PRIVACY POLICY

If you are our customer, newsletter subscriber, or website visitor, you entrust us with your personal data. I am responsible for their protection and security. Please familiarize yourself with the protection of personal data, the principles, and your rights related to GDPR (General Data Protection Regulation).

Who is the Data Controller?

We are Sea Wolf Lda (represented by Monika Dvořáková – managing director/owner), company ID PT517225166, with registered office at Impasse da Fazenda 7, 9370-253 Estreito da Calheta, and we operate the websites www.monika-dvorak.cz/to-madeira
We process your personal data as the controller, meaning we determine how personal data will be processed, for what purpose, for how long, and we select any processors who assist us with processing.

Contact Details
If you wish to contact us during processing, you can reach us at phone numbers +351939557534 or via email: madeira@monika-dvorak.cz and monika@madeiradream.cz.

Statement
We declare that as the controller of your personal data, we comply with all legal obligations required by applicable legislation, especially the Personal Data Protection Act and GDPR, meaning that:

we will process your personal data only based on a valid legal basis, mainly legitimate interest, contract fulfillment, legal obligation, or given consent, we fulfill the information obligation under Article 13 of GDPR before starting data processing, we will enable and support you in exercising and fulfilling your rights under the Personal Data Protection Act and GDPR.

Scope of Personal Data and Purposes of Processing
We process personal data that you provide to us yourself, for the following reasons (to fulfill these purposes):

Provision of services, contract fulfillment: We need your personal data, specifically your email, to fulfill the contract (e.g., sending access to the application, sending online courses, delivery of goods).

Accounting: If you are a customer, your personal data (billing details) are necessary to comply with the legal obligation for issuing and recording tax documents.

Marketing – sending newsletters: We use your personal data (email and name), gender, your clicks in the email, and when you most frequently open them for the purpose of direct marketing – sending our commercial communications. If you are our customer, we do so on the basis of legitimate interest, as we reasonably assume you are interested in our news, for up to 5 years from the last order. If you are not a customer, we send newsletters only based on your consent, for up to 5 years from the date of consent. In both cases, you can withdraw this consent by using the unsubscribe link in every email sent.

Advanced marketing based on consent: Only based on your consent can we also send you inspiring offers from third parties or use your email address, for example, for remarketing and targeted advertising on Facebook, for up to 5 years from the date of consent. You can revoke this consent at any time via our contact details.

Photographic documentation – live events, e.g., from online workshops
We retain your personal data for the duration of the statute of limitations unless the law requires a longer retention period or we have specified otherwise in specific cases.

Cookies
When you browse our websites, we record your IP address, how long you stay on the page, and from which site you come. We consider the use of cookies for measuring website traffic and customizing website display as our legitimate interest as a controller, as we believe this allows us to offer you better services. Cookies for advertising targeting are processed only based on your consent. Our websites can also be browsed in a mode that does not allow the collection of personal data. You can disable cookies on your computer.

Security and Protection of Personal Data
We protect personal data to the maximum extent possible using modern technologies appropriate to the current level of technical development. We protect them as if they were our own.
We have implemented and maintain all possible (currently known) technical and organizational measures to prevent misuse, damage, or destruction of your personal data.

Disclosure of Personal Data to Third Parties
Your personal data is accessible to our employees and collaborators. For specific processing operations that we cannot perform ourselves, we use the services and applications of processors who can protect data even better than we can and specialize in the given processing. These include providers of the following platforms: SmartSelling a.s. (SmartEmailing, MioWeb, Proaffil), SimpleShop and Stripe (payment gateway providers), Facebook, Google, LG contabilidade (accounting firm).

We may decide in the future to use other applications or processors to facilitate and improve processing. However, we promise that in such cases we will impose at least the same requirements on the security and quality of processing on the processors as on ourselves.

Transfer of Data Outside the European Union
We process data exclusively within the European Union or in countries that ensure an adequate level of protection based on decisions by the European Commission.

Your Rights Regarding Personal Data Protection
You have several rights in connection with personal data protection. If you wish to exercise any of these rights, please contact us via email: madeira@monika-dvorak.cz.
You have the right to information, which is fulfilled by this information page with processing principles.
Thanks to the right of access, you can request at any time and we will provide, within 14 days, what personal data we process about you and why.
If anything changes or you find your personal data outdated or incomplete, you have the right to supplement or change personal data.
You can exercise the right to restrict processing if you believe we are processing inaccurate data, if you think processing is unlawful but you do not want all data deleted, or if you objected to processing. You can restrict the scope of personal data or the purposes of processing (e.g., unsubscribing from the newsletter restricts the purpose of processing for sending commercial communications).

Right to Data Portability
If you want to take your personal data and transfer it to someone else, we will proceed as with the right of access – the only difference is that we will provide/send you the information in a machine-readable format. This requires at least 21 days.

Right to Erasure
You also have the right to erasure (to be forgotten). We do not want to forget you, but if you wish, you have that right. In such case, we will delete all your personal data from our system and from the systems of all subcontractors and backups. To ensure the right to erasure, we need 120 days. In some cases, we are bound by legal obligations, e.g., we must keep issued tax documents for a period prescribed by law. In such cases, we delete all personal data not bound by other laws. We will inform you about the completion of erasure by email.

Complaint to the Personal Data Protection Office
If you feel that we are not handling your data according to the law, you have the right to file a complaint at the Personal Data Protection Office at any time. We would appreciate if you inform us first about this suspicion so that we can take action and correct any shortcomings.

Unsubscribing from Newsletters and Commercial Communications
We send emails with inspiration, articles, products, and services to you if you are our customer based on our legitimate interest. If you are not yet a customer, we send them only based on your consent. In both cases, you can unsubscribe from our emails by clicking the unsubscribe link in every email sent.

Confidentiality
We assure you that our employees and collaborators processing your personal data are obliged to maintain confidentiality about personal data and security measures whose disclosure would jeopardize the security of your personal data. This confidentiality obligation continues even after termination of contractual relations with us. Without your consent, your personal data will not be disclosed to any other third party.
These personal data processing principles are effective as of May 1, 2025.