Privacy Policy

Hermetic World LTD Privacy Policy

Effective Date: 26.12.2023

Introduction:

Welcome to the Hermetic World LTD and it’s websites and applications, such as:

www.hermetik-akademie.com,
mitglied.hermetik-akademie.com,
www.hermetik-akademie.org
www.hermetic-academy.com
member.hermetic-academy.com
www.academia-hermetica.es
afiliado.academia-hermetica.es
www.elias-rubenstein.de
www.elias-rubenstein.com
www.hermetik-international.com
www.hermetics.net

social media profiles, messenger services and other information and communication channels, including our free newsletters, and chat-bots, etc.

This Privacy Policy has been prepared in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR), the California Online Privacy Protection Act (CalOPPA), the California Consumer Privacy Act (CCPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), and the Australian Privacy Act. Our goal is to clearly inform you about our practices regarding the collection, use, and protection of your personal information when you interact with our websites and applications and services. Respecting your privacy is our top priority, and this policy reflects our commitment to protecting your rights and data.

Children’s Privacy (COPPA Compliance): We are committed to protecting children’s privacy. Our websites and applications do not knowingly collect, use, or disclose personally identifiable information from children under the age of 13 without parental consent. If a parent or guardian believes that we have inadvertently collected such information, they should contact us to remove it and opt out of all related services.

Section 1: Information about us as the controller

Responsible for the processing of personal data on our websites and applications is:

Hermetic World LTD Limnaria 1 Westpark Village, Shop 208042 Paphos, Cyprus

E-Mail: office12(at)hermetik-akademie.org

If you have any questions about data protection and privacy, please contact us using the contact information provided. We are committed to ensuring that your personal data is handled responsibly and in accordance with the law, in accordance with applicable data protection laws.

Section 2: Automatic data storage

When you visit our websites and applications, certain information is automatically collected and stored by our web server. These include:

  • The address (URL) of the web page you accessed.
  • Your browser type and version.
  • The operating system used.
  • The referrer URL (the previously visited page).
  • The hostname and IP address of your device.
  • Date and time of your visit.

This information is recorded in web server log files, usually stored for two weeks and then automatically deleted. We assure you that this data will not be disclosed to third parties – with the exception of the options described in our General Terms and Conditions or this declaration-, except as necessary in the event of an internal or external (e.g. legal) investigation.

International Data Transfers

Cross-border data handling: As part of our global operations, we may transfer personal data across international borders. These transfers will be made in accordance with applicable data protection laws.

Safeguards for international transfers: We ensure that all data transfers outside the European Union are protected by appropriate data protection measures, such as standard contractual clauses approved by the European Commission or other legal mechanisms that provide an equivalent level of data protection to that in the EU.

Section 3: Cookies and Automatic Data Collection

How we use cookies: Our websites and applications use cookies and other technologies to collect information as you navigate through it. A cookie is a small text file that is stored on your device when you visit our websites and applications. Cookies are vital for various websites and applications functions and improve the user experience by remembering preferences and settings.

These include:

  • Usage Information: Details such as pages visited, frequency of access, length of stay, and referring websites and applications.
  • Location information: Determined by your IP address.
  • Device information: hardware model, operating system, browser specifics, and your settings.

Types of cookies on our websites and applications:

  1. Essential cookies: For the security and functionality of the websites and applications.
  2. Functional cookies: To improve functionality and diagnose errors.
  3. Analytics cookies: To carry out websites and applications data analysis.

Cookie categories:

  • First-party cookies: Essential for the functionality of the websites and applications, created and managed by us.
  • Third-party cookies: For analytical purposes, such as those used by Google Analytics.

Cookie management: You can control cookie settings through your browser. However, disabling cookies may affect your websites and applications experience.

Use of the Borlabs cookie plugin: Our websites and applications use the Borlabs cookie plugin for cookie management. This tool allows you to select and consent to certain types of cookies to ensure better control over your data. Borlabs Cookie itself does not process any personal data.

Section 4: Handling of Personal Data

Collection of personal information:  Our websites and applications collect personal information such as names, E-Mail addresses, mailing addresses, and other relevant information that you provide when filling out forms or commenting on our blog. We collect this information, along with the time of submission and your IP address, only for the purposes specified.

