Last updated: 01.02.2026.

This Privacy Policy explains how [Your Website Name] (“Website,” “we,” “us,” or “our”) collects, stores, and processes personal data in compliance with the GDPR and Croatian law.

By using our Website or purchasing our courses, you consent to the processing of your data as described below.

1. Data Controller

Name / Company: Matej Gorup

Address: Arsena Vivode 12, Poreč, Croatia

OIB: 45326053518

Email: [email protected]

The Data Controller is responsible for ensuring your personal data is processed lawfully.

2. Personal Data We Collect

We may collect and process the following personal data:

Name and surname

Email address

Billing data (processed by Stripe, PayPal, or other payment providers)

Account information (username, password, course progress)

IP address and basic usage data (pages visited, session duration)

3. Purpose of Processing

We process your personal data for the following purposes:

Deliver purchased courses and digital content

Manage user accounts

Process payments and invoices

Provide customer support

Improve Website functionality and user experience

Comply with legal obligations

4. Legal Basis for Processing

We process personal data based on one or more of the following:

Performance of a contract: To provide the courses you purchase

Legal obligations: For tax, accounting, and other compliance purposes

Legitimate interests: To maintain Website security and prevent fraud

Consent: For optional services like analytics, newsletters, or cookies

5. Payment Processing

Payments are processed by Stripe and PayPal, which are independent data controllers. These providers process personal data in accordance with their own privacy policies and GDPR requirements.

We do not store full payment card information on our servers.

6. Cookies and Tracking

We use cookies and similar technologies to improve the Website experience (see our Cookies Policy).

Essential cookies are always active

Analytics and functional cookies are only used after you give consent

7. Data Retention

We retain personal data only as long as necessary to:

Deliver courses

Meet legal obligations (e.g., tax law)

Maintain legitimate business interests

After this period, your data is securely deleted or anonymized.

8. Your GDPR Rights

You have the following rights regarding your personal data:

Access your data

Correct inaccuracies

Request deletion (“right to be forgotten”)

Restrict or object to processing

Receive your data in a portable format

Withdraw consent at any time (for processing based on consent)

To exercise your rights, contact us at: [email protected]

9. Supervisory Authority

If you believe your data has been processed unlawfully, you may file a complaint with:

AZOP – Croatian Personal Data Protection Agency

Website: www.azop.hr

10. Data Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, or misuse.

11. Updates to this Policy

This Privacy Policy may be updated from time to time. All updates will be published on this page with a new “Last updated” date.