Free shipping to all EU-countries from € 75.

Nangten Menlang - Buddhist Medical Center

Create an Account

Create an Account
Registering with vajrashop.com ensures an easy, convenient and fast way of using this website. In the future you will only need to enter your username and password to place an order on vajrashop.com. You can change your profile at any time. We will only use your information in accordance with the terms of our Privacy Policy.

Account Details

  • The password must contain at least 7 characters (including 1 number, 1 symbol and 1 uppercase letter)

Address details

  • Data Protection Notice for Webshop Customers

    Data Protection Notice regarding processing by us of customer and potential customer data in accordance with Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR)

    Dear webshop customers,

    in accordance with the requirements of Articles 13, 14 and 21 of the European General Data Protection Regulation (GDPR), we hereby inform you about the processing of your personal data and your rights under data protection law regarding processing. The specific data being processed and how they are used depends primarily on the services that have been requested or agreed. To ensure that you are fully informed about the processing of your personal data in the course of performance of a contract or the steps taken prior to entering into a contract, please note the information below.

     

    Contact details of the data controller:

    artofhimalaya gmbh
    Große Pfarrgasse 3/3 1020 Vienna, Austria

    Managing director:
    Kathrin Jany
    Große Pfarrgasse 3/3 1020 Vienna, Austria
    Email: office@vajrashop.com

     


    Definitions of categories of data

      Description of category of data
    Electronic identification data

    IP addresses, cookies, connection times, electronic signature, browser used, device used, times when a web service is visited or used, time of consent or acceptance, operating system, referrer URL

    Use of media and means of communication

    Use of media and means of communication

    Personal identification data

    Name, title, (private and business) address, previous addresses, (private and business) telephone number, identification numbers assigned by the data controller responsible for the processing.
    Clearing

    Details of requested clearings, amounts paid and other forms of clearing.

    Financial identification data

    Bank identification and bank account number, credit and debit card numbers, secret codes.

    Contracts and agreements

    Details of business contracts and business agreements, agency agreements and legal agreements, and details of representatives.

    Work organization

    Current responsibilities, projects, calculated hourly wage, working hours, and hours worked.

    Personal details

    Age, gender, date of birth, place of birth, marital status, and nationality.

    Insurance data

    Type of insurance, details of risks covered, amounts insured, period of coverage, due date, payments made or received and payments not made, and status of the contract.

    Payment data

    Amount, date etc.

    Financial transactions

    Amounts owed and paid by the data subject, credit granted, guarantees, payment methods, overview of payments, deposits and other guarantees.

    Customer management

    Complaints, cancellation, reminder data, and user behavior

    User accounts

    Login data, passwords, and username

     

    General information regarding the purpose and legal basis of processing 

    We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the Austrian Federal Data Protection Act (BDSG), where processing is necessary to establish, carry out or perform a contract or to take steps prior to entering into a contract. Where personal data is required to prepare for or perform a contractual relationship or to take steps prior to entering into a contract, the legal basis of processing is Article 6(1)(b) GDPR.

    If you give us your express consent to process personal data for specific purposes (e.g. disclosure to third parties, evaluation for marketing purposes or advertising by email), the legal basis of such processing your consent pursuant to Article 6(1)(a) GDPR. Consent that you have given may be withdrawn at any time with effect for the future.

    If necessary and permitted by law, we process your data beyond the contractual purposes themselves in order to comply with legal obligations, pursuant to Article 6(1)(c) GDPR. In addition, processing may be carried out to protect the legitimate interests of us or third parties and to defend and assert legal claims pursuant to Article 6(1)(f) GDPR. If necessary, we will inform you separately, stating the legitimate interest, insofar as this is required by law.

     

    01.01 Analysis of the website with analysis tools

    Purpose: 

    Analysis tools allow the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various types of usage data, such as page views, dwell time, operating systems that are used and origin of the user, mouse and scrolling movements, recognition of the visitor, bounce rates, duration of the visit, visitor sources and visitor locations. This data may be combined in a profile that is assigned to the respective user or their device. The purpose of data collection is to optimize the website to the needs of users.

