This Policy applies as between you, the User of this Web Site and the owner and provider of this Web Site.

This Privacy Policy describes how Apricot Philosophy (“we,” “us,” or “our”) collects, uses, processes, and protects the personal information of users (“you” or “your”) when you visit apricotphilosophy.com or interact with our services, it applies to our use of any and all Data collected by us in relation to your use of the Web Site and any Services or Systems therein.

1. Entity information – the Data Controller
Who is the Administrator of personal data?
The administrator of data is Apricot Philosophy (referred to as “we”, “us”, or “our”), represented by Oliwia Walewska and Weronika Dorocka.
Contact Email: helloapricotphilosophy@gmail.com

2. Information We Collect

We collect the following types of personal information:
Contact Information: Name, surname, email address, address, phone number (if provided voluntarily).
Usage Information: Information about how you use our website, including IP address, browser type, device type, and interactions with the site.
Cookies and Tracking Technologies: We use cookies and similar tracking technologies to enhance your experience on our website and to:
To provide and improve our services, personalize your experience, and communicate with you.
To analyze website usage and trends, and to enhance our marketing strategies.
To fulfill orders, process payments, and manage product shipments.

3. Inquiries regarding privacy and your rights
If you have inquiries concerning the handling or safeguarding of your data, or if you intend to assert your rights as per the prevailing laws, kindly reach out to us using the aforementioned contact information.

4. Sharing personal data
Personal data is shared with entities in compliance with appropriate agreements acting as data processors on behalf of the Administrator. These entities solely process data in accordance with our instructions, ensuring the confidentiality and security of the information. We retain the right to supervise the processing of the data we entrust to them.
In other cases, personal data may be disclosed to authorized entities only on the basis of legal provisions.
We may share your information with:
Service Providers: Affiliates, third-party services, and partners necessary to facilitate our operations (e.g., hosting providers, shipping companies).
Legal Compliance: When required to comply with applicable laws, regulations, legal processes, or government requests.

5. Data Security

We implement security measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

6. Purchase Orders
When you engage our services, we handle your data to finalize and carry out the contract. The legal grounds for this are Art. 6 para. 1 lit. b) GDPR (pertaining to contractual obligations) and Art. 6 para. 1 lit. f) GDPR (related to fraud prevention). Data is erased once legal obligations are met or when it’s no longer required.

7. Payment transactions.provider
The responsible party for data protection concerning all payment options we offer is the respective provider. When data is transferred to the payment provider to fulfill a contract (such as name, address, purchase price), it is based on Art. 6 para. 1 lit. b) GDPR. This transfer allows the payment provider to possess the necessary data for executing the payment transaction and choosing payment methods. If the payment service provider forwards your data to us, we use it to fulfill our contractual relationship with you. Thus, the legal basis for this is also Art. 6 para. 1 lit. b) GDPR.

8. Customer account creation and registration
When you create a customer account on our website, we use the information you provide to establish and oversee the customer account, enabling you to access the services associated with it. Alongside the details submitted during the account setup, we may also process additional account-related information, such as your order history. The lawful basis for handling your data in this manner is Article 6, paragraph 1, clause b of the General Data Protection Regulation (GDPR).

Upon registering, we will send an email to the address you provided, requesting confirmation of your registration. This measure is in place to safeguard both your interests and ours by preventing unauthorized individuals from opening a customer account using your email address. The legal basis for this action is found in Article 6, paragraph 1, clause f of the GDPR.

Information connected to the customer account will be retained until the deletion of said account. Should there be a legal obligation necessitating data retention for an extended period (e.g., meeting accounting requirements or providing legal evidence) or if there is a legitimate entitlement to store the data for an extended duration (e.g., during an ongoing legal dispute involving the owner of a customer account), the data will be deleted following the expiration of the obligation or entitlement to store it.

9. Email communication and newsletter
Upon registering for our email newsletter, we handle the information you’ve provided for the creation and distribution of our newsletter. The legal grounds for this processing align with your consent as per Article 6, paragraph 1, clause a of the General Data Protection Regulation (GDPR). You retain the right to withdraw your consent at any time, affecting future processing activities. However, the withdrawal does not impact the lawfulness of processing based on consent before its revocation.

