Privacy policy

Privacy policy for online meditation, courses and workshops through "Zoom".

In the following we inform you about the processing of personal data in connection with the use of "Zoom".

Purpose of processing

We use the tool "Zoom" to conduct online meditations, courses and workshops (hereinafter referred to as "Online Meetings"). "Zoom" is a service of Zoom Video Communications, Inc. which is based in the United States.

Responsible person

The Institut Xavi Domènech is responsible for the processing of data directly related to the holding of online meetings.

Note: If you access the "Zoom" website, the provider of "Zoom" is responsible for data processing. However, you only need to call up the website to use "Zoom" to download the software to use "Zoom".

Zoom" can also be used by entering the relevant meeting ID and, if necessary, other meeting access data directly into the "Zoom" application.

If the "Zoom" application is not desired or cannot be used, the basic function can also be used via a browser version, which can also be found on the "Zoom" website.

What data are processed?

When using "Zoom", various types of data are processed. The scope of the data also depends on the data provided before or during participation in an "online meeting".

The following personal data are subject to processing:

User data: first name, last name, telephone (optional), e-mail address, password (if not using "Single-Sign-On"), profile picture (optional), department (optional)

Metadata meeting: Topic, description (optional), IP addresses of participants, device/hardware information

For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.

When dialling by phone: information about the incoming and outgoing phone number, country name, start and end time. If necessary, other connection data such as the IP address of the device can be saved.

Text, audio and video data: You can use chat functions, questions or polls in an "online meeting". In this regard, the text entries you make are processed for display in the "online meeting" and recorded if necessary. To enable video display and audio playback, data from your terminal device's microphone and any video camera on the terminal device will be processed accordingly for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time using the "Zoom" applications.

To participate in an "online meeting", you must at least provide your name information to enter the "meeting room".

Scope of processing

We use "zoom" to conduct online meetings. If we want to record online meetings, we will inform you in advance in a transparent manner and, if necessary, ask for your consent. The fact of the recording will also be shown in the "Zoom" application.

If it is necessary for the purpose of recording the results of an online meeting, we will record the content of the chat. However, this is not usually the case.

In the case of webinars, we can also process questions asked by webinar participants in order to record and follow up on the webinars.

If you are registered as a Zoom user, online meeting reports (meeting metadata, phone call data, questions and answers in webinars, survey function in webinars) can be stored in Zoom for up to one month.

The possibility of software-based "attention tracking" in "online meeting" tools such as "Zoom" is disabled.

Automated decision-making as defined in Art. 22 of the GDPR is not used.

Legal basis for data processing

For employees of the Xavi Dòmenech Institute, the Personal Data Protection Act 3/2018 of 5 December (LOPD) is the legal basis for data processing. If the data are not required for data processing in connection with the use of "Zoom", but are nevertheless an elementary component in the use of "Zoom", Article 6(1)(f) of the GDPR is the legal basis for the data processing. In these cases, we are interested in the effective implementation of "online meetings".

For other participants in "online meetings" - insofar as the meetings are held within the framework of contractual relations - Art. 6 para. 1 lit. b) GDPR is the legal basis for data processing.

If there is no contractual relationship, the legal basis is Article 6(1)(f) of the GDPR. Here, too, we are interested in the effective implementation of "online meetings".

Reception / transmission of data

Personal data processed in connection with participation in "online meetings" are generally not transmitted to third parties, unless specifically intended to be transmitted. Please note that the contents of "online meetings", as well as those of face-to-face meetings, are often used to communicate information to customers, stakeholders or third parties and are therefore intended to be transmitted.

Other recipients: The "Zoom" provider necessarily obtains knowledge of the above data to the extent provided for in our contract processing agreement with "Zoom".

Data processing outside the European Union

"Zoom" is a service provided by a provider in the USA. Therefore, the processing of personal data is also carried out in a third country. We have concluded an order processing contract with the provider of "Zoom" which complies with the requirements of Art. 28 GDPR.

The adequate level of data protection is guaranteed on the one hand by the "Privacy Shield" certification of Zoom Video Communications, Inc. and on the other hand by the conclusion of the so-called EU standard contractual clauses.

Disclosure, correction and deletion of personal data

You can request, free of charge, information about the data we store about you.

You have the right to correct any inaccurate or incomplete data that the Xavi Dòmenech Institute has stored.

You have the right to request the deletion of your personal data if it is no longer necessary for the purpose for which it was collected. However, we would like to point out that the Xavi Dòmenech Institute is subject to legal obligations that do not allow us to delete certain information immediately. These obligations are the result of accounting and tax laws. However, we may anonymise your data, thus preventing processing for purposes other than those required by law. Furthermore, you can amend or revoke your declaration of consent at any time without stating reasons, with effect for the future. You may send the revocation by post or by e-mail. You will not incur any costs other than those for sending or for e-mail transmission in accordance with the existing base rates. A text message (letter, e-mail) is sufficient.

Video surveillance cameras: in accordance with current regulations, our clients are informed that there are surveillance cameras installed in the reception and boutique of the establishment. These recordings are stored for a period of 30 days after which they will be deleted from the archive.

Transfer of data to third parties

We only transfer personal data to third parties for the performance of a contract. This rule is applicable in very specific cases such as yoga holiday programmes or teacher training courses, in which case it applies to hotels, credit card companies or online payments, or banking and/or bank transfer services. This measure is based on Article 6, paragraph 1(b) GDPR, which allows the processing of data information to fulfil contractual or pre-contractual measures.

The transfer of data to third countries without guarantees is made on the basis of Article 49, paragraph 1(b) GDPR which allows the transfer to fulfil contractual measures.

Any other transfer of data will only take place with your express consent or if we are required by law to do so, or if such transfer is in connection with your use of this website.

Your personal data will never be transferred to companies for advertising purposes without your express consent.

Please use the following contact information:



Xavi Domènch Institute. 

Open chat
Do you have any questions?