The Secret Buddha

 

Privacy Policy

In this privacy policy, we inform you about the type, scope, and purpose of the personal data we collect, use, and process. “Personal data” means any information relating to an identified or identifiable natural person (e.g., name, address, email address, online identifiers, and information about your use of our website). We use SSL encryption on our website to protect your personal data and other confidential content (e.g., during order processing and inquiries via our contact form).

If you have any questions about the collection, processing, or use of your personal data, or if you require information, correction, restriction or deletion of data, as well as the withdrawal of any consent given or objection to a specific data processing, please contact the person responsible as mentioned below.

I. Name and Contact Details of the Responsible Party

Responsible within the meaning of Art. 4 No. 7 GDPR, other data protection laws applicable in the member states of the European Union, and other provisions related to data protection:

Mr. Etienne Stander
Bertelestr. 21
81479 Munich
Email: etienne.stander@feelandflowsurf.com

II. Your Rights

You have the following rights with respect to the personal data concerning you:

  • Right of access (Art. 15 GDPR): confirmation as to whether personal data concerning you is being processed by us and, where that is the case, access to that personal data and information about the processing.
  • Right to rectification (Art. 16 GDPR): the rectification of inaccurate or completion of your personal data stored by us without undue delay.
  • Right to erasure (Art. 17 GDPR): the deletion of your personal data, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims.
  • Right to restriction of processing (Art. 18 GDPR): where you contest the accuracy of the data, where processing is unlawful and you oppose erasure, where we no longer need the data but you require it for legal claims, or where you have objected pursuant to Art. 21 GDPR.
  • Right to data portability (Art. 20 GDPR): to receive your personal data which you have provided to us, in a structured, commonly used and machine-readable format or to request the transfer to another controller.
  • Right to withdraw consent at any time (Art. 7(3) GDPR). The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
  • Notification obligation (Art. 19 GDPR): if you assert your rights to rectification, erasure, or restriction of processing, we will inform all recipients to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about those recipients.
  • Right to lodge a complaint (Art. 77 GDPR): with the supervisory authority responsible for us (e.g., https://www.datenschutz-bayern.de/).

III. Provision of Our Website and Creation of Server Log Files

When using our website for informational purposes only (i.e., you do not register or otherwise provide us with information), we collect only the personal data that your browser transmits to our server. If you visit our website, we collect the following data, which is technically necessary for us to display our website and ensure its stability and security:

  • IP address
  • Date and time of access
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request comes (referrer)
  • Subpages visited on our site
  • Browser type and version used
  • Operating system and its interface
  • Language and version of the browser software

These data are stored temporarily in the server’s log files separately from personal data that you may provide to us voluntarily. The anonymously collected data and information in the log files are evaluated statistically with the aim of increasing data protection and data security and ensuring an optimal level of protection for the personal data we process. This also applies to the REST endpoints used by our on-site “Secret Buddha Agent” (see Section XII), which are served by our website.

Legal basis: Art. 6(1)(f) GDPR (legitimate interests).
Storage duration: until the end of the session or when no longer necessary for the purpose.
Note: The collection and storage in log files are mandatory for the operation of our website; there is no possibility to object.

IV. Use of Cookies

When using our website, we additionally use cookies. Cookies are small text files stored on your device by your browser. Cookies help us to:

  • Make our website easier to use and more effective,
  • Recognize you on return visits (so you do not have to re-enter login data),
  • Temporarily store items placed in your shopping cart,
  • Provide access to protected areas of our website,
  • Retain text you entered so it is not lost when the page refreshes.

We use session cookies (deleted after you close the browser or log out) and persistent cookies (stored until you delete them or they expire) to store preferences and recognize you on return visits.

We may also use third-party cookies (e.g., Google) so that third-party providers can provide services. Details are provided elsewhere in this policy.

Legal basis: Art. 6(1)(f) GDPR (legitimate interests). You can configure your browser to accept or reject cookies (including third-party cookies). Some site functions may not work if cookies are disabled.

Note on the Secret Buddha Agent (Section XII): the Agent itself does not set additional tracking cookies. It relies on standard WordPress session/auth cookies when you are logged in. For short-term abuse prevention, we use transient counters keyed to a hashed version of your IP address (no cookie is set for this). These counters automatically expire after ~10 seconds or ~60 seconds, depending on the rate-limit window.

V. Registration on Our Website: DiaryX Community / Customer Account

1. Description and Scope of Data Processing

We offer you the opportunity to register to obtain a customer account for our online shop and simultaneously join our online community (“DiaryX Community,” currently powered by BuddyBoss). By registering, you create one unified account that grants access to both webshop functions and community features.

Mandatory data: salutation; first name; last name; address (street, postal code, city, country); email address; password. We also record your IP address as well as the date and time of registration. If you voluntarily provide additional data (e.g., telephone number), we store it as part of your profile.

2. Purpose of Processing

  • Set up and administer your customer account (e.g., order history),
  • Provide access to the DiaryX Community (e.g., posts, groups, connections),
  • Identify and authenticate you for secure access to webshop and community.

