Skip to main content

Privacy Policy

Last Updated: March 14, 2026

1. Introduction & Controller Identity

This Privacy Policy explains how dmexadsnr (“we”, “us”, or “our”) collects, uses, and protects your personal data when you visit this website and when you contact us about our vegetable growing courses.

The data controller for personal data processed in connection with this website is dmexadsnr Education s.r.o., with its registered address at Na ZámostĂ­ 757, 735 43 Albrechtice, Czech Republic. You can contact us at [email protected] or by phone at +420 596 541 872.

This Privacy Policy is effective as of March 14, 2026. It should be read together with our Cookie Policy, which explains cookie categories and how to manage cookie choices.

2. Personal Data We Collect

We collect personal data that you choose to provide and data that your browser shares when you access a website. The exact data depends on how you use the site (for example, browsing pages versus submitting a form).

  • Identity and contact data: name, email address, and (if you contact us by phone) phone number.
  • Form content: the information you enter into a form (for example, questions about course timing, greenhouse use, or the type of space you grow in).
  • Technical data: IP address, browser type and version, device type, operating system, and language settings.
  • Usage data: pages viewed, time spent on pages, clicks, and referrer information (the page you came from).
  • Cookies and identifiers: cookie IDs and similar browser identifiers used to remember preferences and measure site performance (details in Section 4).
  • Conversion events: events such as successful form submissions, which help us measure whether the site is functioning and whether our content is useful.

We do not intentionally collect special-category data (such as health information, religious beliefs, political opinions), financial account details, or government identification numbers through this website. Please do not include sensitive information in free-text messages.

3. Why We Process Your Data & Legal Basis (GDPR Article 6)

We process personal data only where we have a lawful basis and a clear purpose. Depending on the situation, we rely on one or more of the following bases under GDPR and UK GDPR:

  • Contact and registration forms: we process your name and email to respond to your enquiry and provide course intake information. Legal basis: Article 6(1)(b) (steps prior to entering a contract) and, where applicable, Article 6(1)(a) (consent).
  • Analytics: if you choose analytics cookies, we use aggregated measurements to understand how learners navigate the site and where content needs improvement. Legal basis: Article 6(1)(a) (consent).
  • Marketing and remarketing: if you choose marketing cookies, we may measure advertising performance and build audiences for relevant course information. Legal basis: Article 6(1)(a) (consent).
  • Security and fraud prevention: we use technical logs and security controls to keep the site stable and prevent abuse. Legal basis: Article 6(1)(f) (legitimate interests).
  • Legal obligations: where required by law (for example, to respond to lawful requests or maintain mandatory records). Legal basis: Article 6(1)(c).

Automated decision-making: we do not engage in automated decision-making or profiling that produces legal or similarly significant effects on individuals under Article 22 GDPR.

4. Cookies & Tracking

Cookies are small files stored on your device. We also use similar technologies such as pixel tags, and we may measure events server-side in ways that depend on cookie choices. This section summarizes cookie categories used on this site. For a more detailed description, see our Cookie Policy.

Essential cookies (always active)

These are required for basic site functions such as session continuity and storing your cookie preference choice. They do not require consent. Examples include _site_session and cookie_consent. Retention ranges from session to 12 months, depending on the cookie.

Analytics cookies (optional)

If you accept analytics cookies, we may use Google Analytics 4 (GA4) with IP anonymization to understand traffic patterns. Examples include _ga and _ga_XXXXXXXXXX. Analytics data retention is typically set to 14 months.

Marketing cookies (optional)

If you accept marketing cookies, we may use advertising technologies such as Google Ads conversion tracking and Meta Pixel to measure ad performance, attribute conversions, and build audiences (for example, remarketing and lookalike audiences). Examples include _gcl_au, _fbp, and _fbc where applicable.

We do not place third-party tracking scripts until consent is given for the relevant category. You can change your choice at any time using “Manage cookie preferences” in the footer.

5. Consent (EEA/UK)

Users in the EEA and UK receive a consent notice under GDPR/UK GDPR. Marketing and analytics cookies activate only after explicit, informed, freely given consent (Article 6(1)(a)). Your consent choice is recorded in the cookie_consent cookie (typically 12 months).

You may withdraw consent at any time by selecting “Manage cookie preferences” in the footer or by clearing cookies in your browser. Withdrawal does not affect the lawfulness of processing that occurred before you withdrew consent (Article 7(3)).

6. Sharing With Advertising & Service Partners

We use trusted service providers to operate and improve the site. Depending on your cookie choices and how you contact us, we may share limited personal data with the partners below for the purposes described:

We do not sell personal data. Where advertising partners process data, it is used for measurement and audience functions that you control via cookie preferences. We do not permit providers to use site data for their own independent commercial purposes.

