Dear User,
We value your privacy and want you to feel comfortable and secure when using our services. Therefore, we have prepared a document detailing how we handle your personal data.
Contents:
1. Definitions
2. Introduction
3. General Information
4. Recipients of Personal Data on the Website
5. Acquisition, Collection, Purpose, Scope, and Processing Activities of Personal Data
6. Rights of the Data Subject
7. Cookie Mechanism, Operational Data, and Analytics
8. Closing Remarks
Article 1 Definitions
1. Administrator – magzhen, conducting business activities, registered with the Central Business Register and Information Center. The Administrator provides electronic services and stores and accesses information on users’ devices.
2. User – An individual using this website; an entity to whom electronic services may be provided or with whom an electronic service agreement may be concluded in accordance with legal provisions.
3. Website – The website located at the domain name luxurystyleblog.com, through which the Administrator operates this website.
4. Electronic Services – Electronic services provided by the Administrator to Users via this website.
5. Contact Form – An interactive form through which Users contact the Administrator.
6. Newsletter – An electronic bulletin sent to subscribers via email.
7. Device – The electronic equipment through which the User accesses the Website.
8. Consumer – A natural person who enters into a contract with the Seller via the Website, where the subject matter of the contract is not directly related to their business or professional activities.
Article 2 Introduction
1. This Privacy Policy sets forth the principles governing the processing and protection of personal data of website users (including potential users) accessed via the following URL (luxurystyleblog.com, hereinafter referred to as “this Website”). This document describes the basis, purposes, and scope of personal data processing, outlines the functionality of this Website, identifies data processors, and includes information regarding the use of cookies and analytics tools on this Website.
2. Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the European Union L 119, p. 1), hereinafter referred to as the GDPR (you can read the Regulation here), the controller of personal data collected through this website is magzhen, conducting business activities and registered in the Central Business Activity Register and Information System.
3. The processing of users’ personal data complies with the provisions on personal data protection and the Act on the Provision of Electronic Services of July 18, 2002 (Journal of Laws No. 144, item 1204, as amended).
4. The Personal Data Administrator declares that this Privacy Policy is provided for informational purposes only and does not impose any obligations on website users. Its purpose is to define the actions taken by the Administrator and describe the services, tools, and features related to the website that users may utilize, such as posting comments, sending messages via contact forms, subscribing to newsletters, or performing other actions within the website.
Article 3 General Information
1. The website administrator makes every effort to protect the privacy of website users and all data and information obtained from them. The administrator carefully selects and implements technical security measures, including procedural and organizational safeguards, to ensure data is protected against access, disclosure, loss, destruction, unauthorized modification, or processing in violation of applicable laws.
2. The website administrator informs users that this site employs a transmission protocol ensuring secure internet data transfer: the SSL (Secure Sockets Layer v3) protocol. This security measure involves encrypting data before it is sent from the user’s browser and decrypting it upon its secure arrival at the website server. Information sent from the server to the user is also encrypted and decrypted upon reaching its destination.
3. Data collected by the Administrator will be processed lawfully and in accordance with the principles of fairness and transparency. Data collection is limited to the minimum necessary for specific purposes and processed in line with those purposes. Data will not be used for further processing incompatible with these purposes. Data is relevant to the intended purpose and accurate in content. Data is stored in a manner that permits identification of the data subject. The duration of data storage depends on the purpose of processing and is limited to the time required to achieve the intended purpose.
4. The website administrator has the right to access data in accordance with the terms specified in the privacy policy; however, the administrator may entrust users’ personal data to external entities with whom they collaborate. Such entrustment is based on an appropriate personal data entrustment agreement concluded between the administrator and the data processor. These agreements include a clause explicitly defining the scope and duration of personal data processing required for service provision. The Administrator declares that it only collaborates with entities that ensure the security of personal data processing by implementing security measures compliant with GDPR requirements.
5. The Administrator has the right (and legal obligation) to provide information about website users to public authorities, for example, during investigations into potential illegal activities, or to third parties requesting such information under applicable Dutch law.