    Categories of data:
    • Electronic identification data

    Legal bases:
    • Consent (Article 6(1)(a) GDPR)
    • Balancing of interests in the case of legitimate interest (Article 6(1)(f))

    Categories of recipient:
    • Internal department



    01.02 Hosting of the website by an external service provider

    Purpose: 

    This website is hosted by an external service provider (hoster). The personal data recorded via this website are stored on the hoster’s servers. The hoster is used for the purpose of performing the contract with our potential and existing customers.

    Categories of data:
    • Electronic identification data
    • Use of media and means of communication
    • Personal identification data

    Legal bases:
    • Performance of a contract (Article 6(1)(b) GDPR)
    • Balancing of interests in the case of legitimate interest (Article 6(1)(f))

    Categories of recipient:
    • Cloud Provider



    01.03 Use of cookies
    Purpose: Our website uses so-called cookies. Cookies are small text files and do not damage your device in any way. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are deleted automatically after your visit. Permanent cookies are stored on your device until you delete them yourself or until your web browser deletes them automatically. Some cookies from third-party companies may also be saved on your device when you visit our website (third-party cookies). These enable us or you to use specific services of the third-party company (e.g. cookies for processing payment services). Cookies have different functions. Many cookies are technically necessary because some website functions do not work without them (e.g. cart function or video playback). Other cookies are used to analyze user behavior or display advertising. Cookies which are needed to implement the electronic communication process (essential cookies), to provide specific functions requested by you (functional cookies, e.g. for the cart function) or to optimize the website (e.g. cookies for measuring the web audience) are stored on the basis of Art. 6(1)(f) GDPR, unless another legal basis is stated. The website provider has a legitimate interest in saving cookies to provide technically flawless, optimized services. Where consent is requested to save cookies, the respective cookies are saved exclusively based on this consent (Art. 6(1)(a) GDPR); this consent may be revoked at any time.
    Categories of data:
    • Electronic identification data
    Legal base:
    • Consent (Art. 6(1)(a) GDPR)
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Cloud Provider

     

    01.04 Server log files
    Purpose: The website provider automatically collects and stores information in so-called server log files, which the user's browser automatically sends to us when the user is on our website. These data are not combined with other data sources.
    Categories of data:
    • Electronic identification data
    Legal base:
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Cloud Provider

     

    01.05 Query by email, phone or fax via the website
    Purpose: If users of the website contact us by email, phone or fax, inquiries including all personal data they contain (name and inquiry) are stored and processed by us for the purpose of processing your request. We do not share this data without consent.
    Categories of data:
    • Personal identification data
    Legal base:
    • Consent (Art. 6(1)(a) GDPR)
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department

     

    01.06 Use of third-party fonts on the website
    Purpose: We use third-party fonts on our website to make our website visually appealing.
    Categories of data:
    • Electronic identification data
    Legal base:
    • Consent (Art. 6(1)(a) GDPR)
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Cloud Provider



    01.07 Registration via the website
    Purpose: Users can register on our website to use additional website features. We use the data entered for this only for the purpose of the respective offer or service for which the users have registered. The mandatory information requested during registration must be entered in full. Otherwise, we will refuse the registration. In the event of important changes, e.g. regarding the scope of the offer or technically necessary changes, we will use the data entered during registration to notify you.
    Categories of data:
    • Clearing
    • Financial identification data
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    02.01 Registration of a customer on the webshop
    Purpose: Customer data is collected in order to complete and deliver the order.
    Categories of data:
    • Electronic identification data
    • Financial identification data
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department



    02.02 Use of payment services on the website
    Purpose: We integrate the payment services of third-party companies into our website. When a customer purchases from us, the customer's payment data (e.g., name, payment amount, account details and credit card number) are processed by the payment service provider for the purpose of payment processing. These transactions are subject to the respective contract and data protection provisions of the respective providers. The purpose is to make the payment process as smooth, convenient and secure as possible.
    Categories of data:
    • Electronic identification data
    • Financial identification data
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    • Consent (Art. 6(1)(a) GDPR)
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Banks
    • Internal department



    02.03 Transfer of a webshop order to the parcel service provider
    Purpose: Delivery of the order to the customer.
    Categories of data:
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department
    • Parcel service



    02.04 Processing returns for the webshop
    Purpose: Customer makes a return. Acceptance and inspection of the goods. Issuing of the credit note.
    Categories of data:
    • Electronic identification data
    • Financial identification data
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department



