Privacy Policy

Effective Date 10-Mar-2024

Last Updated On 17-Oct-2024

Introduction

This Privacy Policy describes the policies of Mina Lukic Web Design, Franz-Ehrlich-Str. 12, Berlin 12489, Germany, email: hello@designorina.com (hereafter also referred to as “we”), on the types of your personal data (hereafter also referred to briefly as “data”) that we process, the purposes for which we process it, and the extent of the processing. This privacy policy applies to all personal data processing carried out by us, both in the context of providing our services and specifically on our website (https://designorina.com/) and within external online presences, such as our social media profiles (hereafter collectively referred to as “Online Services”).

What data do we collect?

We will collect and process the following personal information about you:

  • Name
  • Email address
  • Mobile phone
  • Address
  • Company Name
  • Payment Details
  • Social Media Profile
  • Other data, such as information collected via cookies and IP address (network identifier), include the type of web browser, the device and operating system, duration, and number of accesses to the website and corresponding information.

How do we collect your data?

You directly provide us with most of the data we collect. We collect data and process data when you:

  • Fill out the contact form or otherwise submit personal information;
  • Place an order for any of our products or services. Some payment details can be collected during the processing of purchases. You can read more about payment procedure in the Payment Procedure section of the Policy;
  • Subscribe to our newsletter;
  • Voluntarily complete a customer survey or provide feedback on any of our message boards or via email;
  • Use, interact with, or view our website via your browser’s cookies. Some personal data can be collected and saved via cookies during visits to the website. You can read more about cookies in the Cookie Policy section of the Policy;
  • From public sources;
  • We might collect and process additional data you give us to enter a contest, giveaway, or survey. You will be prompted for this information, and it will be clear that you are offering this kind of information in exchange for an entry into such a contest or giveaway.

How will we use your data?

We use your data to offer our services, including access to our website, fulfill our promises to you, improve your experience with us, and suggest other products or services you might like. Sometimes, we might share your data with third parties who help us with these tasks for processing purposes. When we handle your data directly, it allows us to serve you better and run our business smoothly.

We collect your data so that we can:

  • Process your order(s), payment(s) & refund(s) and create and manage your account;
  • Communicate with you and provide support;
  • Include your review/comment/feedback in our testimonials section or for customer feedback collection purposes;
  • Perform marketing/promotion and targeted advertising activities;
  • Interact with you via social media;
  • Send you a newsletter or other updates about my company or website;
  • Organise contests or giveaways;
  • Gather and use anonymous statistical data for either our purposes or those of a third party;
  • Enforce Terms and Conditions and protect our website;

We are entitled to use your email address without your explicit consent to send commercial communications regarding our services that are similar to those we provide. You can refuse to receive these commercial communications at any time (by replying to an email from us, letting us know you are opting out, or by clicking on changing preferences or unsubscribe on the bottom of the email) . After you have consented via confirmation on the website, we can process your data insert while ordering services or contacting us to send the commercial communications and direct marketing, eventually for additional reasons to which you have explicitly consented.

Suppose we process personal data collected via cookies. In that case, we do so based on your consent (which you give us in the applicable Settings of your Internet browser), based on our legitimate interest, or for the performance of the contract. We use data collected via cookies for user support, improving our services, and analyzing user behavior and marketing. Read more about our cookie policy in the Cookie Policy section of the Privacy Policy.

We will ask you for consent if we want to use your information for any other purpose. We will use your information only upon receiving your permission and only for the purpose(s) we grant consent unless we are required to do otherwise by law.

We may modify this Privacy Policy at any time without prior notice and will post the revised Privacy Policy on the Service. The revised Policy will be effective 180 days from when the revised Policy is posted in the Service, and your continued access to or use of the Service after such time will constitute your acceptance of the revised Privacy Policy. We therefore recommend that you periodically review this page.

Retention of your personal data

We will retain your personal information with us for 90 days to 2 years after users terminate their accounts or for as long as we need it to fulfill the purposes for which it was collected, as detailed in this Privacy Policy. We may need to retain certain information for more extended periods, such as record-keeping / reporting in accordance with applicable law, or for other legitimate reasons, such as enforcement of legal rights, fraud prevention, etc. Residual anonymous information and aggregate information, neither of which identifies you (directly or indirectly), may be stored indefinitely.

What are your data protection rights?