Data Storage and Hosting: Our websites and applications and data are hosted on Amazon Web Services (AWS) servers. AWS is known for its robust security measures and compliance with industry-standard data protection regulations. For more information about AWS’s data security practices, please see AWS’s Privacy Policy.

International Data Transfers:  We handle international data transfers in accordance with the GDPR and other relevant data protection laws. Data transferred outside the European Union will be protected by appropriate measures to ensure a level of data protection comparable to EU standards.

Handling of Financial Data: We collect financial data, such as payment methods or banking details, to facilitate transactions on our websites and applications, including purchases and refunds. Most of this data is processed by our payment processors Stripe and PayPal. We only store limited financial data. For information about how Stripe and PayPal use and protect your financial information, please see their privacy policies: Stripe’s Privacy Policy and PayPal’s Privacy Policy.

Data security and confidentiality: We are committed to keeping your personal data secure. It is our business policy to treat your data with the utmost confidentiality, and not to disclose your data to third parties unless it is necessary for the purpose for which you provided it or cases of internal or external investigation or legal necessity.

Use of personal data:  The personal data you provide will be used exclusively for the purposes for which it was collected: to facilitate our communication with users seeking contact, to process requests for services and products available on our websites and applications and to enable and facilitate users’ access to the services we offer.

Email Communications and Data Security: Although we provide secure forms for the submission of personal information on our websites and applications, please note that these submissions are forwarded from these applications via email.

Use of aMember for membership management: We use aMember, a member account software, for the efficient billing and management of our customers’ personal data. aMember helps to optimize our subscription services and handle customer data securely. For more information about how a member manages and protects user data, please visit aMember’s information page.

Data Breach Notification Procedure

Commitment to Data Security: Although we take every precaution to protect user data, in today’s high-tech world, errors and/or misuse are possible. Therefore, in the unlikely event of a data breach, we are committed to notifying data subjects immediately and in accordance with applicable law.

Data Breach Notification: In the event of a data breach, we are committed to providing prompt notice to data subjects in accordance with applicable laws. You will be informed of the nature of the breach, the data involved, and the actions taken in response.

Section 5: Measures for data security

Secure data transfer: We use HTTPS and TLS encryption, a robust protocol that ensures the secure transmission of your data over the internet. You can recognize this by the lock symbol in the address bar of your browser, which indicates an encrypted connection.

Privacy strategies: Our commitment to data security goes beyond transmission. We use various measures, such as:

  • Regularly updating and patching our systems to protect us from vulnerabilities.
  • We maintain access controls to ensure that only employees service providers who need to handle personal data for their job duties have access to it. This is managed through individual user accounts and strong passwords.
  • Use of firewalls and intrusion detection systems to prevent unauthorized access.

On-demand security audits:  We conduct security audits to identify and remediate potential vulnerabilities in line with our privacy commitments. These checks are carried out on the basis of necessity to ensure the continuous protection of personal data.

Section 6: Use of Third-Party Services and Analytics Tools

TLS encryption and HTTPS:  We prioritize data security through the use of HTTPS and TLS, a protocol for secure data transmission that ensures the protection of your confidential information on the Internet.

Amazon Affiliate Program: We participate in the Amazon Affiliate Program, an initiative that allows us to host Amazon ads and affiliate links on our websites and applications. Through these links, we earn commissions on qualifying purchases that help support our websites and applications. The Amazon Affiliate Program uses cookies to track user activity for affiliate marketing purposes. These cookies are essential for the operation of the program, as they allow Amazon to track the origin of orders and manage advertising compensation. For detailed insights into Amazon’s handling of data collected through this program and related privacy considerations, please refer to Amazon’s Privacy Policy.

Amazon Web Services (AWS) Products: We use various Amazon Web Services (AWS) products for hosting, storage, and other cloud-based services. AWS may collect and process data in order to provide these services in compliance with its Privacy Policy. This integration ensures a reliable and secure infrastructure for our digital operations.

Borlabs Cookie Integration: Our websites and applications use Borlabs Cookie, a solution designed for WordPress sites, to manage user consents for cookies. Borlabs Cookie does not store any personal data. The information stored in the borlabs cookie includes the cookie lifetime, the cookie version, the domain and path of our websites and applications, user consents, and a randomly generated UID, which is not personal data. This tool ensures compliance with privacy regulations by efficiently managing cookie consents. You can find more information about Borlabs Cookie on the official websites and applications.