6. The use of services and tools provided on this website, as well as the provision of personal data, is entirely voluntary. However, providing such data may be a prerequisite for entering into and performing agreements for services and/or electronic services offered on this website. Failure to provide such data will therefore prevent the conclusion of such agreements. The scope of data required for agreement formation is indicated on this website.
7. By using the services and tools provided on this website, the user acknowledges having read the terms of this Privacy Policy and simultaneously consents to the use of their personal data in accordance with these terms (where necessary) by checking the corresponding checkbox(es) on this website (the content of which specifies the purpose for which the personal data is provided).
Article 4 Recipients of Personal Data on the Website
1. To ensure the website operates properly, functions fully, and provides relevant services, the administrator utilizes services from external entities. The administrator transfers data only when strictly necessary to achieve specific personal data processing purposes and solely within the scope required to fulfill such purposes.
2. Examples of recipients of website users’ personal data include: service providers supporting the website administrator’s operations, such as providers of computer software for website operation and email services, companies operating email systems for sending newsletters, hosting service providers, entities offering services through the website, and entities managing website functionality.
3. Data recipients (external entities) process personal data based on corresponding data processing agreements signed with the website administrator. These entities collect, process, and store personal data in accordance with their own regulations and privacy policies.
4. The administrator entrusts the following entities to process services for the luxurystyleblog.com website.
Article 5 Collection, Purpose, Scope, and Processing Activities
1. The Administrator collects user information through various means, including but not limited to gathering server logs, IP addresses, software and hardware parameters, browsed pages, mobile device identifiers, and other data related to device and system usage. The aforementioned information is collected in connection with the user’s use of this website. The Administrator will not use this data to identify users personally.
2. The Administrator may also collect users’ navigation data, including information about links, references, or other activities performed on this website, to facilitate users’ access to electronic services and improve the functionality of these services.
3. The Administrator reserves the right to filter and block messages sent through the internal messaging system, particularly when messages constitute spam, contain prohibited content, or otherwise threaten the security of website users.
4. As part of operating this website, the Administrator processes users’ personal data for the following purposes:
– To facilitate users’ use of this website and ensure its IT security;
– To respond to inquiries submitted via contact forms;
– To send newsletters;
– To enable the use of tools/features provided on this website;
– To organize contests.
5. The Administrator hereby informs users that it collects, processes, and stores the following data: name and email address. 6
. Personal data collected for the purposes described in the Privacy Policy shall be stored for the duration of the Administrator’s provision of services (including electronic services) and until the expiration of any periods arising from statutes of limitations, tax regulations, consumer rights, or other relevant rights.
7. Users have the right to file a complaint if the electronic services provided by the Administrator are not performed or are performed improperly.
Should the user exercise this right, the Administrator is obligated to address the matter promptly, no later than 14 calendar days after receiving the complaint. To exercise this right, contact 必须以书面形式或通过电子邮件向[email protected]发送明确的终止电子服务合同声明. To expedite complaint processing, it is recommended to provide the following information: details of the complaint and the specific circumstances of the defect, a description of the user’s request, and contact details. The above suggestions are not mandatory and will not affect the efficiency of complaint processing.
8. The legal basis for data processing related to user services (including contacting users to respond to inquiries sent via email or contact forms) is Article 6(1)(a) of the General Data Protection Regulation (GDPR), namely the user’s consent to processing. If a contract is concluded following contact, data will be processed under Article 6(1)(b) of the GDPR. After contact concludes, processing is based on archiving communications for legitimate purposes to demonstrate progress (Article 6(1)(f) GDPR).
9. The newsletter service is part of the website functionality. Data related to newsletter subscriptions is used solely for sending newsletters and is based on the user’s explicit consent (Article 6(1)(a) GDPR).
10. When filling out the newsletter subscription form, the personal data of the service user is transferred to the United States. This is achieved by transmitting the data to a database located on servers in the United States. The administrator informs that they use the MailChimp email system, whose provider is located in a third country—the United States. The company operating the MailChimp email system has joined the Privacy Shield program, thereby ensuring a level of personal data protection that meets European regulatory requirements.
11. Consent voluntarily granted by the user to receive newsletters or commercial communications via email may be withdrawn at any time upon the user’s request. Upon receiving such a request, the administrator will promptly (no later than 48 hours after receiving the notice of withdrawal of consent) remove the user’s data from the contact database used for sending commercial communications electronically.
