Privacy Policy

Last updated: 14 July 2026

 

  1. WHO WE ARE

 

The controller of your personal data is EDYTA CHILINSKA MARKETING MANAGEMENT, trading as EDYTA CHILINSKA ACADEMY, with its registered trade licence no. 1635390 (“Academy”, “we”, “us”, “our”).

 

The website is available at academy.chilinska.com (the “Website”).

 

Contact details:

General email: academy@chilinska.com

Privacy email: support@chilinska.com

Phone: +971 52 595 9881



  1. SCOPE

 

This Privacy Policy explains how we process data relating to people who:

– visit the Website;

– create or use an account;

– purchase online courses or access the Academy;

– subscribe to the newsletter;

– use contact, consultation or certificate forms;

– contact us by email, telephone, WhatsApp or social media;

– enquire about or book bridal hairstyling or in-person training;

– use Google or Facebook sign-in.

 

  1. PERSONAL DATA WE COLLECT

 

Depending on how you use the Website, we may process:

 

a) Identity and contact data

Name, email address, telephone number, country, billing address, business name and other information you provide.

 

b) Account data

Username, encrypted password, account identifier, language and currency preferences, account status, login history and information required to secure your account.

 

c) Order and payment data

Products purchased, price, currency, tax, order number, payment status, transaction date and billing information. Full payment-card details are generally processed directly by the payment provider and are not stored by the Academy.

 

d) Course-use data

Access activation and expiry dates, completed lessons, course progress, certificate requests, device information and account-security events.

 

e) Form and communication data

Messages, enquiry subject, selected programme, booking information, hairstyling or training preferences and correspondence history.

 

f) Marketing data

Email address, consent status, subscription date, message engagement and communication preferences.

 

g) Technical and usage data

IP address, device and browser type, operating system, approximate location, referring page, server logs, cookie identifiers and interactions with the Website.

 

h) Social sign-in data

When you sign in through Google or Facebook, we may receive basic profile information such as your name, email address, account identifier and profile image, depending on your settings with that provider.

 

We do not ask you to provide special-category or sensitive data unless it is necessary for a specific service and permitted by law. Please do not send medical or other sensitive information that is not required.

 

  1. PURPOSES AND LEGAL BASES

 

We process personal data to:

– create and administer accounts;

– enter into and perform contracts, fulfil orders and provide course access;

– manage the 12-month access period for purchased materials;

– process payments, invoices, tax and accounting records;

– handle enquiries, consultations, bridal services and training bookings;

– issue certificates;

– provide customer and technical support;

– prevent fraud, account sharing, abuse and security incidents;

– maintain, troubleshoot and improve the Website;

– send newsletters and marketing where you have consented or another legal basis permits it;

– establish, exercise or defend legal claims;

– comply with legal obligations.

 

Where the GDPR applies, our legal bases may include:

– performance of a contract or steps requested before entering into a contract;

– compliance with a legal obligation;

– our legitimate interests, including security, customer support, fraud prevention and business development;

– your consent, particularly for optional cookies and marketing.

 

You may withdraw consent at any time. Withdrawal does not affect processing that was lawful before withdrawal.

 

  1. IF YOU DO NOT PROVIDE DATA

 

Providing personal data is voluntary, but some information is necessary to create an account, complete a purchase, provide course access, issue a sales document or certificate, or respond to an enquiry. We may be unable to provide the relevant service without it.

 

  1. PAYMENTS

 

Payments may be handled by the providers shown at checkout, including, depending on configuration and country, Stripe, Tpay or other payment providers. A payment provider may act as an independent controller or processor as described in its own privacy policy.

 

We normally receive only information required to confirm the payment, such as transaction status, payment identifier, payment-method type and partially masked payment details.

 

  1. RECIPIENTS

 

We may disclose data only as necessary to:

– hosting, security, backup and IT providers;

– providers of WordPress, WooCommerce and Website plugins;

– payment processors and banks;

– Vimeo or other video-hosting providers;

– Google and Meta/Facebook when you use social sign-in or consent to relevant services;

– email, newsletter, form and customer-support providers;

– analytics or advertising providers only when activated and supported by a lawful basis;

– accountants, lawyers, auditors and insurers;

– public authorities where required by law;

– a purchaser or successor in connection with a reorganisation, sale or merger.

