Get Started
Home Our Story Workshops For Beginners Contact Get Started
Legal

Privacy Policy

Last updated: 22 June 2026

Controller Identity

The data controller responsible for processing personal data collected through this website is Lihoye Xewise, operating at Gdańska 27, Bydgoszcz, Poland. Contact for data matters: [email protected].

Legal Basis for Processing

This website processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and the Polish Act on Personal Data Protection of 10 May 2018 (Dz.U. 2018 poz. 1000). Processing is carried out on the following bases:

  • Article 6(1)(a) GDPR: consent of the data subject, specifically for cookie categories beyond strictly necessary.
  • Article 6(1)(b) GDPR: processing necessary to respond to enquiries and provide requested information.
  • Article 6(1)(f) GDPR: legitimate interests, including the security and proper functioning of the website.

Categories of Data Collected

  • Contact form: name, email address, phone number, and the content of the message submitted.
  • Technical data: IP address, browser type, operating system, referral URL, and pages visited, collected automatically via server logs and analytics cookies where consent has been given.
  • Cookie data: described separately in the Cookie Policy.

We do not collect sensitive categories of personal data as defined in Article 9 GDPR.

Purpose of Processing

  • Responding to contact form enquiries and providing information about course offerings.
  • Maintaining the technical operation and security of the website.
  • Understanding how visitors use the website, to improve content and navigation (analytics, with consent).
  • Displaying relevant content to returning visitors (marketing cookies, with consent).

Data Retention

Contact enquiry data is retained for no longer than twelve months from the date of receipt, unless an ongoing relationship requires longer retention. Technical logs are retained for up to six months. Cookie-based data follows the retention periods described in the Cookie Policy. Data is deleted securely upon expiry of the applicable retention period.

Data Recipients

Personal data is not sold or transferred to third parties for their own marketing purposes. Data may be accessed by:

  • Hosting and infrastructure providers operating under GDPR-compliant data processing agreements.
  • Analytics service providers where consent to analytics cookies has been given.
  • Competent public authorities, if required by law.

International Transfers

Where service providers are located outside the European Economic Area, data transfers are conducted under appropriate safeguards as required by Chapter V of the GDPR, including standard contractual clauses approved by the European Commission.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of access (Article 15) — to obtain confirmation of whether data about you is processed and to receive a copy.
  • Right to rectification (Article 16) — to have inaccurate data corrected without undue delay.
  • Right to erasure (Article 17) — to request deletion of data where processing is no longer justified.
  • Right to restriction (Article 18) — to limit how your data is processed in certain circumstances.
  • Right to object (Article 21) — to object to processing based on legitimate interests.
  • Right to withdraw consent (Article 7(3)) — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
  • Right to lodge a complaint with the President of the Personal Data Protection Office (UODO), ul. Stawki 2, 00-193 Warsaw, Poland (www.uodo.gov.pl).

To exercise any of the above rights, contact us at [email protected]. We will respond within the timeframes required by applicable law.

Website Security

Appropriate technical and organisational measures are in place to protect personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures are reviewed and updated as necessary.

Children's Data

This website is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has submitted data through this website, please contact us so we can arrange its deletion.

Policy Updates

This policy may be updated from time to time. The date at the top of this page reflects the most recent revision. Continued use of the website after an update constitutes acceptance of the revised policy.

We use cookies to improve your experience. Learn more

Cookie Preferences

Necessary Always active

Required for the site to function. Cannot be disabled.

Analytics

Helps us understand how visitors interact with the site.

Marketing

Used to deliver relevant content based on your interests.