Cloudflare integration: We use Cloudflare to improve websites and applications performance and security. Cloudflare uses a variety of cookies for different purposes. Cloudflare may collect certain data about your visit, such as IP addresses and security fingerprints, which will be maintained in accordance with their Privacy Policy. This data helps optimize websites and applications delivery and protect against malicious activity. For detailed information, see Cloudflare cookies.

GetResponse for newsletter service: We use GetResponse to send and analyze our newsletters. It uses cookies and other technologies to monitor interactions, such as E-Mail open rates and link clicks, and collects data such as IP addresses, operating systems, and E-Mail retrieval times. Your data will only be used to send newsletters, based on your consent in accordance with Art. 6 (1) (a) GDPR and in accordance with CalOPPA, CPPA, PIPEDA and the Australian Data Protection Act. For more information about how GetResponse handles data, please see the GetResponse Privacy Policyand the GetResponse Cookie Policy. Your data will be kept until you log out. You can revoke your consent at any time by clicking on the unsubscribe link in the newsletter or by sending us an E-Mail to office12(at) hermetik-akademie.org

Google Ads Conversion Tracking: We use Google Ads conversion tracking to optimize our advertising efforts. This tool tracks the actions users take after clicking on our ads and allows us to analyze the performance and impact of our marketing campaigns. The data collected helps us refine our advertising to better tailor it to users’ interests and needs. Detailed information on how Google handles this data and the associated impact on data protection can be found in the privacy policy on Google Ads conversion tracking and data protection of Google Ads.

Google AdSense: Our websites and applications uses Google AdSense, a service that displays contextual ads tailored to the content and interests of our users. These ads are selected and managed by Google’s advanced algorithms to ensure that the advertising content is closely aligned with the interests of our audience. Google AdSense uses various cookies for advertising purposes. The cookies serve several purposes related to advertising, such as .dem serving and rendering ads, personalizing ads based on user preferences, limiting the number of times an ad is displayed, muting ads to be stopped by the user, and measuring the effectiveness of ads. For more detailed information about how Google manages data in AdSense and respects user privacy, please see the Google AdSense Privacy Policy.

Google Analytics for websites and applications analytics: We use Google Analytics to evaluate user interactions on our websites and applications. This service uses cookies to track user behavior, such as session duration and pages visited, which helps us improve our websites and applications and marketing strategies. Google manages this data in accordance with its own privacy policy. We have taken measures, including IP anonymization, to protect your privacy. For detailed insights into Google’s data practices and your privacy choices, please  refer to the Google Analytics Privacy Policy  and the use of Google Analytics cookies.

Google reCAPTCHA implementation: Google reCAPTCHA helps us provide a safe online experience for our users. Google reCAPTCHA is a security service used on websites and applications to protect against spam and abuse. It analyzes user behavior and data to determine whether the user is a human or a bot. While specific cookies used by reCAPTCHA are usually not described in detail, reCAPTCHA is known to collect user data such as IP addresses and interaction data (such as mouse movements and typing patterns) for security analysis. The processing of this information is carried out in accordance with Google’s privacy policy to ensure that user data is handled responsibly. reCAPTCHA plays a key role in maintaining the security of online experiences on websites and applications that implement it.

Google Tag Manager: Our websites and applications uses Google Tag Manager to efficiently integrate and manage various tracking tools. This service allows us to seamlessly embed and update tracking codes, making it easier to collect and analyze key user interaction data across the site. Google Tag Manager itself does not collect any personal data; Rather, it allows for the effective use of other tracking tools. For a deeper understanding of how Google Tag Manager works and handles data, please refer to the Google Tag Manager Privacy Notice.

Instagram integration: We integrate Instagram features on our websites and applications to improve user engagement and showcase our social media content. This includes viewing our latest posts or being able to share content directly on Instagram. Instagram, as part of Meta Platforms, Inc., may collect data for analytics and advertising purposes when you interact with these features. To learn more about Instagram’s data practices and how we handle user privacy, please see Instagram’s Data Policy.