3. Visibility of Your Data Within the Community

Currently, only logged-in members can view other member profiles, activity feeds, and related data. If we later activate RSS or REST APIs for certain areas (e.g., public feeds or user profiles), some content may be visible to non-logged-in visitors or external platforms. We will inform you in advance so you can adjust your data-sharing preferences.

4. Voluntary Nature & Future Adjustments

Registration is currently free. We may introduce paid services or features in the future. Any material change to cost or scope of processing will be communicated in due time; you may then continue or discontinue membership.

5. Legal Basis

  • Consent (Art. 6(1)(a) GDPR) for registration/community processing;
  • Contract performance (Art. 6(1)(b) GDPR) for webshop orders.

6. Retention and Your Rights

You can view, edit, or delete your profile information at any time (subject to legal retention obligations). You may withdraw consent at any time with future effect. Where data is required for contract performance or legal retention, we will restrict processing where possible.

7. Deletion of Account

You may request deletion of your unified DiaryX account (webshop + community) at any time. After deletion, access to features ceases. Statutory retention periods (e.g., for invoices) remain unaffected.

By registering, you acknowledge that community-related personal data (including any optional information) may be processed and displayed as outlined above and that visibility settings could change if RSS/REST features become necessary.

VI. Use of Our Online Shop (Ordering Function)

If you place an order in our shop, providing the personal data listed in Section V is necessary to conclude the contract. Without this data, you cannot use the ordering function. We process your data to handle your order, cancellations, warranty claims, and to answer inquiries.

Your personal data will be transmitted to third parties only if necessary for contract and payment processing. Third parties (e.g., shipping and payment providers) receive personal data only to the extent required to deliver your order and process payment.

PayPal: If you choose “PayPal,” your data is transmitted to PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg. Typical data: first/last name, address, email address, IP address, phone, mobile, and order-related data (items, invoice amount, taxes). PayPal may transmit your personal data to affiliated companies/service providers or subcontractors where necessary to fulfill contractual obligations or if data is processed on behalf of PayPal. PayPal may transmit your data to credit agencies for identity and credit checks. See PayPal privacy policy and annex for credit agencies: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

You may object at any time. The lawfulness of processing up to the time of objection remains unaffected.

Credit card via PAYONE: If you choose “credit card” (VISA, MasterCard), your data is transmitted to PAYONE (BS PAYONE GmbH, Lyoner Straße 9, 60528 Frankfurt/Main). You will be redirected to PAYONE’s secure website. Credit card data is processed only by PAYONE. Typical data: first/last name, address, email, IP address, and order-related data (items, invoice amount, taxes). You may object at any time; the lawfulness of prior processing remains unaffected. PAYONE privacy policy: https://www.bspayone.com/de/privacy

Legal basis: Art. 6(1)(b) GDPR (contract performance/pre-contractual measures).
Retention: We are obliged by commercial and tax regulations to store address, payment, and order data for up to ten years. After two years, processing is restricted to legal obligations.

VII. Contact Form / Communication via Email

You can contact us at any time via our contact form. When sending a message, your email address (mandatory) and the date/time are stored. Alternatively, you can contact us by email; only the data you send us will be stored.

Legal basis: Art. 6(1)(f) GDPR (legitimate interests). We use the data exclusively to respond to your request. Data is deleted when storage is no longer necessary or restricted if legal retention periods apply. You can object at any time; however, correspondence cannot then be continued.

VIII. Use of Google Maps

We use Google Maps (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). This allows us to display interactive maps. By visiting the page, Google receives information that you accessed the corresponding subpage, plus the data mentioned in Section III. If you are logged in to your Google account, your data may be assigned to your profile. If you do not want assignment, log out before using the map. Google stores your data as usage profiles for advertising, market research, and/or needs-based website design (including for users not logged in). You can object to the creation of these profiles by contacting Google.

Legal basis: Art. 6(1)(f) GDPR (legitimate interests). Further information is available in Google’s privacy policy: http://www.google.de/intl/de/policies/privacy.
Google may process personal data in the USA. Transfers are protected under applicable safeguards (e.g., the EU–U.S. Data Privacy Framework and/or standard contractual clauses, as applicable).

IX. Use of YouTube Videos

We embed YouTube videos (YouTube/Google LLC). Videos are embedded in extended data protection mode; no data is transmitted to YouTube unless you play a video. Only when you play the video will the data mentioned in Section III be transmitted to YouTube. If you are logged into Google, your data may be assigned to your account; log out to prevent this. YouTube uses cookies and stores data as usage profiles for advertising, market research, and/or needs-based design. Regardless of playback, a connection to the Google “DoubleClick” network may be established when the page loads.

You can object to the creation of these profiles by contacting YouTube directly.

Legal basis: Art. 6(1)(f) GDPR (legitimate interests). Further information: http://www.google.de/intl/de/policies/privacy.
Google may process personal data in the USA. Transfers are protected under applicable safeguards (e.g., the EU–U.S. Data Privacy Framework and/or standard contractual clauses, as applicable).

X. Routine Deletion and Blocking of Your Personal Data

We process and store your personal data only for the period necessary to achieve the purpose or as required by EU or national law. If the storage purpose ceases to apply or a statutory storage period expires, personal data will be blocked or deleted in accordance with legal requirements unless you have consented to further use.

