Privacy Policy

1. What Data We Collect

¹ GDPR — General Data Protection Regulation (Regulation (EU) 2016/679).

2. How We Collect Data

• When filling in forms — registration, orders, feedback.
• Automatically — through cookies and similar technologies.
• From third-party services — payment providers, social networks (with user permission).

3. How We Use Your Data

• provision and personalisation of services;
• processing payments and invoicing;
• website analytics and UX improvement;
• marketing communications (only with consent);
• security and fraud prevention;
• compliance with legal requirements.

4. Cookies and Trackers

^* Set only after explicit consent requested via a banner on the first visit.

5. Sharing Data with Third Parties

We never sell personal data.

6. Storage and Security

• Data is retained only as long as necessary for processing purposes or as required by law.
• We use encryption: TLS in transit, AES-256 at rest.
• Two-factor access to the admin panel, regular audits and penetration tests.

7. User Rights (GDPR)

• access to a copy of your data;
• rectification of inaccuracies;
• erasure ("right to be forgotten");
• restriction of processing;
• data portability;
• withdrawal of consent at any time;
• objection to profiling and direct marketing.

To exercise any of these rights, please use the feedback form on the website. A response will be provided within 30 days.

8. Children's Policy

The website is not intended for persons under the age of 16 (or such other age as may be required by local law). We do not knowingly process children's data.

9. International Data Transfers

When transferring data outside the EEA, the following mechanisms apply:

• European Commission adequacy decision;
• Standard Contractual Clauses (SCC);
• Binding Corporate Rules (BCR).

10. Policy Updates

This policy may be updated. The current version is always available on this page; we will notify you of any material changes via a notice on the website or by other appropriate means. Date of last update: .