 

We do not sell personal data.

 

  1. INTERNATIONAL TRANSFERS

 

We operate from the United Arab Emirates and use service providers in different countries. Your data may therefore be processed outside your country, including outside the European Economic Area.

 

Where the GDPR applies, we use legally recognised transfer mechanisms where required, such as an adequacy decision, standard contractual clauses or another permitted safeguard.

 

  1. RETENTION

 

We keep data only for as long as necessary, including:

– account and course-progress data: while the account or access remains active, and afterwards for the period required to support claims or until a valid deletion request is completed;

– order, invoice and payment data: for the period required by accounting, tax and fraud-prevention laws;

– enquiries and correspondence: normally for up to 24 months after the matter is closed, unless a longer period is needed to enter into a contract or protect legal claims;

– service and training booking data: during the booking and for the subsequent period required for accounting and claims;

– newsletter data: until consent is withdrawn or an objection is made; we may keep a minimal suppression record to ensure no further marketing is sent;

– security logs: for a period reasonably required to protect the Website and detect abuse;

– backups: until securely overwritten under the backup cycle.

 

  1. COOKIES

 

We use cookies and similar technologies to operate accounts, shopping carts, payments, language and currency preferences, Website security and media playback and, after obtaining any consent required by law, analytics and marketing.

 

More information is provided in the Cookie Policy. You can change optional-cookie choices through the “Cookie Settings” tool on the Website.

 

  1. NEWSLETTERS AND MARKETING

 

If you subscribe, we may send Academy news, new-material announcements, offers and information about services. You may unsubscribe through the link in each marketing email or by contacting support@chilinska.com.

 

Withdrawing marketing consent does not stop transactional communications such as purchase confirmations, password resets, access notices or replies to enquiries.

 

  1. AUTOMATED DECISIONS

 

We do not make decisions that produce legal or similarly significant effects solely by automated means. We may use automated security tools, for example to identify suspicious logins or payment fraud. Contact us if you believe an automated control has blocked you incorrectly.

 

  1. SECURITY

 

We use reasonable technical and organisational measures, including access controls, encrypted connections, software updates, backups and security monitoring. No online system can guarantee absolute security.

 

You are responsible for keeping your password confidential and should notify us promptly of suspected unauthorised access.

 

  1. YOUR RIGHTS

 

Depending on applicable law, you may have rights to:

– receive information about processing;

– access your data and obtain a copy;

– correct inaccurate data;

– request erasure;

– restrict or stop certain processing;

– object to processing based on legitimate interests;

– withdraw consent;

– data portability;

– complain to a competent data-protection authority;

– challenge certain automated decisions.

 

These rights may be subject to legal exceptions. We will not delete data that must be retained for tax, accounting, fraud prevention, legal compliance or legal-claim purposes.

 

  1. HOW TO MAKE A REQUEST

 

Email support@chilinska.com from the address associated with your account. Use the subject “Data Rights Request” or “Account and Data Deletion Request”.

 

We may request information necessary to verify your identity. We will never ask you to send your full card details or password.

 

Detailed steps are set out in the “Account and Personal Data Deletion Instructions”.

 

  1. COMPLAINTS

 

Please contact us first so that we can try to resolve your concern.

 

If the GDPR applies, you may also complain to a supervisory authority in the country of your habitual residence, place of work or the alleged infringement. In Poland, the authority is the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych).

 

Individuals covered by UAE law may contact the competent data-protection authority in the United Arab Emirates.

 

  1. CHILDREN

 

The Website and courses are intended for adults or for users acting with the consent and supervision of a parent or guardian. We do not knowingly collect children’s data unlawfully. Contact us if you believe a child has provided data without appropriate consent.

 

  1. THIRD-PARTY LINKS AND EMBEDS

 

The Website may contain links or embedded content from Vimeo, Google, Facebook, Instagram, Pinterest, WhatsApp and other services. Those providers may process data under their own privacy policies.

 

  1. CHANGES

 

We may update this Policy to reflect legal, technical or business changes. The current version will be published on the Website with its latest revision date. We may notify you of material changes through your account or by email.

 

  1. CONTACT

 

EDYTA CHILINSKA MARKETING MANAGEMENT

Email: support@chilinska.com

Website: academy.chilinska.com



Select your currency