XI. Right to Object (Art. 21 GDPR)

If we process your personal data based on our legitimate interests pursuant to Art. 6(1)(f) GDPR, you have the right to object at any time for reasons arising from your particular situation, with effect for the future and free of charge.

If we process your personal data for direct marketing purposes, you also have the right to object to processing for such advertising purposes at any time with effect for the future, free of charge; this also applies to profiling to the extent that it is related to such direct marketing.

Please address your objection to the responsible party named in Section I (e.g., by email).

XII. Processing by the “Secret Buddha Agent” Advisor Chat Agent (Link: Agent Information & Policy)

1. What the Agent Is

We provide an AI-powered “Secret Buddha Agent” that appears as a chat bubble and/or inline dialog. It offers general self-improvement guidance and planning support.

2. Data Categories Processed

Depending on how you use the Agent and your choices, we may process:

  • Chat messages you type (to generate a reply).
  • Summaries of prior conversations (short, privacy-preserving) — only if you consent.
  • Key Facts you save (e.g., “goal: run daily”, “preference: morning routine”) — only if you consent.
  • Active Plan items you add/edit — only if you consent.
  • Consent state and timestamp (whether you enabled memory).
  • Operational metadata: timestamps, UI surface (bubble/inline), limited error and rate-limit events without storing your full message content for those events.

3. Purpose of Processing

  • Generate responses to your queries (stateless or personalized).
  • Provide continuity (remembering summaries, facts, plan) only with your consent.
  • Enable export and erasure upon request.
  • Maintain stability and security (rate limiting, safety triage, Lite mode fallback).

4. Legal Bases (GDPR)

  • Stateless use (no memory): Art. 6(1)(f) GDPR (legitimate interests) to provide the service you request in the chat.
  • Memory features (summaries, facts, plan): Art. 6(1)(a) GDPR (your consent). You may withdraw consent at any time with future effect; the Agent will then operate statelessly.

5. Third-Party Processing & International Transfers

To generate replies, we may send your prompt and relevant context to our AI provider (currently OpenAI) acting as our processor. Processing may occur outside the EU. We implement appropriate safeguards (e.g., standard contractual clauses and/or participation in the EU–U.S. Data Privacy Framework, as applicable). We avoid sending directly identifying data (e.g., your account email). If the provider is unavailable, the Agent switches to a local Lite mode (no external AI call).

6. Retention

  • Summaries: automatically purged after a configurable period (default: 180 days).
  • Key Facts & Active Plan: retained until you erase them or request deletion.
  • Consent state: retained to honor your preference and timestamp.
  • Operational metadata (rate-limit counters): stored as short-lived transients keyed to a hashed IP that automatically expire after roughly 10 seconds or 60 seconds.

7. Your Controls

  • Consent toggle: turn memory on/off at any time (Agent settings).
  • Export: download your Agent data (JSON: summaries, facts, plan).
  • Erase: erase all Agent data at any time.
  • Commands: /help, /plan add …, /forget …, /remember <type>: <value>, /export.

8. Safety Triage & Limitations

The Agent includes simple keyword-based triage (e.g., self-harm, violence, medical emergencies). In such cases it provides supportive, non-clinical guidance and suggests contacting appropriate services; it does not provide professional medical or emergency advice.

9. No Automated Decisions with Legal Effects

We do not use Agent data to make automated decisions that produce legal or similarly significant effects on you.

10. Disclaimer

The Agent provides general self-improvement guidance and is not a medical or mental-health professional service, and not legal or financial advice.

XIII. Changes to This Policy

We may update this Privacy Policy to reflect changes in our services (including the Agent), new features, or legal requirements. When material changes occur, we will notify you appropriately and publish the revised policy with its effective date.

XIV. Contact & Data Protection

If you have questions about this policy or your data (including Agent summaries, facts, and plan), or if you wish to exercise your rights, please contact the person named in Section I above.

Existentialists is a philosophical movement that emphasizes individual existence, freedom, and choice. Existentialists believe that individuals are responsible for creating their own meaning and purpose in life, as opposed to relying on external sources such as religion or societal norms. Key concepts in existentialism include:

1. Existence precedes essence: Existentialists assert that individuals exist first and then define themselves through their actions and choices.

2. Freedom and responsibility: Existentialists emphasize the freedom of individuals to make their own choices, but also highlight the responsibility that comes with this freedom. They believe that individuals must take responsibility for their actions and their impact on the world.

3. Anxiety and authenticity: Existentialists often discuss the experience of anxiety that arises from the awareness of one’s freedom and responsibility. They advocate for authenticity, which involves being true to oneself and living in accordance with one’s own values and beliefs.

4. Absurdity: Existentialists contend that the universe is inherently meaningless, and that individuals must create their own meaning in a world that lacks inherent purpose or order.

5. Authenticity: Existentialists encourage individuals to live authentically by making choices that align with their true selves, rather than conforming to societal expectations or external influences.

Overall, existentialism emphasizes the importance of individual experience, choice, and responsibility in creating meaning and purpose in life.

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .