Effective Date: 26.12.2023
Welcome to the Hermetic World LTD and it’s websites and applications, such as:
social media profiles, messenger services and other information and communication channels, including our free newsletters, and chat-bots, etc.
Children’s Privacy (COPPA Compliance): We are committed to protecting children’s privacy. Our websites and applications do not knowingly collect, use, or disclose personally identifiable information from children under the age of 13 without parental consent. If a parent or guardian believes that we have inadvertently collected such information, they should contact us to remove it and opt out of all related services.
Section 1: Information about us as the controller
Responsible for the processing of personal data on our websites and applications is:
Hermetic World LTD Limnaria 1 Westpark Village, Shop 208042 Paphos, Cyprus
If you have any questions about data protection and privacy, please contact us using the contact information provided. We are committed to ensuring that your personal data is handled responsibly and in accordance with the law, in accordance with applicable data protection laws.
Section 2: Automatic data storage
When you visit our websites and applications, certain information is automatically collected and stored by our web server. These include:
- The address (URL) of the web page you accessed.
- Your browser type and version.
- The operating system used.
- The referrer URL (the previously visited page).
- The hostname and IP address of your device.
- Date and time of your visit.
This information is recorded in web server log files, usually stored for two weeks and then automatically deleted. We assure you that this data will not be disclosed to third parties – with the exception of the options described in our General Terms and Conditions or this declaration-, except as necessary in the event of an internal or external (e.g. legal) investigation.
International Data Transfers
Cross-border data handling: As part of our global operations, we may transfer personal data across international borders. These transfers will be made in accordance with applicable data protection laws.
Safeguards for international transfers: We ensure that all data transfers outside the European Union are protected by appropriate data protection measures, such as standard contractual clauses approved by the European Commission or other legal mechanisms that provide an equivalent level of data protection to that in the EU.
Section 3: Cookies and Automatic Data Collection
- Usage Information: Details such as pages visited, frequency of access, length of stay, and referring websites and applications.
- Location information: Determined by your IP address.
- Device information: hardware model, operating system, browser specifics, and your settings.
Types of cookies on our websites and applications:
- Essential cookies: For the security and functionality of the websites and applications.
- Functional cookies: To improve functionality and diagnose errors.
- Analytics cookies: To carry out websites and applications data analysis.
- First-party cookies: Essential for the functionality of the websites and applications, created and managed by us.
- Third-party cookies: For analytical purposes, such as those used by Google Analytics.
Cookie management: You can control cookie settings through your browser. However, disabling cookies may affect your websites and applications experience.
Use of the Borlabs cookie plugin: Our websites and applications use the Borlabs cookie plugin for cookie management. This tool allows you to select and consent to certain types of cookies to ensure better control over your data. Borlabs Cookie itself does not process any personal data.
Section 4: Handling of Personal Data
Collection of personal information: Our websites and applications collect personal information such as names, E-Mail addresses, mailing addresses, and other relevant information that you provide when filling out forms or commenting on our blog. We collect this information, along with the time of submission and your IP address, only for the purposes specified.
International Data Transfers: We handle international data transfers in accordance with the GDPR and other relevant data protection laws. Data transferred outside the European Union will be protected by appropriate measures to ensure a level of data protection comparable to EU standards.
Data security and confidentiality: We are committed to keeping your personal data secure. It is our business policy to treat your data with the utmost confidentiality, and not to disclose your data to third parties unless it is necessary for the purpose for which you provided it or cases of internal or external investigation or legal necessity.
Use of personal data: The personal data you provide will be used exclusively for the purposes for which it was collected: to facilitate our communication with users seeking contact, to process requests for services and products available on our websites and applications and to enable and facilitate users’ access to the services we offer.
Email Communications and Data Security: Although we provide secure forms for the submission of personal information on our websites and applications, please note that these submissions are forwarded from these applications via email.
Use of aMember for membership management: We use aMember, a member account software, for the efficient billing and management of our customers’ personal data. aMember helps to optimize our subscription services and handle customer data securely. For more information about how a member manages and protects user data, please visit aMember’s information page.
Data Breach Notification Procedure
Commitment to Data Security: Although we take every precaution to protect user data, in today’s high-tech world, errors and/or misuse are possible. Therefore, in the unlikely event of a data breach, we are committed to notifying data subjects immediately and in accordance with applicable law.
Data Breach Notification: In the event of a data breach, we are committed to providing prompt notice to data subjects in accordance with applicable laws. You will be informed of the nature of the breach, the data involved, and the actions taken in response.
Section 5: Measures for data security
Secure data transfer: We use HTTPS and TLS encryption, a robust protocol that ensures the secure transmission of your data over the internet. You can recognize this by the lock symbol in the address bar of your browser, which indicates an encrypted connection.
Privacy strategies: Our commitment to data security goes beyond transmission. We use various measures, such as:
- Regularly updating and patching our systems to protect us from vulnerabilities.
- We maintain access controls to ensure that only employees service providers who need to handle personal data for their job duties have access to it. This is managed through individual user accounts and strong passwords.
- Use of firewalls and intrusion detection systems to prevent unauthorized access.
On-demand security audits: We conduct security audits to identify and remediate potential vulnerabilities in line with our privacy commitments. These checks are carried out on the basis of necessity to ensure the continuous protection of personal data.
Section 6: Use of Third-Party Services and Analytics Tools
TLS encryption and HTTPS: We prioritize data security through the use of HTTPS and TLS, a protocol for secure data transmission that ensures the protection of your confidential information on the Internet.
Borlabs Cookie Integration: Our websites and applications use Borlabs Cookie, a solution designed for WordPress sites, to manage user consents for cookies. Borlabs Cookie does not store any personal data. The information stored in the borlabs cookie includes the cookie lifetime, the cookie version, the domain and path of our websites and applications, user consents, and a randomly generated UID, which is not personal data. This tool ensures compliance with privacy regulations by efficiently managing cookie consents. You can find more information about Borlabs Cookie on the official websites and applications.
Google Tag Manager: Our websites and applications uses Google Tag Manager to efficiently integrate and manage various tracking tools. This service allows us to seamlessly embed and update tracking codes, making it easier to collect and analyze key user interaction data across the site. Google Tag Manager itself does not collect any personal data; Rather, it allows for the effective use of other tracking tools. For a deeper understanding of how Google Tag Manager works and handles data, please refer to the Google Tag Manager Privacy Notice.
Instagram integration: We integrate Instagram features on our websites and applications to improve user engagement and showcase our social media content. This includes viewing our latest posts or being able to share content directly on Instagram. Instagram, as part of Meta Platforms, Inc., may collect data for analytics and advertising purposes when you interact with these features. To learn more about Instagram’s data practices and how we handle user privacy, please see Instagram’s Data Policy.
Microsoft Copilot Chatbot Integration: We’re integrating Microsoft Copilot for Microsoft 365 into our digital operations. This AI-driven tool assists with various tasks by processing prompts and responses within the Microsoft 365 environment. Copilot may collect and process interaction data, including user prompts and responses, to provide efficient and relevant support. Copilot adheres to its privacy, security, and compliance obligations. It is compliant with GDPR and EU data protection regulations. The collected data is securely stored within the Microsoft 365 service boundary to ensure compliance with privacy and security. Microsoft Copilot uses Azure OpenAI services for processing, which are separate from OpenAI’s public services. The stored data, which includes users’ prompts and Copilot’s responses, helps provide a history of interactions. This data is not used to train basic Large Language Models (LLMs) used by Microsoft Copilot. For more information about Copilot’s data processing practices, please refer to Microsoft’s Data, Privacy, and Security Policy for Copilot.
Understanding and Managing Cookies: Service-Specific Information and Browser Settings
In addition, the management and deletion of cookies is usually handled through the settings of your web browser. Each browser (such as Chrome, Firefox, Safari, Edge) has its own method of managing cookies, which can usually be found in the settings or in the Privacy section. Here you can see which cookies are stored, delete them individually or completely, and adjust your settings for the future storage of cookies. Note that disabling or blocking certain cookies may affect the functionality of some websites and applications.
Section 7: Contact Information and User Inquiries
Contact Privacy Concerns: If you have any questions or concerns about our privacy practices or your personal information, please contact us at:
- E-Mail: office12(at)hermetik-akademie.org
- Postal address: Hermetic World LTD, Limnaria 1, Westpark Village, Shop 20, 8042 Paphos, Cyprus.
Feedback and questions about data protection: We value your feedback and take your data protection concerns seriously. If you have any questions or need more information about how we handle your personal data, please do not hesitate to contact us.
Section 8: User rights according to GDPR and other data protection regulations
- Right to rectification (Art. 16 GDPR): rectification of inaccurate personal data.
- Right to erasure (Art. 17 GDPR): Request the deletion of personal data.
- Right to restriction of processing (Art. 18 GDPR): Restriction of the processing of your data.
- Right to information (Art. 19 GDPR): to obtain rectification, erasure or restriction.
- Right to data portability (Art. 20 GDPR): Retrieve and reuse your data across services.
- Right to object (Art. 21 GDPR): Objection to data processing.
- Automated decision-making (Art. 22 GDPR): You must not be subject exclusively to automated decision-making.
CalOPPA & CCPA Compliance: California Residents’ Rights
Data Access and Deletion: Under the California Consumer Privacy Act (CCPA), California residents have the right to request access to their personal information we collect and to request the deletion of their information from our records.
Opt-Out of Data Sales: California residents also have the right to opt-out of the sale of their personal information. We assure you that we do not sell any personal information.
Exercising your rights: To exercise these rights, please contact us using the contact information provided. We will respond to your request in accordance with CCPA guidelines.
PIPEDA Compliance: Rights of Canadian Citizens
Consent and Data Processing: In accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA), we ensure that Canadian citizens receive clear information and consent about how their personal information is collected, used, and disclosed.
Accountability and Privacy Complaints: We are committed to being responsible for the handling of personal information. Canadian citizens have the right to challenge our compliance with PIPEDA, including the way we manage their personal information.
Exercising PIPEDA Rights: For inquiries or complaints regarding data processing under PIPEDA, Canadian citizens may contact us using the contact information provided.
Compliance with Australian Data Protection Act
Rights under the Act: In accordance with the Australian Data Protection Act, Australian residents have the right to access their personal information held by us and to correct any inaccuracies.
Complaints and Enquiries: If an Australian resident believes that their privacy has been violated, they have the right to lodge a complaint, which we will deal with in accordance with the guidelines of the Act.
Contact for privacy issues: Australian residents may contact us using the contact details provided if they have any questions or concerns about privacy.
Rights exercised through our websites and applications: You can exercise these rights in relation to your personal data processed by us. If you have any concerns or questions about your data rights, please contact us directly.
User Notification: We encourage users to periodically review this policy for updates. If material changes are made, we will notify users by E-Mail or by means of a prominent notice on our websites and applications.