12. As part of the newsletter service, you may at any time correct your data stored in the database, request deletion of your data by unsubscribing from the newsletter, and exercise your right to data portability as described in Article 20 of the General Data Protection Regulation (GDPR).
13. As part of the website functionality, the administrator provides an interactive form for contacting the administrator. Using this form requires providing personal data necessary to contact the user and respond to the form’s inquiries. Users may also provide additional data to facilitate contact or order services. Providing data marked as required is necessary for processing the inquiry; failure to provide it may result in the inability to process the inquiry. Providing the remaining data is voluntary.
14. The legal basis for processing is the necessity to fulfill a service contract (GDPR Article 6(1)(b)), in order to identify the sender and process their inquiry submitted via the provided form.
15.
Article 6 Rights of the Data Subject
1. The GDPR grants users the following rights (detailed below). These rights may be exercised without justification, but they are not absolute and do not apply to all activities related to personal data processing. Users wishing to exercise any right may send a statement of intent at any time to the website email address or the registered office address of the data controller.
I. Right of Access to Data under Article 15 of the GDPR
Users may contact the data controller at any time to confirm whether their data is being processed. If processing is occurring, the user has the right to:
– Access their personal data;
– Obtain information regarding the purposes of processing, the categories of personal data being processed, the recipients or categories of recipients of such data, the planned storage period for the user’s data or the criteria for determining that period (if the planned processing period cannot be determined), the user’s rights under the GDPR (if the planned processing period cannot be determined), the user’s rights under the GDPR and the right to lodge a complaint with a supervisory authority, the source of such data, information on automated decision-making (including profiling), and safeguards related to the transfer of such data outside the EU;
– Obtain a copy of their personal data.
II. Pursuant to Article 16 of the General Data Protection Regulation (GDPR), users have the right to rectification,
entitling them to request the data controller to correct any inaccurate personal data without delay. Users also have the right to request the supplementation of their personal data. To request correction or supplementation of your personal data, please send the information to the website’s email address.
III. Right to Erasure (“Right to be Forgotten”) – Exercised under Article 17 of the GDPR
a) Users may request the controller to erase all or part of their data.
b) Users have the right to request the erasure of their personal data in the following circumstances:
– The personal data is no longer necessary for the purposes for which it was collected or processed;
– The user has withdrawn specific consent for processing personal data based on such consent;
– The user has objected to the use of their data for marketing purposes;
– The personal data has been processed unlawfully;
– Deletion is necessary to comply with a legal obligation under EU law or the law of the member state where the controller is established;
– The personal data was collected in connection with the provision of information society services;
c) Despite a user’s request to delete personal data related to an objection or withdrawal of consent, the controller may retain certain personal data where processing is necessary for the establishment, exercise, or defense of legal claims, and to comply with legal obligations under EU law or the law of the member state to which the controller is subject;
d) The controller’s deletion of personal data or cessation of processing may result in the inability to provide services offered through the website or limit the functionality of the website.
IV. Consent to Personal Data Processing and Right to Withdraw Consent, Exercised Pursuant to Article 7(3) of the General Data Protection Regulation (GDPR):
a) By accepting the statements made by the data controller in the interactive forms provided on the website, the user consents to the data controller processing their data for specific purposes;
b) Users may opt to accept optional statements provided in website forms to consent to the data controller processing their data for other purposes;
c) Users have the right to withdraw any consent previously granted to the data controller; withdrawal of consent takes effect from the date of withdrawal;
d) Withdrawal of consent shall not result in any adverse consequences for the user, but may prevent continued use of services or features that the data controller is legally required to provide only upon obtaining consent;
e) Withdrawal of consent does not affect the lawfulness of personal data processing carried out by the data controller prior to withdrawal.
V. Pursuant to Article 21 of the GDPR, users have the right to object to data processing:
a) Where the controller processes personal data based on legitimate interests, users have the right to object at any time on grounds relating to their particular situation to the processing of their personal data, including profiling;
b) When a user unsubscribes from marketing communications about products and services sent via email, this constitutes objection to processing their data for such purposes, including profiling;
c) If the controller lacks any other lawful basis for processing the user’s data and the objection is justified, the personal data subject to the objection shall be erased.
