Privacy Policy

PERSONAL DATA PROTECTION POLICY

This Personal Data Protection Policy explains how we collect, use and protect your personal data when you use our services, participate in our programs or visit the website https://ivanvotipka.com (“Website”).

We collect, store and process personal data so that we can deliver high-quality services to our clients and customers and further develop our activities. When processing and storing your personal data, we act exclusively in accordance with this Policy and with applicable data protection legislation, in particular:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation – “GDPR”), where applicable for users in the European Union, and
  • applicable data protection and privacy laws of the United Arab Emirates.

This Policy fulfils our information obligations towards clients, subscribers and visitors to the Website as defined, where applicable, in Article 13 GDPR.

Basic definitions

Controller:
Ivan Votipka
Registered office: Business Centre, Sharjah Publishing City Free Zone, Sharjah, United Arab Emirates
Email: info@ivanvotipka.com

Personal data

“Personal data” means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

How do we obtain your personal data?

We obtain personal data mainly in the following ways:

  • Directly from you – for example when you purchase a course, create an account, subscribe to our newsletter, download free materials, participate in our programs or contact us.
  • Automatically – when you visit and use our Website (technical and usage data collected through cookies and similar technologies).

Technical data may be obtained when you visit the Website, as described below in the section “Technical data and data on visits to the Website”.

If you refuse to provide personal data that is necessary for the performance of a contract or for compliance with our legal obligations, we may not be able to conclude the contract or provide the requested service.

What personal data do we gather?

We may collect and process, in particular, the following categories of personal data:

  • Identification data – name, surname, username.
  • Contact details – email address, telephone number, billing address (if required for invoicing).
  • Payment and transaction data – payment method, partial payment details (processed via secure payment providers), history of orders, payments and receivables.
  • Technical and usage data – IP address, device information, browser type and version, time zone setting, operating system, information about your visits and use of the Website (pages viewed, clicks, time spent, referral source).
  • Profile data – your course history, interests, preferences, feedback and communication history with us.
  • Marketing data – your preferences regarding receiving marketing communication and preferred communication channels.

In limited cases, we may process special categories of personal data (for example information about your health relevant to language-learning needs) only if you provide such data voluntarily and only to the extent necessary to perform the contract and provide the requested service. We do not systematically request such data.

Reasons for personal data processing

The principal reason why we process your personal data is to be able to provide you with the services you have shown interest in, to inform you about our activities and to ensure and constantly increase the security and quality of our services.

Purposes and legal basis for personal data processing

Personal data processing

a) Processing without consent

We may process your personal data without your explicit consent where such processing is lawful under GDPR or other applicable law, in particular when:

  • Processing is necessary for the performance of a contract or pre-contractual steps – for example:
    • processing and confirming your orders,
    • providing access to online courses and content,
    • handling customer support requests and complaints,
    • communicating with you about the provision of services.
  • Processing is necessary for compliance with legal obligations – for example:
    • compliance with accounting, tax and other statutory record-keeping obligations.
  • Processing is necessary for our legitimate interests, such as:
    • our interest in informing you about our services and providing you with relevant content,
    • our interest in enabling effective communication with you when you contact us,
    • our interest in improving the quality, security and functionality of our Website and services,
    • our interest in promoting our activities and business,
    • our interest in protecting and enforcing our rights – for example preventing fraudulent behaviour, breaches of our contractual terms and conditions, collecting potential claims and protecting our legal rights.
b) Processing with consent

If processing does not fall under the purposes described above, we will process your personal data only on the basis of your explicit consent, which we will request from you.

You will always be informed when consent is required and you will have the option to grant or refuse such consent freely. Granting of consent is always voluntary and you are entitled to partly or fully withdraw it at any time with effect for the future. We will not carry out such processing without your consent.

We may request your consent in particular for the processing of special categories of personal data (beyond processing required or allowed by law).

Direct marketing

If you are our customer or if you have subscribed to our newsletter, we may use your identification and contact details to assess what is relevant for you and what you are interested in. On the basis of our legitimate interest, we may send you, via e-mail, offers regarding our services or our social events that we participate in, or information that you have requested from us. You may cancel the sending of electronic communication at any time.

