This GDPR Policy explains how ovapel.com (“Website,” “we,” “our,” or “us”) processes and protects personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
By using this Website, you consent to the practices described in this Policy.
2. Data Controller
The data controller responsible for your personal data is:
ovapel.com
3. What Data We Collect
We may collect the following personal data from you:
- Contact Data: name, email address (newsletter signup, contact forms, comments)
- Technical Data: IP address, browser type, device information
- Usage Data: pages visited, time spent, clicks, and interactions (via cookies and analytics tools)
- Transactional Data: if you purchase products or services (eBooks, courses, etc.) in the future
4. Legal Basis for Processing
We process your personal data under one or more of the following legal bases:
- Consent: e.g., when you subscribe to our newsletter or accept cookies
- Contract: when processing is necessary to provide you with requested services
- Legal Obligation: when processing is required by law
- Legitimate Interest: for analytics, security, and improving our services
5. How We Use Your Data
Your personal data may be used to:
- Provide and improve Website content
- Send newsletters, updates, or promotional offers (with your consent)
- Monitor Website performance and prevent fraud
- Respond to inquiries submitted through contact forms
- Comply with legal and regulatory requirements
6. Cookies & Tracking Technologies
We use cookies, analytics (e.g., Google Analytics), and affiliate tracking codes.
- You will be asked for consent before non-essential cookies are placed on your device.
- You may withdraw your consent at any time by adjusting your browser settings or our cookie banner.
For more details, see our Cookie Policy.
7. Data Sharing & Third Parties
We do not sell or rent your personal data.
However, we may share limited data with trusted third parties, including:
- Email marketing providers (e.g., Mailchimp, ConvertKit)
- Analytics services (e.g., Google Analytics)
- Affiliate programs or sponsored partners (for tracking purposes)
- Payment processors (if products are sold)
All third parties are required to protect your data in compliance with GDPR.
8. Data Retention
We keep personal data only as long as necessary for the purposes stated in this Policy, or as required by law.
- Newsletter data: retained until you unsubscribe
- Contact form data: retained for up to 12 months
- Analytics data: typically retained for 26 months
9. Your GDPR Rights
As an EU resident, you have the following rights under GDPR:
- Right of Access: Request a copy of the personal data we hold about you
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your data (“right to be forgotten”)
- Right to Restrict Processing: Limit how we process your data
- Right to Data Portability: Request your data in a portable format
- Right to Object: Opt out of certain processing, including direct marketing
- Right to Withdraw Consent: Withdraw consent at any time
To exercise your rights, contact us
10. Data Security
We take appropriate security measures (encryption, secure servers, limited access) to protect your personal data against unauthorized access, disclosure, or misuse.
11. International Data Transfers
If you are located in the EU, your personal data may be transferred outside the European Economic Area (EEA), including to the United States. We ensure such transfers comply with GDPR through appropriate safeguards (e.g., Standard Contractual Clauses).
12. Changes to This Policy
We may update this GDPR Policy from time to time. Any updates will be posted on this page with the “Last Updated” date revised accordingly.
Last Updated: 02/09/2025