Data protection

Privacy Policy

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data includes all data with which you can be personally identified. Detailed information on data protection can be found in the privacy policy listed below this text.

Data Collection on Our Website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details can be found in the legal notice (Imprint) of this website.

How do we collect your data?
Your data is collected, firstly, by you providing it to us. This may include data you enter into a contact form.
Other data is automatically collected by our IT systems when you visit the website. These are primarily technical data (e.g., internet browser, operating system, or the time of page access). The collection of this data happens automatically as soon as you enter our website.

What do we use your data for?
Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?
You have the right to obtain information about the origin, recipients, and purpose of your stored personal data at any time and free of charge. You also have the right to request the rectification, blocking, or deletion of this data. For this and for any further questions about data protection, you may contact us at any time using the address provided in the legal notice.
Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You also have the right, under certain conditions, to request the restriction of the processing of your personal data. Details can be found in the section “Right to Restrict Processing” in this privacy policy.

2. General Notes and Mandatory Information

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations as well as this privacy policy.
When you use this website, various personal data are collected. Personal data is any information with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.
We point out that data transmission on the internet (e.g., communication by email) can have security gaps. Complete protection of data against access by third parties is not possible.

Notice Concerning the Responsible Entity

The responsible entity for data processing on this website is:

Barbara Kornprat
Disamenado Sexta Volta 122
07669 S’Horta
Email: office@barbarakornprat.com

The responsible entity is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Withdrawal of Your Consent to Data Processing

Many data processing operations are only possible with your explicit consent. You may revoke consent at any time. A simple email to us is sufficient. The legality of data processing up to the point of revocation remains unaffected.

Right to Object to Data Collection in Special Cases and to Direct Marketing (Art. 21 GDPR)

If data processing is carried out on the basis of Art. 6(1)(e) or (f) GDPR, you have the right to object at any time to the processing of your personal data for reasons arising from your particular situation; this also applies to profiling based on these provisions.
The legal basis for processing can be found in this privacy policy. If you object, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for processing which outweigh your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defence of legal claims (objection under Art. 21(1) GDPR).
If your personal data is processed for direct marketing purposes, you have the right to object at any time to such processing; this includes profiling related to direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection under Art. 21(2) GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, workplace, or the place of the alleged infringement. This right exists without prejudice to any other administrative or judicial remedies.

Right to Data Portability

You have the right to receive the data we process automatically based on your consent or in fulfilment of a contract in a commonly used, machine-readable format and to have it transferred to yourself or a third party. If you request the direct transfer of the data to another controller, this will only be done where technically feasible.

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the change in the browser’s address line from “http://” to “https://” and by the lock symbol in your browser.
When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

Access, Blocking, Deletion, and Rectification

Within the framework of applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients, and the purpose of data processing, and, if necessary, a right to rectification, blocking, or deletion of this data. For this as well as further questions regarding personal data, you can contact us at the address found in the legal notice.

Right to Restrict Processing

You have the right to request the restriction of the processing of your personal data. You may contact us at any time using the address provided in the legal notice. The right to restrict processing applies in the following cases:

If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was or is unlawful, you may request restriction instead of deletion.
If we no longer need your personal data, but you require it for the exercise, defence, or establishment of legal claims, you have the right to request the restriction of processing instead of deletion.
If you have objected pursuant to Art. 21(1) GDPR, a balancing of interests must be carried out. Until it is determined whose interests prevail, you have the right to restrict the processing of your personal data.

If you have restricted the processing of your personal data, such data may—apart from being stored—only be processed with your consent, or for the establishment, exercise, or defence of legal claims, or to protect the rights of another natural or legal person, or for important public interests of the EU or a member state.

3. Data Collection on Our Website

Cookies

Some of our website pages use cookies. Cookies do not harm your device and do not contain viruses. They serve to make our offering more user-friendly, effective, and secure. Cookies are small text files stored on your device by your browser.
The majority of the cookies we use are “session cookies,” which are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can configure your browser to notify you about setting cookies, allow cookies only in individual cases, exclude cookies for certain cases or in general, and enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
Cookies necessary for electronic communication processes or for providing certain functions requested by you (e.g., shopping cart functionality) are stored based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in storing such cookies to ensure technically correct and optimized service. Other cookies (e.g., for analyzing your surfing behavior) are addressed separately in this privacy policy.

Server Log Files

The provider of this website automatically collects and stores information in server log files, which your browser automatically transmits to us. These include:

Browser type and version
Operating system used
Referrer URL
Hostname of the accessing device
Time of server request
IP address

This data will not be merged with other data sources.
The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website.

