Personal data protection policy
If you are our customer, newsletter subscriber or website visitor, you entrust us with your personal data. We are responsible for their protection and security. Please familiarize yourself with the protection of personal data, principles and rights you have in connection with the GDPR (Regulation on the protection of personal data within the EU).
I. Who is the administrator of personal data
The administrator of personal data on the website www.mindflowcoaching.co is Veronika Monteith, company ID number 52 022 536, with registered office in Mýtna 2885/21 811 07 Bratislava – Staré Mesto, Slovak Republic. We process your personal data as an administrator, i.e. we determine how personal data will be processed and for what purpose, for how long, and we select any other processors who will help us with the processing.
II. Contact information
If you want to contact us during the processing, you can contact us at the e-mail address: email@example.com
We declare that, as the administrator of your personal data, we fulfill all legal obligations required by applicable legislation, especially the Personal Data Protection Act and the GDPR, and therefore:
We will process your personal data only on the basis of a valid legal reason, namely legitimate interest, fulfillment of a contract, legal obligation or granted consent.
Pursuant to Article 13 of the GDPR, we fulfill the information obligation even before the processing of personal data begins.
We will enable and support you in the application and fulfillment of your rights according to the Personal Data Protection Act and the GDPR.
IV. Scope of personal data and processing purposes
We process personal data that you entrust to us yourself for the following reasons (to fulfill these purposes):
Provision of services, fulfillment of the contract.
Your personal data in the scope of: e-mail, first name, last name, residential address, telephone number, in case of purchase as an entrepreneur or company also ID and VAT number, we absolutely need it to fulfill the contract (e.g. issuing an invoice, sending access to the application and member sections of the website, sending a link to an online meeting/consultation, sending an online course, sending e-publications, etc.).
If you are a customer, we absolutely need your personal data (invoicing data) to comply with the legal obligation to issue and register tax documents.
Marketing - sending informative e-mails
I use your personal data (e-mail, or name), gender, what you click on in the e-mail and when you most often open it for the purpose of direct marketing - sending business offers. If you are our customer, we act out of legitimate interest, because we reasonably assume that you are interested in our news, for a period of 7 years from the last order.
If you are not our customer, we only send you newsletters based on your consent, for a period of 5 years from the date of issue. You express your consent to us by confirming. This confirmation is a clear expression of your consent to the processing of your personal data in the scope of e-mail or name.
In both cases, you can withdraw this consent by using the unsubscribe link in each email sent.
Advanced Consent Marketing
Only on the basis of your consent can we also send you inspiring offers from third parties or use an e-mail address, e.g. for remarketing and advertising targeting on Meta platforms such as Facebook and Instagram, for a period of 5 years from the granting of consent. You can, of course, revoke it at any time via our contact details.
Photographic documentation, references
Only based on your consent, we can use your photos, videos or written references on our pages, until you withdraw your consent. You can revoke it at any time via our contact details.
We keep your personal data for the duration of the statute of limitations, unless the law stipulates a longer period for their retention or we have stated otherwise in specific cases.
Cookies for advertising targeting will only be processed based on your consent.
VI. Security and protection of personal data
We protect personal data to the maximum extent possible using modern technologies that correspond to the level of technical development. We protect them as if they were our own. We have adopted and maintain all possible (currently known) technical and organizational measures that prevent misuse, damage or destruction of your personal data, and thus:
Secure access to our computers (password protected).
Secure access to our phones (secured by password and fingerprint reader).
Secure access to our e-mail boxes (secured by username and password).
Secure access to e-mail distribution applications (secured by name and password).
Secured access to invoicing systems (secured by name and password).
Encrypted communication on our website (valid https certificate).
Secured access to member sections of the website (secured by username and password).
By regularly updating the software.
A securely locked establishment (secured by a lockable door).
Personal data will be processed in electronic form in an automated manner or in printed form in a non-automated manner.
VII. Provision of personal data to third parties
In order to ensure specific processing operations that we cannot ensure on our own, we use the services and applications of processors who know how to protect data even better than us and specialize in the given processing.
Personal data processors are or may be:
Wix, Tel Aviv, 40 Namal Tel-Aviv st., Israel
Meta Platforms Inc 1 Hacker Way Menlo Park, California 94025
Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA
Stripe, 354 Oyster Point Blvd, San Francisco, United States
Personal data that we process both as an administrator and as a processor can be made available exclusively to collaborators and processors who provide administrative and technical support for the operation of applications necessary for the operation of the website and supporting applications or participate in the running of our business (accountant).
Access to other subjects is allowed only for the purpose of fulfilling legal obligations.
We assure you that our colleagues who will process your personal data are obliged to maintain confidentiality about personal data and about security measures, the disclosure of which would endanger the security of your personal data.
This confidentiality continues even after the end of the contractual relationship with me. Without your consent, your personal data will not be released to any other third party.
It is possible that in the future we will decide to use other applications or processors to facilitate and improve processing. We promise you, however, that in such a case, when choosing, we will place on the processor at least the same demands for security and quality of processing as on ourselves and current collaborators.
We process data in the European Union or in countries outside the European Union that ensure an adequate level of protection based on the decision of the European Commission.
VIII. Your rights in connection with the protection of personal data
You have a number of rights in relation to the protection of personal data. If you would like to exercise any of these rights, please contact us via email: firstname.lastname@example.org.
You have the right to information, which is already fulfilled by this information page with the principles of personal data processing.
Thanks to the right of access, you can challenge us at any time and we will provide you with proof within 15 days of what personal data we process and why.
If something changes for you or if you consider your personal data to be out of date or incomplete, you have the right to supplement and change your personal data.
You can use the right to restrict processing if you believe that we are processing your inaccurate data, if you believe that we are processing illegally, but you do not want to delete all data, or if you have objected to the processing.
You can limit the scope of personal data or the purpose of processing (e.g. by unsubscribing from the newsletter, you limit the purpose of processing for sending business offers.)
Right to portability: If you would like to take your personal data and transfer it to someone else, we will proceed in the same way as when using the right of access - with the only difference that we will send the information to you in a machine-readable form. In this case, we need at least 20 days.
The right to erasure (to be forgotten): Your other right is the right to erasure (to be forgotten). We don't want to forget you, but if you wish, you have the right to do so. In this case, we will delete all your personal data from our system and from the system of all processors and backups. We need 10 days to ensure the right to erasure.
In some cases, we are bound by a legal obligation, and e.g. we must register issued tax documents after the deadline set by law. In this case, we will delete all such personal data that are not bound by another law. We will inform you by e-mail about the completion of the erasure.
COMPLAINT to the Office for Personal Data Protection:
If you feel that we are not handling your data in accordance with the law, you have the right to contact the Office for Personal Data Protection at any time with your complaint. We would appreciate it if you first inform us about this suspicion, so that we can do something about it and correct the possible error.
We will unsubscribe from sending newsletters and business offers, e-mails with inspiration, articles or products and services if you are our customer based on our legitimate interest.
If you are not yet a customer, we only send them to you based on your consent. In both cases, you can unsubscribe from our emails by clicking on the unsubscribe link in each email sent.
We would like to assure you that our employees and collaborators who will process your personal data are obliged to maintain confidentiality about personal data and about security measures, the disclosure of which would endanger the security of your personal data. This confidentiality also lasts after the end of the contractual relationship with us. Without your consent, your personal data will not be released to any other third party.
The personal data processing policy applies in this updated version from 8/8/2023.
In Bratislava on 8/8/2023
Business name: Veronika Monteith
© 2023 Veronika Monteith