Privacy Policy

Effective date: 31July 2025This Privacy Policy outlines how Scarlet Rainbows collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other applicable data protection laws.1. Data Controller
Scarlet Rainbows
Nina van Winkle
[email protected]2. Data We Collect
We may collect and process the following types of personal data when you interact with this website:• Name and email address (e.g. when submitting a form or requesting content)
• Email and transactional information (e.g. when purchasing a digital product)
• Basic technical data such as browser type, device model, IP address, and general location (used only for basic security and performance monitoring)We do not collect sensitive personal data.3. Purpose and Legal Basis for Processing
We process your personal data for the following purposes:• To provide access to free or purchased digital content
• To respond to your inquiries or requests
• To send occasional updates or relevant information (only if you have actively opted in)Legal basis for processing is one or more of the following:• Your explicit consent
• Contractual necessity
• Our legitimate interest in maintaining and improving the website and services
• Legal obligations (if applicable)4. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes it was collected for, or as required by law. You may request deletion at any time (see “Your Rights” below).5. Data Sharing
We do not sell or rent your personal data.
In limited cases, your data may be processed by trusted service providers (e.g. hosting, delivery, or form processing platforms) only to the extent necessary to provide the services you've requested. All such providers are required to comply with data protection laws and maintain appropriate safeguards.6. International Data Transfers
Your personal data may be processed or stored in countries outside the European Economic Area (EEA). Under these circumstances, the data protection standards required by GDPR continue to apply. Transfers outside the EEA will only take place if one of the following conditions is met:• The recipient country has been granted an Adequacy Decision by the European Commission, meaning it ensures an equivalent level of protection as the EEA.• Appropriate legal safeguards are implemented, such as Standard Contractual Clauses (SCCs) or other GDPR-recognized mechanisms.
In specific, limited cases, transfers may proceed based on explicit consent or other permitted derogations under GDPR. At all times, your data rights remain enforceable, and suitable protections are maintained.7. Your Rights
Regardless of where you are located, if your personal data is processed by Scarlet Rainbows, you have the following rights:• The right to access the personal data we hold about you
• The right to request correction of inaccurate or incomplete data
• The right to request deletion of your personal data
• The right to restrict or object to processing in certain circumstances
• The right to withdraw consent at any time (where processing is based on consent)
• The right to lodge a complaint with a data protection authority if you believe your data is being mishandledYou may exercise any of these rights by contacting [email protected]8. Data Security
We implement reasonable technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction.9. Cookies and Tracking
This website does not use non-essential cookies or tracking technologies. Any essential cookies used by embedded services are limited to core functionality. We do not use your data for advertising or behavioral tracking.10. Updates to This Policy
This Privacy Policy may be updated periodically. Any material changes will be posted on this page with an updated effective date.Contact
If you have questions or requests regarding this Privacy Policy or your data, please contact:
[email protected]