    02.05 Online portal for customers
    Purpose: This allows potential and existing customers to manage their products, invoices and payments.
    Categories of data:
    • Clearing
    • Financial identification data
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    02.06 Processing of customer and contract data via the website
    Purpose: We only collect, process, and use personal data to the extent that we need them to establish, design the content of or amend the legal relationship (continuity data). This is done based on Art. 6(1)(b) GDPR which permits the processing of data for the performance of a contract or the implementation of pre-contractual measures. We collect, process and use personal data about the use of our website (usage data) only to the extent necessary to allow the user to use the service or for invoicing purposes.
    Categories of data:
    • Electronic identification data
    • Financial identification data
    • Personal identification data
    • Contracts and agreements
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    03.01 Internal project management
    Purpose: Creation of project plans for internal and external projects, including resource planning and operational planning of own employees, suppliers and customers.
    Categories of data:
    • Work organization
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    04.01 Maintaining an outstanding items list
    Purpose: Management of outstanding payments
    Categories of data:
    • Financial identification data
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department
    • Tax consultants



    04.02 Sending invoices
    Purpose: Issuing invoices for products or services to customers. Electronic filing of invoices, as well as filing invoices in the invoice folder.
    Categories of data:
    • Financial identification data
    • Personal details
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department
    • Tax consultants



    04.03 Management of all insurances at the company
    Purpose: Management of all insurance contracts at the company.
    Categories of data:
    • Personal details
    • Personal identification data
    • Insurance data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department
    • Insurance companies



    04.04 Management of cash receipts and cash payments
    Purpose: Documentation of cash receipts and cash payments.
    Categories of data:
    • Personal identification data
    • Payment data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department
    • Tax consultants



    04.05 Forwarding accounts to tax consultants and auditors
    Purpose: Statutory accounting, double-entry bookkeeping, income/expense accounting.
    Categories of data:
    • Financial transactions
    • Personal identification data
    Legal base:
    • Compliance with a legal obligation (Art. 6(1)(c) GDPR)
    Categories of recipient:
    • Tax office
    • Internal department
    • Tax consultants



    05.01 Documentation of appointments, notes of conversations, emails and calls with existing or potential customers
    Purpose: Better understanding of the needs of potential and existing customers. Optimal matching of the offer to the customer. Better estimate of the likelihood of an order.
    Categories of data:
    • Customer management
    • Personal identification data
    Legal base:
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department



    05.02 Collection and management of the contact details of potential and existing customers
    Purpose: Documentation of the contact details of potential and existing customers to facilitate contact.
    Categories of data:
    • Customer management
    • Personal identification data
    Legal base:
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department



    05.03 Sales statistics per customer
    Purpose: Granting discounts or other special conditions.
    Categories of data:
    • Customer management
    • Personal identification data
    Legal base:
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department



    05.04 Management and documentation of offers and orders from customers
    Purpose: Documentation of offers and orders that have been sent.
    Categories of data:
    • Customer management
    • Personal identification data
    Legal base:
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department



    06.01 Offers
    Purpose: Creation, management and sending of offers for our services to customers.
    Categories of data:
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    06.02 Documents and/or plans
    Purpose: Management of documents or plans created or handed over as part of customer orders.
    Categories of data:
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    06.03 Delivery bills
    Purpose: Delivery of and signatures on delivery bills to record the transfer of goods to the customer.
    Categories of data:
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    06.04 Project management with customers and suppliers
    Purpose: Creation of project plans for internal and external projects, including resource planning and operational planning of own employees, suppliers and customers.
    Categories of data:
    • Work organization
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    06.05 Contracts and signed offers
    Purpose: Filing of contracts and signed offers with customers.
    Categories of data:
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    06.06 Management and assignment of work tasks, working with customers and suppliers
    Purpose: Management of tasks and task lists for working efficiently with customers and suppliers.
    Categories of data:
    • Work organization
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    07.01 Operating a phone system at the company
    Purpose: Storage of the phone number of callers including time, routing phone calls and managing phone numbers to enable customers to make contact easily and at the same time ensure efficient processing within the company.
    Categories of data:
    • Personal identification data
    Legal base:
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department