Confirmation of your newsletter registration requires clicking the verification link in the email sent to you post-registration. When you click this link, we process the date, time of the click, message content sent to you, and the used email address. This process serves the purpose of substantiating your subscription to the newsletter and confirming your consent. The legal foundation for this processing adheres to Article 6, paragraph 1, clause c of the GDPR, as it is a legal requirement for us to demonstrate your given consent.

Your personal data related to the newsletter subscription is deleted upon your unsubscription. Furthermore, we erase data necessary for demonstrating your newsletter subscription after the expiration of the period during which evidence provision is obligatory

10. Contact through form
When you use our contact form, the data you provide is used by us to address and process your inquiry. The legal grounds for this are based on our legitimate interest in managing your request, as stated in Article 6, paragraph 1, clause f of the General Data Protection Regulation (GDPR). Should your inquiry pertain to forming a contract with us, the additional legal basis for processing aligns with Article 6, paragraph 1, clause b of the GDPR.

Upon resolution of your request, we will delete your data, unless there exists a legal obligation mandating its retention for an extended period. In such instances, deletion will occur upon the expiration of the corresponding obligation.

11. Online events and meeting through Zoom platform
We utilize Zoom for conducting online events and webinars. The service provider, Zoom Video Communications, Inc., is responsible for this product. For information regarding Zoom’s privacy policies and business address, please visit https://zoom.us/de-de/privacy.html.

Kindly note that our privacy notice pertains solely to the use of the Zoom service and does not extend to the zoom.us website. Participation in an online meeting does not necessitate visiting the website unless you opt to download the Zoom software for enhanced functionality during the meeting. However, it’s important to note that downloading the software is not mandatory for participating in our online meetings.

a. Personal Data Processing:
We process personal data that you directly provide before an online meeting, such as during webinar registration. Additionally, data provided during your participation in an online meeting is processed. The following personal data is subject to processing:
– Personal details: Name (not necessarily real but helps in identification), and optionally, telephone number, email address, and profile picture in a Zoom account.
– Audio or video data: If microphone or video camera activation occurs during the meeting. Activation is optional.
– Metadata: Meeting topic, optional description, participant IP addresses, device/hardware details.
– Recordings: MP4 files of video, audio, presentations, M4A files of audio, and text files of the meeting chat.
– Telephone participation: Phone number, country name, start and end time, and, if necessary, further connection data.
– Text, audio, and video data: Entries in chat, questions, or survey functions during the meeting.

b. Required Data:
When registering, providing your name and possibly an email address is mandatory for access. Additionally, Zoom collects technical data about devices, networks, and internet connections, including IP address, device type, operating system, client version, camera, microphone, and connection type.

c. Purpose of Processing:
Zoom is used for conducting online meetings. Recordings may occur with prior notice and may be made available to the public later. Chat and related content are used for their respective purposes. Reports of online meetings may be stored by Zoom for up to one month if you have a Zoom user account.

d. Legal Basis for Processing:
The legal basis for processing personal data during an online meeting under a contract is Art. 6 para. 1 lit. b) GDPR. If no contract exists, the basis is Art. 6 para. 1 lit. f) GDPR, based on our legitimate interest in conducting effective online meetings.

e. Transfer of Personal Data:
Data is only shared as necessary for online meeting execution. Additionally, data may be transferred for business purposes or to Zoom Video Communications, Inc., acting as a processor. Zoom is named in our processing agreement.

f. Data Processing Outside the EU:
Zoom, as our processor, may process data outside the EU or EEA. Adequate data protection is maintained through EU standard contractual clauses and other measures like end-to-end encryption and data routing. We can provide closed EU standard contractual clauses upon request.

12. Advertising
To promote and attract customers for our services, we utilize specific services based on your consent, which can be retracted at any time. The legal foundation for this falls under Art. 6 para. 1 lit. a) GDPR. Revoking your consent doesn’t invalidate the processing performed based on your consent prior to the withdrawal. You can withdraw your consent for future use by sending an email to helloapricotphilosophy@gmail.com or through our website. This withdrawal won’t affect the legality of the processing conducted based on your consent before the revocation.

Furthermore, these services also offer a means to object to their usage in general, not limited to our website. This objection mechanism is typically indicated within these services. It’s important to note that your consent applies to two aspects:
1. Storing cookies on your device.
2. Utilizing the respective service itself.