Your identification and contact details may also be used for these purposes if you independently subscribe to our newsletter.

YOU MAY RAISE AN OBJECTION AGAINST PROCESSING FOR DIRECT MARKETING PURPOSES AT ANY TIME AND YOUR PERSONAL DATA WILL NO LONGER BE PROCESSED FOR THIS PURPOSE.

How long do we store your personal data?

We store your personal data only for as long as necessary for the purposes for which it was collected, in particular:

  • for the duration of the contractual relationship and for the period required by applicable accounting and tax laws,
  • for as long as our legitimate interests apply (for example the limitation period for legal claims),
  • for marketing purposes until you unsubscribe or object to processing,
  • for data processed on the basis of consent, until the consent is withdrawn or the purpose ceases to exist.

Technical data and data on visits to the Website

The Website uses the Google Analytics service provided by Google LLC to analyse visits to our Website and to improve our content. Google Analytics automatically collects anonymous information about visits to this website by means of cookies.

The Website may contain links to various other websites, particularly social networks such as Facebook, Instagram, YouTube, LinkedIn or TikTok. These links are not part of our Website but of websites of third parties that may use cookies tracking your activities on the Internet. Third party cookies are subject to personal data protection policies of such third parties. You can block cookies in the settings of your internet browser.

Our Website also contains technical cookies that are requisite for its functioning.

International transfers of personal data

We are based in the United Arab Emirates and use service providers that may process personal data in countries outside the European Union and the European Economic Area (EEA), in particular in the UAE and the United States (for example website hosting, email marketing platforms, payment processors, analytics and advertising tools).

Where required by GDPR, we ensure that such transfers are subject to appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or other legally recognised mechanisms that ensure an adequate level of protection of personal data.

Personal data security

Personal data is stored on secure servers in IT systems. We have adopted appropriate technical and organisational measures against personal data loss and destruction, against access of unauthorized persons to the data, its alteration and dissemination. We handle your personal data securely and discreetly and we are bound by a duty of confidentiality.

Personal data recipients

We do not sell your personal data. We may share personal data only with trusted service providers (processors) who process data on our behalf and according to our documented instructions, such as:

  • website and course platform providers,
  • email marketing and automation platforms,
  • payment service providers (e.g. card payment processors),
  • IT support and hosting providers,
  • analytics and advertising service providers (e.g. Google, Meta).

These recipients are bound by contractual obligations to protect personal data and to use it only for the agreed purposes and in accordance with applicable law.

Rights of data subjects

When collecting, processing and storing your personal information, we ensure, to the full extent, the protection of your rights as stipulated by relevant legal regulations. In connection with personal data processing, you are entitled in particular to:

  • Right of access – to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of such data and related information.
  • Right to rectification – to request correction of inaccurate or incomplete personal data concerning you.
  • Right to erasure (“right to be forgotten”) – to request deletion of your personal data, especially if it is no longer necessary for the purposes for which it was collected or if you withdraw consent and there is no other legal ground for processing.
  • Right to restriction of processing – to request that we restrict processing of your personal data in certain cases (for example where you contest the accuracy of the data or object to processing).
  • Right to data portability – to receive personal data that you have provided to us in a structured, commonly used and machine-readable format and to transmit those data to another controller, where technically feasible.
  • Right to object – to object at any time to processing based on our legitimate interests, including profiling, especially to processing for direct marketing purposes.
  • Right to withdraw consent – where processing is based on your consent, you may withdraw your consent at any time with effect for the future.

To exercise any of these rights, please contact us at info@ivanvotipka.com. We may need to verify your identity before fulfilling your request.

Complaints

If you believe that your personal data has been processed in violation of applicable data protection law, you have the right to lodge a complaint:

  • with us directly at info@ivanvotipka.com, and/or
  • if you are located in the European Union, with the data protection authority in your EU Member State of residence or work, or in the place of the alleged infringement.

Effect and updating

We review and revise our processing and personal data protection processes regularly and, as a result, we may update this Personal Data Protection Policy from time to time. Should such an update include substantial changes, we shall inform you thereof. The current version of this Policy will always be available on our Website.

Business Centre, Sharjah Publishing City Free Zone, Sharjah, United Arab Emirates