Privacy Policy of the EmotivoGuitars.eu Website

Personal Data Controller
The controller of your personal data is the owner of the website EmotivoGuitars.eu (hereinafter referred to as the “Website”). For matters related to the processing of personal data, you can contact the controller via e-mail: kontakt@emotivoguitars.eu.

Scope of Collected Data
Data provided voluntarily: When using the contact form on the Website, the User provides the following personal data:

  • Full name – to enable addressing the sender of the message,
  • E-mail address – to respond to the submitted inquiry,
  • Subject of the message and message content – which may include information provided by the User in relation to the inquiry.

Providing the above data is voluntary but necessary to use the contact form and receive a response.

Data collected automatically: When visiting the Website, certain information about the User may be collected automatically, such as:

  • IP address of the User’s device,
  • Date and time of the visit,
  • Information about the web browser and operating system.

This data is stored in server logs (provided by the hosting provider) and used for technical, administrative, and security purposes (e.g., to monitor unauthorized access attempts). This data is not used by the Controller to identify the User.

Purposes and Legal Bases for Data Processing
Your personal data may be processed for the following purposes:

  • Handling User inquiries: Data provided via the contact form or by e-mail is used solely to communicate with you, i.e., to respond to your inquiry and conduct further correspondence at your request. The legal basis for processing is Article 6(1)(f) GDPR – the legitimate interest of the Controller in handling communications. If the contact relates to the potential conclusion of a contract or purchase of our products/services, the legal basis may also be Article 6(1)(b) GDPR (taking steps at the request of the data subject prior to entering into a contract).
  • Ensuring the security and proper functioning of the Website: Automatically collected data (e.g., server logs, IP addresses) and the Google reCAPTCHA service (described below) are used to protect the Website against abuse, spam, and bot attacks. The legal basis for such processing is the legitimate interest of the Controller (Article 6(1)(f) GDPR) in ensuring the security and proper functioning of the Website.
  • Fulfilling legal obligations: Certain data may be processed to comply with legal obligations, e.g., related to data protection or accounting regulations. The legal basis is Article 6(1)(c) GDPR.

The Controller does not use the collected data for direct marketing purposes, does not send unsolicited commercial communications (spam), and does not engage in profiling or automated decision-making.

Cookies and Similar Technologies
Our Website uses cookies to ensure its proper functioning and improve user experience. Cookies are small text files stored on the User’s device while browsing websites. The Website uses the following categories of cookies:

  • Technically necessary cookies: These cookies are essential for the proper functioning of the Website and its basic functionalities. They include, for example, a cookie storing consent to cookies (so the cookie banner does not reappear during subsequent visits). The use of these cookies is based on the legitimate interest of the Controller (Article 6(1)(f) GDPR) in ensuring proper Website operation and compliance with legal obligations (e.g., documenting consent).
  • Functional cookies related to security: The Website uses Google reCAPTCHA to protect against spam and abuse (e.g., when submitting the contact form). reCAPTCHA may use cookies or other tracking technologies to analyse User activity and confirm that data entered comes from a human rather than an automated bot. These cookies may collect technical information about the User’s device and behaviour (e.g., IP address, browser information, mouse movements, etc.) solely to enhance Website security. The legal basis for their use is Article 6(1)(f) GDPR – the legitimate interest in protecting the Website against abuse.

The Website does not use marketing, advertising, or analytical cookies. On the first visit to the Website, a banner appears informing about cookie use. The User can accept cookies or change browser settings. Disabling necessary cookies may hinder or prevent proper Website use.

Google reCAPTCHA
To secure the contact form against spam and automated submissions, the Website uses Google reCAPTCHA (v2 or v3), provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) or Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) for users in the European Economic Area. reCAPTCHA analyses User behaviour based on various information (e.g., IP address, visit duration, mouse movements, clicks) and may require solving a test. Data is transferred to Google, including personal data such as the IP address and reCAPTCHA cookies. This processing is based on our legitimate interest (Article 6(1)(f) GDPR) in protecting the Website from abuse and spam. Use of reCAPTCHA is subject to Google Privacy Policy and Terms of Service.

Data Recipients
Collected personal data will not be shared or sold to third parties, except:

  • Entities processing data on behalf of the Controller (e.g., hosting providers, e-mail service providers), bound by data processing agreements.
  • Google (reCAPTCHA) as an independent data controller.

Data may be disclosed to public authorities only when required by law.

Transfer of Data Outside the EEA
Data is generally stored within the European Economic Area. Use of Google reCAPTCHA may involve data transfer to the USA in compliance with GDPR (e.g., via Standard Contractual Clauses).

Data Retention Period

  • Contact correspondence: stored for up to 12 months.
  • Technical data (server logs): stored for about 30 days.
  • Cookies: stored for the duration set in their parameters or until deleted by the User.

Your Rights
You have the right to access, rectify, erase, restrict processing, transfer your data, object to processing, withdraw consent, and lodge a complaint with a supervisory authority.

Final Provisions
Providing personal data is voluntary but necessary for certain Website functionalities. The Controller applies technical and organisational measures to secure data. This Privacy Policy applies only to the Website. It may be updated, with changes published on this page. Effective from 12 August 2025.