VI. Pursuant to Article 18 of the General Data Protection Regulation (GDPR),
users have the right to request restriction of processing of their personal data under the following circumstances:
a) The user contests the accuracy of their personal data—the data controller shall restrict processing of such personal data until its accuracy is verified;
b) Processing of the user’s personal data is unlawful, and the user requests restriction of processing instead of erasure of the personal data;
c) The personal data is no longer necessary for the purposes of the processing, but is required by the user for the establishment, exercise, or defense of legal claims;
d) Where the user objects to the processing of their personal data—processing shall be restricted until it is determined whether the legitimate interests of the controller override the user’s grounds for objection.
VII. Right to Data Portability (GDPR Article 20).
You have the right to receive your personal data from the data controller in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
You may also request that the data controller transmit your personal data directly to another data controller (if technically feasible).
VIII. Users also have the right to lodge a complaint with the Director of the Personal Data Protection Office regarding any infringement of their personal data protection rights or other rights granted under the GDPR.
Article 7 Cookie Policy, Operational Data, and Analytics
1. This website uses small files called “cookies.” If permitted by the web browser, these files are saved and stored on the website user’s computer or other terminal device. Cookies typically contain their originating domain name, the duration they remain stored on the device, and an assigned value.
2. Cookies are used to optimize the website experience, collect statistical data to help us understand how users interact with the site, and thereby improve its structure. They are also essential for maintaining user session status after the user leaves the website.
3. The administrator employs two types of cookies:
a) Session Cookies (Temporary): These are stored on the user’s terminal device and remain there until the browser session ends. Afterward, the saved information is permanently deleted from the device’s memory. The session cookie mechanism does not permit the download of any personal data or confidential information from the user’s device.
b) Persistent Cookies: These are stored on the user’s device and remain there until deleted. Ending the browser session or turning off the device does not remove them from the user’s device. The persistent cookie mechanism does not permit the collection of any personal data or confidential information from the user’s device.
4. The service administrator uses external cookies to:
a) Collect generic anonymous statistics and personal data for advertising purposes through analytics tools (e.g., Google Analytics, where the cookie administrator is Google LLC, located in the United States);
b) Promote this website using the social network www.facebook.com (where the external cookie administrator is Facebook Inc., located in the United States, or Facebook Ireland, located in Ireland).
5. Google LLC, Facebook Inc., Twitter, and LinkedIn are all based in third countries (the United States). They have joined the Privacy Shield framework to ensure a level of personal data protection compliant with GDPR requirements.
Under the agreement between the United States and the European Commission, the European Commission has determined that the data protection level of companies certified under the Privacy Shield is adequate.
6. The administrator uses Google Analytics tracking code to analyze this website’s statistics; for details on Google Analytics, visit https://support.google.com/analytics/answer/6004245.
7. Users may change their cookie settings at any time via their web browser, including blocking cookie collection. This may hinder or prevent access to the website’s services and tools.
8. If users decide not to consent to the use of cookies for the aforementioned purposes, they may manually delete cookies at any time. Detailed instructions and information regarding cookies are available in the help menu of the web browser currently in use. Examples of web browsers supporting these cookies include: Internet Explorer, Mozilla Firefox, Google Chrome, Opera, Safari, and Microsoft Edge.
9. Certain third parties operating on the website allow users to withdraw their consent for the collection and use of data based on user activity for advertising purposes. More information on this topic and how to exercise this choice can be found, for example, at: www.yuoronlinechoices.com. You can prevent Google Analytics from sharing information about your activity on the website by using the cookie browser plugin provided by Google Inc., available here: https://tools.google.com/dlpage/gaoptout?hl=pl.
Article 8 Final Provisions
1. This Privacy Policy contains links to other websites; we recommend you carefully review the privacy policies and terms and conditions of those sites.
2. This Privacy Policy applies solely to the Administrator Website.
3. Website services may expand, potentially leading to changes in this Privacy Policy. We will notify you of such changes via appropriate announcements on the website.
4. For any other questions regarding the website’s Privacy Policy, please email [email protected].