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

  • The right to access – You have the right to request copies of your personal data from us. We may charge you a small fee for this Service.
  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to ask us to complete the information you think is incomplete.
  • The right to erasure – You have the right to request that we erase your personal data under certain conditions.
  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data under certain conditions.
  • The right to object to processing – You have the right to object to our processing of your personal data under certain conditions.
  • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization or directly to you under certain conditions.
  • If you make a request, we have one month to respond. If you would like to exercise any of these rights, please contact us at our email: hello@designorina.com

Relevant Legal Basis

Relevant legal bases under the GDPR: The following is an overview of the GDPR’s legal basis for processing personal data. Please keep in mind that, in addition to the GDPR standards, your country of residence or seat may have its data privacy laws. We will notify you in the privacy statement if more particular legal bases are appropriate in individual circumstances.

In accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), we process personal data based on the following legal grounds: Consent (Art. 6 (1) (a) GDPR) for processing operations for which we obtain consent for a specific processing purpose; Contract performance and pre-contractual inquiries (Art. 6 (1) (b) GDPR) where processing is necessary for the performance of a contract or for carrying out pre-contractual measures; Legal obligations (Art. 6 (1) (c) GDPR) if processing is necessary for compliance with a legal obligation to which we are subject; and Legitimate interests (Art. 6 (1) (f) GDPR) where processing is necessary for the purposes of our legitimate interests or those of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Additionally, the BDSG provides specific national regulations for data protection in Germany, including but not limited to the processing of special categories of personal data, rights to information, and rights to objection.

Data Protection Officer

Suppose you have any queries or concerns about the processing of your information that is available with us. In that case, you may email our Data Protection Officer at Mina Lukic Web Design, Franz-Ehrlich-Str. 12, email: hello@designorina.com. We will address your concerns in accordance with applicable law.

International Data Transfers

In alignment with the General Data Protection Regulation (GDPR), our commitment to protecting your personal data extends beyond the borders of the European Union (EU) and the European Economic Area (EEA). This includes the transfer of personal data to countries outside of the EU/EEA, notably to service providers in the United States or other jurisdictions not deemed by the European Commission to have an adequate level of data protection. To safeguard your personal information in these instances, we employ stringent security measures such as Standard Contractual Clauses (SCCs) approved by the European Commission or rely on the European Commission’s adequacy decisions where applicable. These precautions are taken to ensure that your data is handled with a degree of protection consistent with the standards set by the GDPR. We may disclose your personal information to fulfill legal obligations, enforce our agreements, or address claims related to the use of our services. In cases of corporate restructuring, such as mergers or acquisitions, we ensure the secure and compliant transfer of your information to the new entity, upholding the principles outlined in this policy and under GDPR guidelines.

Security

The security of your information is important to us, and we will use reasonable security measures to prevent the loss, misuse, or unauthorized alteration of your information, which is under our control. However, given the inherent risks, we cannot guarantee absolute security, and consequently, we cannot ensure or warrant the security of any information you transmit to us. You do so at your own risk.

Data Breach Notification

In accordance with the General Data Protection Regulation (GDPR), we are committed to protecting your data and ensuring the confidentiality, integrity, and availability of your personal information. In the unlikely event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the appropriate supervisory authority within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to your rights and freedoms. We will also communicate any such data breach to the affected data subjects without undue delay, particularly if the breach could result in a high risk to your privacy or personal data. Our notification will include information about what happened, the data involved, the potential impact on you, and our actions to address the breach and mitigate its possible adverse effects. We have established comprehensive procedures to handle data breaches effectively, including measures to minimize the risk of future occurrences. This commitment ensures that our practices are in full compliance with GDPR requirements, emphasizing our dedication to data security and the protection of your privacy.

Payment Procedure

Our website uses WooCommerce to facilitate e-commerce activities, including processing purchase payments. For secure payment processing, we have integrated PayPal and Stripe, reputable payment service providers. When you make a payment, your payment data is processed directly by either PayPal or Stripe, depending on your choice of payment method. We do not store or have access to your complete credit card information. For more information on how PayPal and Stripe handle your personal data, please refer to their respective privacy policies.

Third-Party Links & Use Of Your Information

Our website may contain links to other websites that we do not operate. This Privacy Policy does not address the privacy policy and other practices of any third parties, including any third party operating any website or Service that may be accessible via a link on the Service. We strongly advise you to review every site’s privacy policy. We have no control over and assume no responsibility for any third-party sites or services’ content, privacy policies, or practices.

Third-Party Data Sharing and International Transfers

Scope and Purpose of Data Sharing

Our website employs various third-party services to enhance user experience, improve website functionality, and deliver targeted content. These services include but are not limited to Google Analytics for traffic analysis and Google Fonts for font rendering. The processing of personal data by these third parties is necessary for the purposes mentioned above and is carried out under our instruction and in line with our privacy standards.

