- Effective Date: May 21, 2026
Cookie & Privacy Policy
1. Data Controller Information
Company Name: XY s.r.o.
Registered Office: …
Company ID (IČO): …
VAT ID (IČ DPH): …
Email: info@flowinsor.com
Website: https://flowinsor.com
The Data Controller is committed to protecting personal data and processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation – GDPR) and applicable European Union and Slovak data protection laws.
2. Categories of Personal Data Processed
When using the website, making a purchase, or subscribing to our newsletter, we may process the following personal data:
- Name
- Email address
- Billing name
- Billing address
- Purchase and order information
- Transaction information
- IP address
- Browser and device information
- Cookies and technical data
- Information provided during customer support communications
- Newsletter subscription information
3. Purposes of Data Processing
Personal data may be processed for the following purposes:
- Operating and maintaining the website
- Selling digital products
- Providing online courses and educational materials
- Processing purchases and orders
- Electronic invoicing
- Customer support and communication
- Sending newsletters
- Marketing communications
- Statistical and analytical measurements
- Maintaining website security
- Fraud prevention
- Compliance with legal obligations
4. Digital Products
The website offers digital products and educational materials, including:
- E-books
- PDF materials
- Audiobooks
- Video courses
- Downloadable resources
- Other digital content
Following a purchase, products are delivered electronically or made accessible through digital means.
5. Legal Basis for Processing
Personal data may be processed on one or more of the following legal bases:
- Performance of a contract (Article 6(1)(b) GDPR)
- Compliance with a legal obligation (Article 6(1)(c) GDPR)
- Consent of the data subject (Article 6(1)(a) GDPR)
- Legitimate interests of the Data Controller (Article 6(1)(f) GDPR)
Newsletter subscriptions are processed solely on the basis of the subscriber’s voluntary consent.
6. Payment Processor
Payments are securely processed through Stripe.
The Data Controller does not have access to and does not store payment card details.
Stripe Privacy Policy:
7. Newsletter and Marketing Communications
With the subscriber’s consent, we may send:
- Newsletters
- Notifications about new content
- Book and course recommendations
- Marketing communications
The legal basis for newsletter communication is the data subject’s voluntary consent.
Consent may be withdrawn at any time by clicking the unsubscribe link included in emails or by contacting us at info@flowinsor.com.
8. Cookies
The website uses cookies and similar technologies to ensure proper functionality, security, and user experience.
Cookies are small text files stored on a user’s device when visiting the website. They help the website function correctly, remember user preferences, analyze website traffic, and support marketing activities.
We use the following categories of cookies:
Strictly Necessary Cookies
These cookies are essential for the operation and security of the website. They enable core functions such as page navigation, shopping cart functionality, payment processing, security features, and access to secure areas of the website.
These cookies may be placed without the user’s consent where permitted by applicable law.
Analytics Cookies
Analytics cookies help us understand how visitors interact with the website by collecting statistical and usage information. This allows us to improve website performance and user experience.
Marketing Cookies
Marketing cookies may be used to track visitors across websites, measure advertising effectiveness, and display relevant marketing content.
The website may use cookies associated with:
- WordPress
- WooCommerce
- Elementor
- Google Analytics
- Google Tag Manager
- Meta Pixel
- Google reCAPTCHA
- Stripe
- Other website functionality and analytics tools
Users may manage, modify, or withdraw their cookie preferences at any time through the cookie settings available on the website or through their browser settings.
Please note that disabling certain cookies may affect the functionality and performance of the website.
9. Data Processors and Data Transfers
To provide our services, we may engage the following data processors:
- Stripe Payments Europe Ltd. – payment processing
- Hostinger International Ltd. – web hosting services
- MailerLite Limited – newsletter distribution
- Google Ireland Limited – analytics, marketing, and YouTube services
- Meta Platforms Ireland Ltd. – Facebook and Instagram services
Personal data is transferred only to the extent necessary for the provision of services.
The Data Controller engages only those data processors that provide adequate guarantees of compliance with GDPR requirements.
10. International Data Transfers
Some data processors may process personal data outside the European Economic Area (EEA).
Any such transfers are carried out in accordance with GDPR requirements and appropriate safeguards, including adequacy decisions of the European Commission or Standard Contractual Clauses.
11. Data Retention Periods
Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected.
Typical retention periods include:
- Purchase and invoicing data: 8 years
- Accounting records: 8 years
- Newsletter subscription data: until unsubscribed
- Contact enquiry data: up to 12 months
- Customer support communications: 2 years
- Analytics data: according to the relevant provider’s policies
Accounting records are retained in accordance with applicable legal requirements.
12. Rights of Data Subjects
Data subjects have the right to:
- Request information about the processing of their personal data
- Access their personal data
- Request correction of inaccurate data
- Request deletion of personal data
- Request restriction of processing
- Object to processing
- Exercise the right to data portability
- Withdraw consent at any time
Requests may be submitted to: info@flowinsor.com
You also have the right to object to the processing of your personal data where processing is based on the legitimate interests of the Data Controller, unless compelling legitimate grounds for processing exist.
13. Data Security
The Data Controller implements appropriate technical and organisational measures to protect personal data, including:
- Protection against unauthorised access
- Protection against data loss
- Prevention of unauthorised modification
- Secure data transmission
14. Use of Artificial Intelligence
The Data Controller may use artificial intelligence-based tools during certain business processes, including:
- ChatGPT
- ElevenLabs
- HeyGen
The Data Controller seeks to ensure that only data necessary for providing services is processed through such systems.
The use of AI tools does not replace human decision-making and does not involve solely automated decision-making.
15. Social Media Platforms
The Data Controller may operate social media pages, including:
- YouTube
- X (formerly Twitter)
- TikTok
The processing of personal data on these platforms is also subject to the respective platform providers’ privacy policies.
16. Processing of Children’s Data
The services provided through this website are primarily intended for individuals aged 16 and over.
Individuals under the age of 16 may provide personal data only with the consent of a parent or legal guardian.
17. Contact Enquiries
Personal data provided through email communications or other contact methods is processed solely for responding to enquiries and maintaining communication.
If no contractual relationship is established, such data may be retained for up to 12 months.
18. Complaints and Legal Remedies
If you believe that the processing of your personal data violates applicable data protection laws, you have the right to lodge a complaint with the competent supervisory authority.
Primary supervisory authority:
Office for Personal Data Protection of the Slovak Republic
Hraničná 12
820 07 Bratislava 27
Slovakia
Website: https://dataprotection.gov.sk
You also have the right to lodge a complaint with the data protection authority of your country of residence within the European Union.
19. Changes to this Privacy Policy
The Data Controller reserves the right to amend this Privacy Policy at any time.
The current version is always available at: