This Privacy Policy describes how personal data of users of the website eulaliafotografia.com and the connected course platform is collected and processed.
Eulalia Twarog
Emil-Schmid-Str. 13, 75378 Bad Liebenzell
Email: info@eulaliafotografia.com
2. Types of Personal Data Collected
Name, email address, payment information (processed via Lemon Squeezy)
User account and login data on the course platform
IP address, device information, browser information
Cookies and analytical data
Data submitted through forms
3. Purposes of Data Processing
Providing access to the online photography course
Creating and managing user accounts
Processing payments
Improving website and platform performance
Conducting analysis and marketing activities
Sending information about new courses (customer marketing)
4. Legal Basis
Art. 6(1)(b) GDPR – contract performance
Art. 6(1)(a) GDPR – user consent
Art. 6(1)(f) GDPR – legitimate interest
§ 7(3) UWG – marketing to existing customers
5. Marketing to Existing Customers
If you purchase a course, we may use your email address to send you information about similar products.
Each message contains an unsubscribe link allowing you to opt out at any time.
6. Cookies
We use cookies for technical, analytical, and marketing purposes. Users may adjust cookie settings in their browser.
7. Analytics and Marketing Tools
Google Analytics / Ads / Tag Manager
Meta Pixel
LinkedIn Insight Tag
Microsoft Clarity
Mailchimp – email campaigns
Lemon Squeezy – payment processing
8. Data Recipients
Hosting and IT service providers
Payment operators
Analytics and marketing service providers
Email delivery providers
9. Hosting & Server Infrastructure
9.1 home.pl – domain and database hosting
The website and parts of the database, including stored consents and form data, are hosted by home.pl S.A., Szczecin, Poland.
home.pl processes personal data on our behalf in accordance with Art. 28 GDPR.
9.2 Vercel – course platform hosting
The course platform, including logins and user accounts, is hosted by Vercel Inc., Walnut, CA, USA.
Data may be transferred to the USA under Standard Contractual Clauses (SCC).
10. Transactional Email Services
10.1 Resend
For sending password reset emails, login confirmations and account activation messages, we use Resend Inc., USA.
Resend processes email addresses and technical delivery data under Art. 28 GDPR, based on SCC.
11. Data Retention
Data is stored for the duration of the contract, for marketing purposes (until consent is withdrawn), and according to legal requirements.
12. User Rights
Right of access
Right to rectification
Right to erasure
Right to restrict processing
Right to data portability
Right to object
Right to withdraw consent
13. Data Security
We use SSL encryption and appropriate organisational and technical safeguards.
14. Complaints
You may submit a complaint to the competent data protection authority in Germany (BfDI).
15. Minors
Our website and courses are not intended for individuals under 16 years of age.
16. Changes to This Policy
The current version of this Privacy Policy is always available on this page.