Future Third-Party Engagements

We recognize the dynamic nature of our digital services and the possibility of engaging with additional third-party service providers in the future. Some of these providers may not be identified at the time this policy is written. We commit to a rigorous vetting process for all third parties regarding their data protection practices ensuring they align with GDPR principles and offer safeguards equivalent to those set by our privacy policy.

User Consent and Rights

By using our services, you consent to the sharing of your personal data with third parties as outlined in this policy. We provide mechanisms for you to withdraw consent at any time. You also have the right to be informed of any new third-party engagements that might affect the processing of your data and to object to or restrict such processing.

Transparency and Updates

We pledge to maintain transparency regarding our use of third-party services and to update this policy to reflect any new engagements or changes in data processing activities. We will make reasonable efforts to notify you of significant updates, especially those involving new third-party data processors.

Limitation of Liability

While we ensure that third-party service providers comply with high data protection standards, we cannot control all aspects of their data processing practices. We shall not be liable for any breach of data protection laws by these third parties, provided we have selected them with due diligence and have imposed data protection obligations on them consistent with GDPR.

Contact and Complaints

Should you have any questions about third-party data processing or wish to exercise your rights regarding your personal data, please contact us at [Contact Information]. We also provide you with the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.

Additional Information on Data Processing

Google Analytics GA4

We use Google Analytics GA4, a web analytics service provided by Google, Inc. (“Google”), to collect, monitor, and analyze web traffic and to track behavior on our website. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page.

Google Fonts

We incorporate the fonts (“Google Fonts”) provided by Google for the uniform display of fonts. When you access a page, your browser loads the required fonts directly from Google to display them correctly on your device. This request makes your IP address visible to Google, which could be used in accordance with their data privacy policy.

Data Collection and Hosting Services

Our website is hosted on WP Engine, a platform providing web hosting and management services. WP Engine collects and stores logs that include data such as IP addresses and access times when users visit our site. This information is used for operational and security purposes, ensuring the integrity and availability of our website. For more detailed information on WP Engine’s data handling practices, please refer to their privacy policy.

Newsletter Subscription – Mailpoet

Subscription to Our Newsletters

On our website, users are given the opportunity to subscribe to our newsletter through an online form managed by Mailpoet, a newsletter subscription service. Mailpoet collects personal data, such as email addresses, which are used to send newsletters to subscribers who have expressly consented to receive them.

Double Opt-In and Logging

The subscription to our newsletter requires a double opt-in procedure: after subscription, you will receive an email asking you to confirm your subscription. This confirmation is necessary to prevent anyone from subscribing to email addresses that do not belong to them. Subscriptions to the newsletter are logged to prove the subscription process according to legal requirements. This includes the storage of the subscription and confirmation time, as well as the IP address.

Statistical Surveys and Analyses

The newsletters contain a so-called “web beacon,” a pixel-sized file that is retrieved from the Mailpoet server when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, are initially collected. This information is used for the technical improvement of services based on technical data or target audiences and their reading behavior, as well as their retrieval locations (which can be determined with the help of the IP address) or access times.

Data Protection Measures

We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy. We have entered into a data processing agreement with Mailpoet, in which we require Mailpoet to protect our customers’ data and not to disclose it to third parties.

Right to Withdraw

You can unsubscribe from our newsletter at any time, i.e., revoke your consent. A link to unsubscribe from the newsletter can be found at the end of each newsletter. If users have only subscribed to the newsletter and have unsubscribed from it, their personal data will be deleted.

Effective Date: 17-Oct-2024
Last Updated: 17-Oct-2024

 

What are cookies?

 

How do we use cookies?

 

Types of cookies we use:

 

Manage cookie preferences:

Cookie Settings

You can change your cookie preferences any time by clicking the above button. This will let you revisit the cookie consent banner and change your preferences or withdraw your consent right away.

In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. Listed below are the links to the support documents on how to manage and delete cookies from the major web browsers.

Chrome: https://support.google.com/accounts/answer/32050

Safari: https://support.apple.com/en-in/guide/safari/sfri11471/mac

Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox?redirectslug=delete-cookies-remove-info-websites-stored&redirectlocale=en-US

Internet Explorer: https://support.microsoft.com/en-us/topic/how-to-delete-cookie-files-in-internet-explorer-bca9446f-d873-78de-77ba-d42645fa52fc

If you are using any other web browser, please visit your browser’s official support documents.