7. International Transfers

Some service providers (such as Google and Meta) may process data outside the EEA/UK, including in the United States. Where applicable, transfers may rely on the EU-U.S. Data Privacy Framework (and the UK Extension and Swiss-U.S. framework where relevant), or on Standard Contractual Clauses (EU 2021/914) as a fallback. For UK transfers, the UK IDTA may also be used as a fallback mechanism.

We take steps to ensure appropriate safeguards are in place for international transfers, including contractual protections and, where relevant, technical and organizational measures.

8. Data Retention

We keep personal data only as long as necessary for the purposes described in this policy:

  • Contact submissions: typically retained for up to 2 years from the last interaction, to maintain conversation history and provide continuity.
  • Analytics: typically retained for up to 14 months (provider configuration), then aggregated or deleted.
  • Marketing cookies: retained according to cookie lifetimes (for example, 90 days for certain identifiers).
  • Email correspondence: retained for the duration of the relationship plus 1 year, unless longer retention is needed for legal reasons.
  • Server and security logs: generally retained for up to 90 days unless needed to investigate abuse or incidents.
  • Cookie consent record: may be retained for up to 3 years for audit and compliance purposes.
  • Legal obligations: certain records may be retained for longer periods as required by applicable law.

9. Your Rights (GDPR & UK GDPR)

If GDPR or UK GDPR applies, you have rights over your personal data. These include:

  • Access (Article 15): request a copy of your personal data.
  • Rectification (Article 16): correct inaccurate or incomplete data.
  • Erasure (Article 17): request deletion in certain circumstances.
  • Restriction (Article 18): limit processing in certain circumstances.
  • Portability (Article 20): receive data you provided in a structured format.
  • Objection (Article 21): object to processing based on legitimate interests.
  • Withdraw consent (Article 7(3)): where processing is based on consent.
  • Lodge a complaint (Article 77): complain to a supervisory authority.

To exercise your rights, contact us at [email protected]. We aim to respond within 30 days. If a request is complex, we may extend by up to 60 additional days and will explain why.

Supervisory authority references: https://edpb.europa.eu (EU overview), https://ico.org.uk (UK), https://cnil.fr (France), https://uodo.gov.pl (Poland), https://aepd.es (Spain).

10. Children

This site is not directed at individuals under 16. We do not knowingly collect personal data from minors. If we learn that we have collected personal data from a child under 16 without appropriate consent, we will delete it promptly.

11. Do Not Track

This website does not respond to “Do Not Track” (DNT) browser signals. Some third-party providers may have their own handling of such signals according to their policies.

12. Data Deletion Requests

You can request deletion of your personal data by emailing [email protected] with the subject line “Data Deletion Request”. We may need to verify your identity before completing the request. We aim to complete deletion within 30 days, except where limited retention is required by law.

13. Business Transfers

In a merger, acquisition, asset sale, financing, or insolvency, personal data may be transferred to a successor entity. If such a transfer materially changes how personal data is used, we will provide notice on the website.

14. California (CCPA / CPRA)

This section applies to California residents where the California Consumer Privacy Act (CCPA), as amended by the CPRA, is applicable.

Categories disclosed (past 12 months):

  • Identifiers (such as name, email, IP address, cookie IDs): used for customer support and measurement; shared with service providers and, if marketing is enabled, advertising partners.
  • Internet/network activity (such as browsing activity on this site): used for analytics and site improvement; shared with analytics providers if enabled.
  • Inferences (such as interests inferred from pages viewed): used for advertising relevance if marketing cookies are enabled.

We do not sell personal information as defined by CCPA. We may share data for cross-context behavioral advertising when marketing cookies are enabled. California residents may opt out via the cookie preferences panel accessible from the footer (“Manage cookie preferences”).

Your rights: you may have rights to know, delete, correct, and opt out of sale/sharing, and to be free from discrimination for exercising these rights. To submit a request, email [email protected] with the subject “California Privacy Request”. We will take reasonable steps to verify identity.

15. Virginia (VCDPA)

Virginia residents may have rights to access, correct, delete, and obtain a copy of personal data, and to opt out of targeted advertising. To submit a request, email [email protected] with the subject “Virginia Privacy Request”.

We do not sell personal data or engage in profiling that produces legal or similarly significant effects. If you disagree with a decision on your request, you may appeal by emailing with the subject “Appeal of Refusal — Privacy Request”. We will respond within 60 days. If unresolved, you may contact the Virginia Attorney General.

16. Nevada

Nevada residents may submit a verified opt-out request by emailing [email protected] with the subject “Nevada Do Not Sell Request”. We do not currently sell personal information under Nevada Revised Statutes Chapter 603A.

17. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or site features. If changes are material, we will provide a prominent notice on the homepage at least 14 days before the new policy takes effect. The “Last Updated” date at the top of this page will change whenever we publish a revision.

18. Contact

If you have questions about this Privacy Policy or how your data is handled, contact: