top of page

Privacy Policy - Datenschutzerklärung

Bloom Collective by Timmie
Effective Date: 02/2026
Website: [Insert URL]
Responsible Party: Birte Thimm
Email: bloom collective.bct@gmail.com

1. Data Controller

The controller within the meaning of the GDPR is:

Bloom Collective by Timmie
Birte Thimm
Germany

2. Collection and Storage of Personal Data

We collect personal data when you:

  • Register for yoga classes, ceremonies, retreats, or workshops

  • Subscribe to our newsletter

  • Contact us via contact form or email

  • Make a booking through our website

    Categories of Data Collected

  • First and last name

  • Address (if required for invoicing)

  • Email address

  • Phone number

  • Payment information

  • Emergency contact details (for retreats)

  • Health-related information voluntarily provided

  • IP address and technical usage data

3. Legal Basis for Processing (Art. 6 GDPR)

Your data is processed on the following legal grounds:

  • Art. 6(1)(b) GDPR – Performance of a contract (booking classes/retreats)

  • Art. 6(1)(a) GDPR – Consent (newsletter, health information)

  • Art. 6(1)(f) GDPR – Legitimate interest (website security, service improvement)

  • Art. 6(1)(c) GDPR – Legal obligations (tax law, accounting retention)

4. Health Data (Special Category Data – Art. 9 GDPR)

If you voluntarily provide health-related information (e.g. injuries, pregnancy, psychological conditions), this data is processed solely:

  • To ensure your safety during yoga, ceremonies, and retreats

  • Based on your explicit consent (Art. 9(2)(a) GDPR)

You may withdraw this consent at any time.

5. Data Sharing

We do not sell your data.

Your data may be shared with:

  • Payment providers

  • Tax advisors (as legally required)

  • Newsletter/email service providers

  • Retreat venues (only where necessary for event organization)

Where data is transferred outside the EU, appropriate safeguards under GDPR will apply.

6. Storage Duration

We retain personal data only as long as necessary:

  • Booking data: 10 years (German tax law – §147 AO)

  • Newsletter data: Until withdrawal of consent

  • Inquiry data: Up to 24 months after last contact

7. Your Rights Under GDPR

You have the right to:

  • Access your stored data (Art. 15 GDPR)

  • Rectification (Art. 16 GDPR)

  • Erasure (Art. 17 GDPR)

  • Restriction of processing (Art. 18 GDPR)

  • Data portability (Art. 20 GDPR)

  • Withdraw consent at any time

  • Lodge a complaint with a supervisory authority

Competent supervisory authority:
The Data Protection Authority of your federal state in Germany.

8. Cookies & Tracking

Our website may use technically necessary cookies.
If analytics tools (e.g. Google Analytics) are used, consent will be requested via cookie banner in compliance with GDPR and TTDSG.

9. Data Security

We implement technical and organizational security measures to protect your data against unauthorized access.

bottom of page