LinkedIn integration: Our websites and applications include LinkedIn features to support professional networking and content sharing, such as LinkedIn share buttons and displaying our LinkedIn content. Your interactions with these features may result in LinkedIn collecting data for analysis and customization. LinkedIn uses cookies to improve user experience, track analytics, and personalize content. To learn more about the specific cookies used by LinkedIn, you can visit their cookie table for detailed information. For a detailed understanding of LinkedIn’s data processing practices, please refer to LinkedIn’s Privacy Policy.

Meta Pixel: We implement Meta Pixels on our websites and applications to refine our advertising strategies and present you with tailored ads on social media based on your browsing activity. This tool tracks your interactions after you click on a Facebook ad and uses cookies to analyze the effectiveness of ads. Although we do not directly access this data, it is managed and used by Facebook, which may link this information to your Facebook account in accordance with Facebook’s Privacy Policy for Advertising Activities. You can manage your advertising preferences through Facebook Ad Settings and Off-Facebook Activity. If you’re not a Facebook user, you can opt out of Facebook ads through the Digital Advertising Alliance.

Microsoft Copilot Chatbot Integration: We’re integrating Microsoft Copilot for Microsoft 365 into our digital operations. This AI-driven tool assists with various tasks by processing prompts and responses within the Microsoft 365 environment. Copilot may collect and process interaction data, including user prompts and responses, to provide efficient and relevant support. Copilot adheres to its privacy, security, and compliance obligations. It is compliant with GDPR and EU data protection regulations. The collected data is securely stored within the Microsoft 365 service boundary to ensure compliance with privacy and security. Microsoft Copilot uses Azure OpenAI services for processing, which are separate from OpenAI’s public services. The stored data, which includes users’ prompts and Copilot’s responses, helps provide a history of interactions. This data is not used to train basic Large Language Models (LLMs) used by Microsoft Copilot. For more information about Copilot’s data processing practices, please refer to Microsoft’s Data, Privacy, and Security Policy for Copilot.

Microsoft Teams integration: We use Microsoft Teams for online meetings and collaboration. Teams collects data related to your usage, such as meeting attendance and technical data, which is managed in accordance with the Microsoft Privacy Policy. This information helps to enable seamless collaboration. You can adjust your Teams privacy settings within the app.

Pinterest integration: We use Pinterest features on our websites and applications to improve visual engagement and content sharing. This integration allows users to directly access our Pinterest content and share it on their own boards. Pinterest may collect data from these interactions for analytics and personalized advertising. For more information about Pinterest’s data collection and privacy practices, please see Pinterest‘s Privacy Policy  and Pinterest’s cookies.

Telegram Messenger integration: Our websites and applications includes features of Telegram Messenger to offer direct communication channels and content sharing options. Through this integration, users can easily share content from our websites and applications with their Telegram contacts or groups. When interacting with Telegram’s features, certain user data may be collected by Telegram for operational and analytical purposes. Detailed information on how Telegram handles user data and its privacy obligations can be found in Telegram’s privacy policy.

TikTok integration: Our websites and applications include features from TikTok to engage users and share unique content. This integration may include displaying our TikTok content or enabling direct sharing on TikTok. TikTok, as a social media platform, may collect user data for purposes such as analytics and targeted advertising when you interact with these features. To understand how TikTok processes and manages this data and how they advocate for user privacy, we encourage you to read TikTok’s privacy policy.

Wordfence for websites and applications security: We use Wordfence to increase the security of our websites and applications. Wordfence helps identify and prevent potential security threats by analyzing traffic patterns and user behavior. Although it may collect data related to these activities, it is primarily used to ensure the security and integrity of our websites and applications. Detailed information about how Wordfence manages data can be found in their privacy policy.  Detailed information about Wordfence cookies can be found directly on their websites and applications at this URL: Wordfence and GDPR – General Data Protection Regulation.

YouTube integration: We embed YouTube on our websites and applications to provide engaging video content. This integration may include tracking user interactions with YouTube content embedded on our websites and applications, the use of cookies for analytics, and personalized advertising. YouTube, a platform owned by Google, processes this data, which can be linked to your Google account, as described in YouTube’s privacy policy.You can manage your ad settings and preferences through your Google Ad Settings.

Zoom integration: We use Zoom for virtual meetings and webinars. Zoom may collect data related to your interaction with the Platform, such as participation details and technical information. This data will be managed by Zoom in accordance with its privacy policy. While we don’t directly access detailed usage data, it helps facilitate our online sessions. You can manage your privacy settings and preferences directly through Zoom.

