top of page

Privacy Policy

Last updated: October 27, 2025
Data Controller: Monika Kotus
Address: Witów 49, 99-120 Piątek, Poland
Tax ID (NIP): 5070038909
Contact email: hello@monikakotus.com
Website: https://www.monikakotus.com

 


1. General provisions

  1. This Privacy Policy sets out the rules for processing personal data of Users who use the website monikakotus.com (“Website”) and services offered by the Controller, including workshops, events, newsletters, and consultations.

  2. Personal data is processed in accordance with: (a) Regulation (EU) 2016/679 (GDPR), (b) the Polish Personal Data Protection Act of May 10, 2018, (c) the Act on Providing Electronic Services of July 18, 2002.

  3. Using the Website means accepting this Privacy Policy.

2. Scope and purpose of data processing
The Controller may process the following categories of personal data:
Data provided voluntarily

  • first and last name,

  • email address,

  • phone number (if provided),

  • billing details (address, tax ID),

  • content of messages sent via the contact form,

  • data of workshop/training participants (name, surname, email).

Data collected automatically (logs/cookies)

  • IP address,

  • device identifier,

  • browser type and operating system,

  • date, time, and duration of visit,

  • pages visited,

  • referral source.

Payment-related data

  • payer's full name,

  • email address,

  • transaction number/payment identifier (e.g., BLIK),

  • bank account details provided by payment operators (only as required for settlement).

3. Purposes of data processing
Data is processed for the following purposes:

  1. provision of services (workshops/trainings/consultations) and handling orders,

  2. payment processing and accounting/tax settlements,

  3. communication and responding to inquiries (contact form, email),

  4. sending information about workshops, schedules, materials, and offers (newsletter – only with consent),

  5. statistics and analysis of Website performance (e.g., Google Analytics, Wix Analytics),

  6. ensuring security, preventing abuse, and pursuing claims.

4. Legal bases for processing

  • Art. 6(1)(a) GDPR – consent (e.g., newsletter, contact form inquiry),

  • Art. 6(1)(b) GDPR – performance of a contract or steps prior to entering into a contract (ticket purchase, workshop registration),

  • Art. 6(1)(c) GDPR – legal obligations (accounting, taxation),

  • Art. 6(1)(f) GDPR – legitimate interest of the Controller (analytics, own marketing, securing claims, security).

5. Data retention period

  • correspondence (form/email): up to 3 years after the end of contact,

  • customer/participant data and accounting documentation: for the period required by law (at least 5 years),

  • transaction data: for the period required by accounting/tax regulations,

  • analytics/statistical data: in anonymised form – indefinitely,

  • data processed on the basis of consent: until consent is withdrawn.

6. Data recipients (categories)
Data may be transferred to entities processing it on behalf of the Controller based on data processing agreements, in particular:

  • hosting and platform providers (Wix.com Ltd.),

  • payment operators (PayPro S.A. – Przelewy24, Fondy, Stripe – for payment processing),

  • communication and marketing tools providers (e.g., Google LLC, MailerLite),

  • accounting office (for accounting documentation),

  • public authorities – if required by law.

7. Data transfer outside the EEA
Due to services provided by Wix.com, Google LLC, and MailerLite, data may be transferred to third countries (e.g., the USA, Israel). Such transfers occur based on the European Commission’s adequacy decisions or standard contractual clauses ensuring an adequate level of protection.


8. Rights of data subjects
Users have the right to:

  • access their data and obtain a copy,

  • rectification of data,

  • erasure of data (“right to be forgotten”) – in situations specified in GDPR,

  • restriction of processing,

  • data portability,

  • object to processing based on Art. 6(1)(f) GDPR,

  • withdraw consent at any time (without affecting the lawfulness of processing before withdrawal).

To exercise your rights, contact: hello@monikakotus.com.
You also have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO).


9. Cookies and analytical tools

  1. The Website uses cookies for: ensuring proper functioning, security, traffic analysis (Google Analytics, Wix Analytics), and remembering User settings.

  2. The User may manage cookies in their browser settings and restrict or disable them at any time.

  3. Data collected via cookies is statistical in nature and does not directly identify the User.

10. Data security
The Controller applies technical and organisational measures adequate to the risk, including: SSL certificate, server security, limited access to data, regular software updates, and backups.


11. External links
The Website may contain links to external websites (e.g., social media, payment operators). The Controller is not responsible for their privacy policies – Users are encouraged to review those policies.


12. Changes to the Privacy Policy
The Controller reserves the right to update the Policy in case of legal or functional changes. The new version will be published on the Website with an updated date.


13. Contact
For matters related to personal data, contact:
Email: hello@monikakotus.com
Mailing address: Witów 49, 99-120 Piątek, Poland
 

bottom of page