Contact Form

If you submit inquiries via the contact form, your information from the form, including the contact details you provide, will be stored by us for processing the inquiry and for follow-up questions. We do not share this data without your consent.
Processing of this data is based exclusively on your consent (Art. 6(1)(a) GDPR). You may withdraw this consent at any time. A simple email to us is sufficient. The legality of data processing carried out before the withdrawal remains unaffected.
Data you enter in the contact form will remain with us until you request deletion, revoke your consent, or the purpose for storing the data no longer applies (e.g., completed processing of your inquiry). Mandatory statutory retention periods remain unaffected.

Processing of Data (Customer and Contract Data)

We collect, process, and use personal data only to the extent necessary for establishing, structuring, or modifying a legal relationship (inventory data). This is done based on Art. 6(1)(b) GDPR, which permits the processing of data to fulfil a contract or pre-contractual measures.
Personal data regarding the use of our website (usage data) is collected, processed, and used only as necessary to enable the user to utilize the service or to process billing.
Customer data is deleted after completion of the order or termination of the business relationship. Statutory retention requirements remain unaffected.

Note on Hosting via Wix.com

Our website is hosted on the platform Wix.com Ltd.
Provider: Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel.
Wix stores personal data on servers in the EU, the USA, or Israel.
Data transfer to the USA is based on the EU–US Data Privacy Framework (DPF), for which Wix is certified.
Wix provides the technical infrastructure, security systems, and storage for data collected via this website, including cookies, log files, form data, and usage data.
We have a Data Processing Agreement with Wix pursuant to Art. 28 GDPR.

Use of Wix Cookies

Our website uses cookies that are automatically set by Wix.
These serve website functionality, security, and analytics.

Essential Wix cookies include, among others:

XSRF-TOKEN – security token
hs – session & security cookie
svSession – user identification for login areas
SSR-caching – indicates how the site was rendered
_wixCIDX / _wix_browser_sess – system & session management
consent-policy – stores cookie preferences

Additional cookies may be set depending on features used (e.g., analytics, marketing, shop functionality).
You can manage or disable cookies via your browser settings.

Wix Analytics

Our website uses the integrated analytics features of Wix.com.
Wix collects:

pages viewed
session duration
device and operating system used
anonymized geographic data
date and time of visits

The data is used solely for statistical purposes and to improve user experience.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

Content Delivery Network (CDN) & Security Systems

Wix uses a global CDN to deliver this website quickly and securely.
Technical access data is processed by CDN servers.
Wix additionally uses:

DDoS protection
Web application firewalls
automated security checks

These measures protect the website and data transmission.
Legal basis: Art. 6(1)(f) GDPR.

Wix Forms (Contact Form and Other Forms)

When you use any form (e.g., contact request, newsletter signup, booking forms), the data you enter is stored on Wix servers.

Depending on the form, the following may be collected:

Name
Email address
Phone number
Message text
technical metadata (e.g., timestamp, anonymized IP)

We use this data exclusively to process your request.
Legal basis: Art. 6(1)(a) GDPR (consent).
You may withdraw consent at any time via email.

Newsletter Distribution via Wix (if used)

We use Wix Ascend for newsletter distribution.
If you sign up, Wix stores:

Name
Email address
technical delivery data
open and click rates (for statistical purposes)

Legal basis: Art. 6(1)(a) GDPR.
You can unsubscribe at any time via the link in the newsletter.

Wix Bookings / Online Appointment Booking

If you book appointments via our website, the following data is processed:

Name
Email address
Phone number
booked service
appointment time

This data is stored in our Wix account and used exclusively for scheduling.
Legal basis: Art. 6(1)(b) GDPR (contract / pre-contractual measures).

E-Commerce / Payment Service Providers

If you purchase or pay for products via our website, additional data may be processed by:

Wix Payments
PayPal
Stripe
Klarna

Each provider has its own privacy policy referenced during checkout.
Legal basis: Art. 6(1)(b) GDPR.

Social Media Integrations (Instagram, Facebook, etc.)

If social media plugins or icons are embedded, data may be transferred to the respective provider when clicked.

Before clicking: no personal data is transmitted.
After clicking: data transfer occurs.

Possible providers include:

Meta Platforms (Facebook, Instagram)
TikTok
YouTube
Pinterest

Legal basis: Art. 6(1)(f) GDPR.

CASA ANTARIS
A light project of the spiritual world

realized by Barbara Kornprat