Understanding and Managing Cookies: Service-Specific Information and Browser Settings

Specific information on the types of cookies, how they are stored and how they are deleted can be found on the websites and applications of the respective services that use these cookies. Each service usually has its own section in its privacy or cookie policy that explains the details of the cookies they use, including their purpose, lifespan, and how they affect your browsing experience.

In addition, the management and deletion of cookies is usually handled through the settings of your web browser. Each browser (such as Chrome, Firefox, Safari, Edge) has its own method of managing cookies, which can usually be found in the settings or in the Privacy section. Here you can see which cookies are stored, delete them individually or completely, and adjust your settings for the future storage of cookies. Note that disabling or blocking certain cookies may affect the functionality of some websites and applications.

 Section 7: Contact Information and User Inquiries

Contact Privacy Concerns: If you have any questions or concerns about our privacy practices or your personal information, please contact us at:

  • E-Mail: office12(at)hermetik-akademie.org
  • Postal address: Hermetic World LTD, Limnaria 1, Westpark Village, Shop 20, 8042 Paphos, Cyprus.

Feedback and questions about data protection:  We value your feedback and take your data protection concerns seriously. If you have any questions or need more information about how we handle your personal data, please do not hesitate to contact us.

Section 8: User rights according to GDPR and other data protection regulations

GDPR Rights:

  • Right to rectification (Art. 16 GDPR): rectification of inaccurate personal data.
  • Right to erasure (Art. 17 GDPR): Request the deletion of personal data.
  • Right to restriction of processing (Art. 18 GDPR): Restriction of the processing of your data.
  • Right to information (Art. 19 GDPR): to obtain rectification, erasure or restriction.
  • Right to data portability (Art. 20 GDPR): Retrieve and reuse your data across services.
  • Right to object (Art. 21 GDPR): Objection to data processing.
  • Automated decision-making (Art. 22 GDPR): You must not be subject exclusively to automated decision-making.

CalOPPA & CCPA Compliance: California Residents’ Rights

Data Access and Deletion: Under the California Consumer Privacy Act (CCPA), California residents have the right to request access to their personal information we collect and to request the deletion of their information from our records.

Opt-Out of Data Sales: California residents also have the right to opt-out of the sale of their personal information. We assure you that we do not sell any personal information.

Exercising your rights: To exercise these rights, please contact us using the contact information provided. We will respond to your request in accordance with CCPA guidelines.

PIPEDA Compliance: Rights of Canadian Citizens

Consent and Data Processing: In accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA), we ensure that Canadian citizens receive clear information and consent about how their personal information is collected, used, and disclosed.

Accountability and Privacy Complaints: We are committed to being responsible for the handling of personal information. Canadian citizens have the right to challenge our compliance with PIPEDA, including the way we manage their personal information.

Exercising PIPEDA Rights:  For inquiries or complaints regarding data processing under PIPEDA, Canadian citizens may contact us using the contact information provided.

Compliance with Australian Data Protection Act

Rights under the Act:  In accordance with the Australian Data Protection Act, Australian residents have the right to access their personal information held by us and to correct any inaccuracies.

Complaints and Enquiries: If an Australian resident believes that their privacy has been violated, they have the right to lodge a complaint, which we will deal with in accordance with the guidelines of the Act.

Contact for privacy issues: Australian residents may contact us using the contact details provided if they have any questions or concerns about privacy.

Rights exercised through our websites and applications: You can exercise these rights in relation to your personal data processed by us. If you have any concerns or questions about your data rights, please contact us directly.

Changes to our Privacy Policy

Policy Updates: We reserve the right to change this Privacy Policy. Any changes will be posted on our websites and applications with an updated revision date.

User Notification: We encourage users to periodically review this policy for updates. If material changes are made, we will notify users by E-Mail or by means of a prominent notice on our websites and applications.

Acceptance of Privacy Policy Changes:  By using our websites and applications and services, you acknowledge and accept any changes to this Privacy Policy. We will post any changes on our websites and applications with the updated revision date. Periodic review of this policy is recommended. In the event of material changes, we will notify you by E-Mail or by means of a visible notice on our websites and applications.