13. Social media platforms
The website https://apricotphilosophy.com/ (the “Website”) incorporates plugins and social media tools provided by various social networking sites, such as Twitter, Linkedin, Discord, Facebook, and Instagram.

When using the Website with such plugins, your browser establishes a direct connection with the servers of the respective social networking site administrators (service providers). The plugin content is directly transmitted by the service provider to your browser and integrated into the Website. Through this integration, the service providers receive information indicating that your browser accessed the Website, regardless of whether you have a profile with the service provider or are logged into it. This information, including your IP address, is directly transmitted by your browser to the server of the relevant service provider (some of which are located in the USA) and stored there.

Our website may contain links to third-party websites or services that are not operated or controlled by us. Please note that this Privacy Policy applies solely to our website, and we have no control over the content, privacy policies, or practices of any third-party sites or services.

We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personal information. We do not assume any responsibility for the content, privacy policies, or practices of any third-party sites or services.

However, we strive to protect the integrity of our site and welcome any feedback about these third-party sites. If you have any concerns or feedback regarding links to external sites, please contact us at helloapricotphilosophy@gmail.com.

This addition informs users about the limitations of your Privacy Policy concerning external links and encourages them to review the privacy policies of those sites for their understanding and assurance.

If you are logged into any of the social networking sites, the service provider may link your visit to the Website directly to your profile on that social network. Interaction with a specific plugin, such as clicking the “Like” button, will also transmit relevant information directly to the server of the respective service provider and be stored there. Additionally, this information may be published on the respective social network and displayed to your contacts.

The purpose and extent of data collection, as well as its further processing and use by the service providers, along with details on contact options, your rights, and settings to safeguard your privacy, are outlined in the individual privacy policies of the respective service providers.

Twitter – https://help.twitter.com/en/rules-and-policies/twitter-cookies
Linkedin – https://www.linkedin.com/legal/privacy-policy
Discord – https://discord.com/privacy
Facebook – https://www.facebook.com/privacy/explanation
Instagram – https://help.instagram.com/519522125107875/?maybe_redirect_pol=0

If you prefer that data collected during your visit to the Website not be directly associated with your profile on a particular social networking site, you can log out of that site before visiting the Website. Alternatively, you can prevent the loading of plugins on the Website altogether by using appropriate browser extensions, such as script blockers.

14. Cookies Policy

Our website utilizes “cookies,” which are small text files placed on your devices (e.g., computers) via web browsers. These files allow us to store specific information on your device and retrieve it when needed. Cookies typically contain the domain name of the website they originate from, their storage duration on the end device, and a unique identifier.

We use cookies for the following purposes:

1. Personalizing website content to suit individual user preferences and optimizing the user experience (cookies enable the recognition of your device and the proper display of the website to best meet individual needs).
2. Maintaining sessions on the website after logging in.

Our service does not store any information about your computer’s hardware configuration or installed programs.

15. Changing Cookie Settings

Web browsers usually allow the storage of cookies on end devices by default. However, you have the opportunity and the right to change these settings. To modify cookie settings, please refer to the detailed information on handling cookies available in your web browser’s settings.

If you disagree with the placement of cookies on your device, you can block their placement by configuring your web browser accordingly. Information on how to do this can be found in your web browser’s help files. Please note that blocking cookies from our website may impact its proper functioning. If you do not change cookie settings, these files will be placed on your end device, allowing us to store and access information accordingly.

16. Fonts
We utilize fonts sourced from third-party sites to enhance the visual presentation of our website. Our intent in using these web fonts is to maintain a consistent appearance and ensure proper functionality across various devices. Upon visiting our website, your browser retrieves the necessary fonts to display the content as designed. If your browser doesn’t support web fonts, it will default to using a standard font available on your device.

The legal basis for this processing aligns with Article 6, Paragraph 1 of the GDPR.

The fonts we employ are supplied by companies within the Google group. For visitors in the European Economic Area or Switzerland, these fonts are delivered by Google Ireland Limited, an entity incorporated under Irish law (registration number: 368047) and based at Gordon House, Barrow Street, Dublin 4, Ireland. Additional information about Google Web Fonts can be accessed at https://developers.google.com/fonts/faq.

Please note that Google’s general privacy policy governs this usage, available for review at https://www.google.com/policies/privacy.

