU) 2016/679 (GDPR) and Romanian Law No. 190/2018 implementing the GDPR.

3. Categories of Personal Data Processed

Depending on your relationship with the M.I.S.A. Association, the following categories of personal data may be processed.

3.1 Identification Data

Full name;
E-mail address;
Postal address;
Telephone number.

3.2 Data Related to Participation in Activities and Training

Registration and participation in courses, conferences, spiritual retreats, camps, or other events organized by M.I.S.A.;
Registration and attendance history;
Information regarding the qualifications and teaching activities of instructors or collaborators;
Information required for internal certifications or attestations, where applicable.

3.3 Data Concerning Instructors and Collaborators

Information provided for inclusion in public or internal instructor directories;
Information regarding qualifications and professional training;
Public profile information, processed exclusively on the basis of the explicit consent of the data subject.

3.4 Event-Related Data

Information concerning registration and participation in congresses, seminars, camps, and other events organized by M.I.S.A.;
Logistical and administrative data necessary for organizing such events.

3.5 Administrative and Financial Data

Membership or participant status;
Invoices and payment records;
Financial and accounting documents required for compliance with legal obligations.

3.6 Communication Data

Requests for information;
Inquiries, notifications, and complaints;
Correspondence exchanged with the M.I.S.A. Association via e-mail, contact forms, or other communication channels.

3.7 Technical Data

IP address;
Browser type and operating system;
Pages visited, date and time of access;
Other technical information necessary for the operation and security of the website.

4. Purposes of Data Processing

Personal data are processed solely for the following purposes:

managing the activities of the Association and its relationship with members and participants;
organizing courses, conferences, seminars, camps, and other events;
maintaining records of instructors and collaborators;
issuing certificates, attestations, or other documents related to the Association’s activities;
fulfilling administrative, financial, accounting, and legal obligations;
providing institutional communications regarding the activities of the M.I.S.A. Association;
responding to requests, inquiries, and complaints;
ensuring the proper operation, administration, and security of the website.

5. Legal Basis for Processing (Article 6 GDPR)

The processing of personal data is based on one or more of the following legal grounds:

the performance of a contract or steps taken at the request of the data subject prior to entering into a contract, for example, registration for courses or events;
compliance with a legal obligation to which the data controller is subject, such as accounting, archiving, and tax obligations;
the legitimate interests pursued by the M.I.S.A. Association, including the organization and administration of its activities, fraud prevention, and information security;
the consent of the data subject, where required, for example, for publishing an instructor profile or using non-essential cookies.

Consent may be withdrawn at any time without affecting the lawfulness of processing carried out prior to its withdrawal.

6. Data Recipients

Personal data are neither sold nor rented to third parties.

However, they may be disclosed, strictly to the extent necessary, to service providers acting as data processors on behalf of the M.I.S.A. Association, including:

website hosting and administration providers;
IT support and maintenance providers;
electronic payment service providers;
accounting, legal, and consulting service providers;
other collaborators involved in the organization of activities and events.

All such providers are contractually bound to comply with the requirements of the GDPR.

Personal data are not transferred outside the European Economic Area unless appropriate safeguards are in place in accordance with the GDPR.

7. Data Retention Period

Data relating to members and participants are retained for as long as necessary to manage the relationship between them and the M.I.S.A. Association.

Event-related data are retained for as long as necessary for the organization of the event and for compliance with legal obligations.

Financial and accounting records are retained for the periods required by Romanian legislation.

Data relating to training activities, certifications, and issued documents may be retained indefinitely for traceability and institutional archiving purposes.

Data published on the basis of consent are deleted or anonymized upon withdrawal of such consent, unless another legal basis for retention applies.

8. Cookies, Tracking Technologies, and Analytics Tools

8.1 Use of Cookies

The website uses cookies and similar technologies to ensure the proper functioning of the platform, to analyze website traffic, and, where applicable, to provide content tailored to users’ interests.

A cookie is a small text file stored on the user’s device.

8.2 Categories of Cookies

Strictly Necessary Cookies

These cookies are essential for the operation of the website, including security, forms, and consent management.

Analytics Cookies

Used only with the user's consent to measure website traffic and improve the services provided.

Marketing and Social Media Cookies

These may be used exclusively on the basis of the user's explicit consent and allow the evaluation of communication effectiveness and the integration of social media functionalities.

8.3 Consent Management

Upon the first visit to the website, users may accept or refuse the use of non-essential cookies and may modify their preferences at any time through the dedicated cookie settings section available on the website.

8.4 Server Log Files

The hosting provider automatically collects certain technical information, such as IP address, date and time of access, and browser type, for the purposes of ensuring the security and maintenance of the IT infrastructure.

9. Data Security

The M.I.S.A. Association implements appropriate technical and organizational measures to protect personal data against unauthorized access, accidental or unlawful loss, disclosure, alteration, or destruction.

These measures are regularly reviewed and updated to ensure an appropriate level of security in relation to the risks associated with data processing.

10. Rights of Data Subjects

In accordance with the GDPR, you have the following rights:

the right of access to your personal data;
the right to rectification of inaccurate or incomplete data;
the right to erasure, also known as “the right to be forgotten”;
the right to restriction of processing;
the right to object to processing;
the right to data portability;
the right to withdraw consent at any time, where processing is based on consent;
the right to lodge a complaint with the competent supervisory authority.

11. Exercising Your Rights

To exercise any of the rights provided by data protection legislation, you may contact us at:

M.I.S.A. – Movement for Spiritual Integration into the Absolute

E-mail: editurashambala17@yahoo.com

Address: 2 Sălaj Street, Building 126A, Ground Floor, District 5, Bucharest, Romania

In certain circumstances, in order to protect personal data and prevent unauthorized disclosure, we may request information necessary to verify the identity of the applicant.

12. Right to Lodge a Complaint

If you believe that your rights regarding the protection of personal data have been infringed, you have the right to lodge a complaint with the competent supervisory authority:

National Supervisory Authority for Personal Data Processing (ANSPDCP)

Address: 28–30 General Gheorghe Magheru Boulevard, District 1, Bucharest, Romania

Website: https://www.dataprotection.ro

You also have the right to seek judicial remedies if you consider that your rights under the GDPR have been violated.

13. Website Hosting

This website is hosted by a service provider located within the European Economic Area (EEA) or by a provider that offers appropriate safeguards for the protection of personal data in accordance with the GDPR.

Where third-party hosting or cloud services are used, the M.I.S.A. Association ensures that appropriate contractual and technical measures are implemented to guarantee an adequate level of data protection.

14. Changes to this Privacy Policy

This Privacy Policy may be updated periodically in order to reflect changes in applicable legislation, regulatory requirements, or the operational activities of the M.I.S.A. Association.

The version published on this website constitutes the current and applicable version at the time of consultation. We encourage users to review this page regularly in order to stay informed about how we protect personal data.