Privacy Policy

Cookie & Privacy Policy

1. Data Controller Information

Company Name: XY s.r.o.

Registered Office: …

Company ID (IČO): …

VAT ID (IČ DPH): …

Email: info@flowinsor.com

Website: https://flowinsor.com

 

The Data Controller is committed to protecting personal data and processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation – GDPR) and applicable European Union and Slovak data protection laws.

2. Categories of Personal Data Processed

When using the website, making a purchase, or subscribing to our newsletter, we may process the following personal data:

  • Name
  • Email address
  • Billing name
  • Billing address
  • Purchase and order information
  • Transaction information
  • IP address
  • Browser and device information
  • Cookies and technical data
  • Information provided during customer support communications
  • Newsletter subscription information

3. Purposes of Data Processing

Personal data may be processed for the following purposes:

  • Operating and maintaining the website
  • Selling digital products
  • Providing online courses and educational materials
  • Processing purchases and orders
  • Electronic invoicing
  • Customer support and communication
  • Sending newsletters
  • Marketing communications
  • Statistical and analytical measurements
  • Maintaining website security
  • Fraud prevention
  • Compliance with legal obligations

4. Digital Products

The website offers digital products and educational materials, including:

  • E-books
  • PDF materials
  • Audiobooks
  • Video courses
  • Downloadable resources
  • Other digital content

Following a purchase, products are delivered electronically or made accessible through digital means.

5. Legal Basis for Processing

Personal data may be processed on one or more of the following legal bases:

  • Performance of a contract (Article 6(1)(b) GDPR)
  • Compliance with a legal obligation (Article 6(1)(c) GDPR)
  • Consent of the data subject (Article 6(1)(a) GDPR)
  • Legitimate interests of the Data Controller (Article 6(1)(f) GDPR)

Newsletter subscriptions are processed solely on the basis of the subscriber’s voluntary consent.

6. Payment Processor

Payments are securely processed through Stripe.

The Data Controller does not have access to and does not store payment card details.

Stripe Privacy Policy:

https://stripe.com/privacy

7. Newsletter and Marketing Communications

With the subscriber’s consent, we may send:

  • Newsletters
  • Notifications about new content
  • Book and course recommendations
  • Marketing communications

The legal basis for newsletter communication is the data subject’s voluntary consent.

Consent may be withdrawn at any time by clicking the unsubscribe link included in emails or by contacting us at info@flowinsor.com.

8. Cookies

The website uses cookies and similar technologies to ensure proper functionality, security, and user experience.

Cookies are small text files stored on a user’s device when visiting the website. They help the website function correctly, remember user preferences, analyze website traffic, and support marketing activities.

We use the following categories of cookies:

Strictly Necessary Cookies

These cookies are essential for the operation and security of the website. They enable core functions such as page navigation, shopping cart functionality, payment processing, security features, and access to secure areas of the website.

These cookies may be placed without the user’s consent where permitted by applicable law.

Analytics Cookies

Analytics cookies help us understand how visitors interact with the website by collecting statistical and usage information. This allows us to improve website performance and user experience.

Marketing Cookies

Marketing cookies may be used to track visitors across websites, measure advertising effectiveness, and display relevant marketing content.

The website may use cookies associated with:

  • WordPress
  • WooCommerce
  • Elementor
  • Google Analytics
  • Google Tag Manager
  • Meta Pixel
  • Google reCAPTCHA
  • Stripe
  • Other website functionality and analytics tools

Users may manage, modify, or withdraw their cookie preferences at any time through the cookie settings available on the website or through their browser settings.

Please note that disabling certain cookies may affect the functionality and performance of the website.

9. Data Processors and Data Transfers

To provide our services, we may engage the following data processors:

  • Stripe Payments Europe Ltd. – payment processing
  • Hostinger International Ltd. – web hosting services
  • MailerLite Limited – newsletter distribution
  • Google Ireland Limited – analytics, marketing, and YouTube services
  • Meta Platforms Ireland Ltd. – Facebook and Instagram services

Personal data is transferred only to the extent necessary for the provision of services.

The Data Controller engages only those data processors that provide adequate guarantees of compliance with GDPR requirements.

10. International Data Transfers

Some data processors may process personal data outside the European Economic Area (EEA).

Any such transfers are carried out in accordance with GDPR requirements and appropriate safeguards, including adequacy decisions of the European Commission or Standard Contractual Clauses.

11. Data Retention Periods

Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected.

Typical retention periods include:

  • Purchase and invoicing data: 8 years
  • Accounting records: 8 years
  • Newsletter subscription data: until unsubscribed
  • Contact enquiry data: up to 12 months
  • Customer support communications: 2 years
  • Analytics data: according to the relevant provider’s policies

Accounting records are retained in accordance with applicable legal requirements.

12. Rights of Data Subjects

Data subjects have the right to:

  • Request information about the processing of their personal data
  • Access their personal data
  • Request correction of inaccurate data
  • Request deletion of personal data
  • Request restriction of processing
  • Object to processing
  • Exercise the right to data portability
  • Withdraw consent at any time

Requests may be submitted to: info@flowinsor.com

You also have the right to object to the processing of your personal data where processing is based on the legitimate interests of the Data Controller, unless compelling legitimate grounds for processing exist.

13. Data Security

The Data Controller implements appropriate technical and organisational measures to protect personal data, including:

  • Protection against unauthorised access
  • Protection against data loss
  • Prevention of unauthorised modification
  • Secure data transmission

14. Use of Artificial Intelligence

The Data Controller may use artificial intelligence-based tools during certain business processes, including:

  • ChatGPT
  • ElevenLabs
  • HeyGen

The Data Controller seeks to ensure that only data necessary for providing services is processed through such systems.

The use of AI tools does not replace human decision-making and does not involve solely automated decision-making.

15. Social Media Platforms

The Data Controller may operate social media pages, including:

  • Facebook
  • Instagram
  • YouTube
  • X (formerly Twitter)
  • TikTok

The processing of personal data on these platforms is also subject to the respective platform providers’ privacy policies.

16. Processing of Children’s Data

The services provided through this website are primarily intended for individuals aged 16 and over.

Individuals under the age of 16 may provide personal data only with the consent of a parent or legal guardian.

17. Contact Enquiries

Personal data provided through email communications or other contact methods is processed solely for responding to enquiries and maintaining communication.

If no contractual relationship is established, such data may be retained for up to 12 months.

18. Complaints and Legal Remedies

If you believe that the processing of your personal data violates applicable data protection laws, you have the right to lodge a complaint with the competent supervisory authority.

Primary supervisory authority:

Office for Personal Data Protection of the Slovak Republic

Hraničná 12

820 07 Bratislava 27

Slovakia

Website: https://dataprotection.gov.sk

You also have the right to lodge a complaint with the data protection authority of your country of residence within the European Union.

19. Changes to this Privacy Policy

The Data Controller reserves the right to amend this Privacy Policy at any time.

The current version is always available at:

https://flowinsor.com