17. Warning Regarding Data Transfers to Third Countries

a. What does this warning mean?
When your personal data is transferred to a third country, it exits the GDPR’s local jurisdiction. These countries may have varying levels of data protection, not always in line with GDPR standards. Some countries, like Switzerland, have received an adequacy decision from the EU Commission, signaling their data protection aligns with GDPR. However, countries like the USA lack such a decision, indicating a potential disparity in data protection standards.

b. What does this mean for your personal data?
Companies often employ service providers for data processing, where global conglomerates like Google, Amazon, Facebook, or Apple, utilize various entities across different countries for their services. This could involve data transfer to the USA or access to EU data by US-based parent companies. The GDPR allows for ‘standard contractual clauses’ to ensure GDPR compliance for data processing, even outside its jurisdiction, although these clauses only bind the contracted parties and not third-party government agencies. Consequently, governmental bodies in countries like the US may access EU citizens’ data, potentially without legal oversight or recourse, compromising GDPR rights. These accessed data could also be combined with other sources to create comprehensive profiles about individuals.

c. How high are my risks?
The extent of risk varies based on the specific service provider and the data involved. Our website potentially engages in data processing in third countries concerning advertising services like Google, Microsoft, or Facebook. This data usually includes website visit details, access location, device/software information, and user interactions. Refer to the services’ privacy notices for more information, linked within our privacy policy.

d. You will not suffer any disadvantages if you do not give your consent.
Choosing not to consent to specific services or cookie storage on our website will not disadvantage your access to our offerings. All services remain available under the same conditions, regardless of consent. You can also revoke your consent at any time.

18. Glossary
Browser: Software used for browsing the internet and accessing websites, including ours.

EEA: The European Economic Area, comprising EU countries along with Iceland, Liechtenstein, and Norway.

Third countries: Nations outside the EEA without an adequacy decision from the EU Commission. More information on adequacy decisions can be found at: EU Commission – Adequacy Decisions.

IP address: A unique identifier assigned to devices that exchange data over the internet. It allows data, such as websites, to be sent and received by the device. Devices within a network, like your home internet router, often share a common IP address for external communication.

lit.: A Latin abbreviation meaning “letter,” typically used when referencing legal texts. For instance, Article 6 para. lit. a) of the GDPR translates to “letter a).”

Standard Contractual Clauses: Contracts provided by the EU Commission as a framework for data transfer to third countries under Art. 46 para. 2 lit. d) of the GDPR.

19. User Rights
In connection with your personal data, you hold specific rights under the GDPR. For detailed information, please refer to the legal regulations, particularly Art. 15 ff. of the GDPR.

Right of access:
You have the right, as per Art. 15 of the GDPR, to confirm whether we are processing your personal data. If so, you are entitled to be informed about this data and receive additional details outlined in Art. 15 of the GDPR.

Right of rectification:
Under Art. 16 of the GDPR, you can request the correction of any inaccurate personal data concerning you without undue delay. Furthermore, considering the processing purposes, you can request the completion of incomplete personal data by means of a supplementary statement.

Right to erasure (“right to be forgotten”):
Within the confines of Art. 17 of the GDPR, you have the right to request the deletion of your personal data without undue delay. We are obliged to delete personal data provided that the relevant criteria stated in Art. 17 of the GDPR are met.

Right to restriction of processing:
According to Art. 18 of the GDPR, you can, under specific circumstances, request us to restrict the processing of your personal data. For detailed conditions, refer to Art. 18 of the GDPR.

Right to data portability:
Under the conditions specified in Art. 20 of the GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format. Additionally, pursuant to Art. 20 of the GDPR, you have the right to transfer this data to another controller without impediment from us, provided certain conditions are met.

Right to lodge a complaint with the supervisory authority:
As outlined in Article 77 of the GDPR, you can lodge a complaint with the supervisory authority, without prejudice to any other administrative or judicial remedy. This right particularly applies to the Member State of your residence, your place of work, or the location of the alleged infringement if you believe that your personal data processing violates the GDPR.

Right to object:
Under Article 21 of the GDPR, you can object to the processing of personal data concerning you carried out under Article 6(1)(e) or (f) of the GDPR, including profiling based on these provisions. If we process your personal data for direct marketing purposes, you have the right to object to such processing at any time, including related profiling for such direct marketing purposes.

20. Changes to the Privacy Policy
The policy is constantly reviewed and updated if necessary. The current version of the policy has been adopted and has been in force since date: 06.01.2024