    07.02 Operating mailboxes
    Purpose: Storage of the phone number of callers including time to enable customers to make contact easily and at the same time ensure efficient processing within the company.
    Categories of data:
    • Personal identification data
    Legal base:
    • Balancing of interests in the case of legitimate interest (Art. 6(1)(f) GDPR)
    Categories of recipient:
    • Internal department



    07.03 Communication as part of support services
    Purpose: Phone clarification and resolution of inquires, help or malfunctions, as well as sharing information by email or on chat systems.
    Categories of data:
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    07.04 Phone support services (hotline and support)
    Purpose: Phone support services, troubleshooting, help, updates, etc. on customer's systems via remote access using own or other software and documentation of the support service.
    Categories of data:
    • Electronic identification data
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    07.05 Management of warranty claims, cancellations and guarantee claims
    Purpose: Compliance with the contractually agreed warranty and guarantee claims.
    Categories of data:
    • Customer management
    • Personal identification data
    Legal base:
    • Compliance with a legal obligation (Art. 6(1)(c) GDPR)
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    08.01 Email communication
    Purpose: Exchange of messages regarding internal work organization, communication with potential and existing customers and for order organization with suppliers.
    Categories of data:
    • Electronic identification data
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • External participants
    • Internal department



    08.02 Document management (document management system)
    Purpose: Management of all created documents concerning the company.
    Categories of data:
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Internal department



    08.03 Appointment management
    Purpose: Any appointments and room occupations are managed in the calendar.
    Categories of data:
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • External participants
    • Internal department



    08.04 Use of a cloud solution
    Purpose: The cloud is used as a storage location for all files at the company.
    Categories of data:
    • User accounts
    • Personal identification data
    Legal base:
    • Performance of a contract (Art. 6(1)(b) GDPR)
    Categories of recipient:
    • Cloud provider
    • Internal department

     

    Transfer to a third country

    A transfer to a third country is not intended.

    Duration of data storage

    As far as necessary, we process and store your personal data for the duration of our business relationship or for the performance of contractual purposes. This also includes, among other things, preparing for and performing a contract.

    We are also subject to various storage and documentation obligations, which arise, e.g., from the Austrian Commercial Code (UGB), the Austrian Civil Code (ABGB) and the Austrian Tax Code (BAO). The periods defined by the codes for storage or documentation range from two to ten years.

    Finally, the storage period also depends on the statutory limitation periods, which are generally three years, but in certain cases can be up to thirty years.

    Your rights

    Every data subject has the right of access under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to notification under Article 19 GDPR and the right to data portability under Article 20 GDPR.

    You also have the right to lodge a complaint with a data protection supervisory authority pursuant to Article 77 GDPR if you consider that the processing of your personal data is not lawful. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

    If the processing of data is based on your consent, you have the right to withdraw your consent to the use of your personal data at any time in accordance with Article 7 GDPR. Please note that any withdrawal of consent is only valid for the future. Processing that has taken place before your withdrawal of consent is not affected. Please also note that we may need to retain certain data for a certain period of time in order to comply with statutory requirements.

    To assert your rights, you can contact us using the contact details provided above.

    Right of objection

    Where your personal data is processed on the basis of legitimate interests pursuant to Article 6 (1)(f) GDPR, you have the right to object to the processing of such data at any time on grounds relating to your particular situation, pursuant to Article 21 GDPR. We will then no longer process such personal data unless we can demonstrate compelling legitimate grounds for the processing. These must override your interests, rights and freedoms, or the processing must serve the establishment, exercise or defense of legal claims.

    In specific cases, we process your personal data in order to conduct direct advertising. You have the right to object to processing for the purpose of such advertising at any time. This also applies to profiling, insofar as it is related to such direct marketing. If you object to processing for the purpose of direct marketing, we will no longer process your personal data for such purposes.

    Daten Necessity of providing personal data 

    Providing personal data for a decision regarding entering into a contract, the performance of a contract or to take steps prior to entering into a contract is voluntary. However, we can only make a decision in the context of contracts if you provide such personal data that is required to enter into the contract, perform the contract and/or to take steps prior to entering into a contract.

    Automated decision-making

    We generally do not use fully automated decision-making pursuant to Article 22 GDPR to establish, perform or conduct the business relationship or for steps prior to entering into a contract. If we use such procedures in individual cases, we will inform you of this separately or obtain your consent, if required by law.