Skip to main content
🚧 This site is currently under development and in testing phase. Features may change.
RNIG e.V.

Privacy Policy

Last updated: March 2026

1. Data Controller

Rhein Neckar Indische Gemeinde e.V. (RNIG e.V.), Breslauer Str. 11, 68519 Viernheim, Germany.

For privacy inquiries contact: privacy@rnig-ev.org

2. Data We Process

We process account data, ticket order data, membership application data (including personal details, interests, and digital signatures), form submission data, event check-in data, administrative audit logs, and technical logs.

If a membership application is approved and you proceed to payment setup, Stripe processes recurring payment setup and billing data, and we store the Stripe identifiers and payment lifecycle state needed to manage the membership.

We also use Cloudflare Turnstile on the membership form for abuse prevention, which processes technical request data and challenge-response information.

Some data is required so we can provide ticketing, account, or membership services. If required data is not provided, we may be unable to provide the relevant service.

3. Legal Basis

Processing is based on Art. 6(1)(b) GDPR (contract), Art. 6(1)(c) GDPR (legal obligations), and Art. 6(1)(f) GDPR (legitimate interests including security, fraud prevention, and anti-bot protection).

4. Processors

We use service providers for hosting, authentication, payments, and transactional email delivery.

  • Supabase — database hosting and authentication (EU-region servers)
  • Stripe — one-time ticket payments and recurring membership payment setup and billing
  • Cloudflare — Turnstile captcha service for abuse prevention on the membership form
  • Microsoft (Azure Communication Services + Azure Blob Storage) — email delivery and event photo hosting
  • Vercel — website hosting

5. Cookies and Storage

We use essential cookies and similar browser storage for authenticated sessions, language preference, and consent settings.

We currently do not use advertising or analytics cookies.

6. International Transfers

Some processors, including Stripe, Vercel, and Cloudflare, may process data in the United States. Where data is transferred outside the EEA, we rely on appropriate safeguards such as the EU–U.S. Data Privacy Framework or Standard Contractual Clauses.

7. Your Rights

You may request access, rectification, erasure, restriction, data portability, and objection as provided by GDPR.

You also have the right to lodge a complaint with a supervisory authority.