Skip to main content

Privacy Policy

This Privacy Policy explains how ejoceanem (“we”) collects, uses, shares, and protects personal data when you visit our website and request information about our Handmade Wool Socks Craft Course.

Last Updated: March 18, 2026

1. Introduction & Controller Identity

This Privacy Policy explains how ejoceanem (“we”, “us”, or “our”) collects, uses, and protects your personal data when you visit our website at ejoceanem.com (the “Site”) and when you submit your information to receive course details or other educational updates about learning knitting and handmade crafts.

For the purposes of applicable data protection laws (including the EU General Data Protection Regulation (“GDPR”) and the UK GDPR where relevant), the data controller is:

  • Ejoceanem Craft Education LLC
  • Registered Address: Dr. E. Beneše 116, ParnĂ­k, 560 02 ÄŚeská TĹ™ebová, Czechia
  • Email: [email protected]
  • Phone: +420 465 501 968

We do not appoint a Data Protection Officer (DPO) because our processing does not involve large-scale monitoring or large-scale processing of special category data. If you have questions about this Policy or our data practices, please contact us using the details above.

Effective Date: February 9, 2026.

2. Personal Data We Collect

We collect personal data in a few straightforward ways: when you provide it to us, when you communicate with us, and when your browser interacts with our Site. The categories below describe what we may collect, depending on how you use the Site.

  • Identity and contact data: name, email address, and (if you contact us by phone) your phone number.
  • Form content: information you submit in forms or emails, such as questions about course modules, your learning goals, or requests for course details.
  • Technical data: IP address, browser type and version, device identifiers, operating system, device language, and time zone settings.
  • Usage data: pages you visit, time spent on pages, navigation paths, referring/exit pages, and interactions such as link clicks.
  • Cookies and identifiers: cookie values and similar identifiers stored on your device (see Section 4).
  • Conversion events: events associated with a request for information, such as submitting a registration form or viewing key pages.

We do not intentionally collect special category data (such as health data, religious beliefs, or political opinions), financial account details, or government-issued identification numbers through this Site. Please do not include sensitive information in free-text messages. If you choose to share it anyway, we will handle it with appropriate care and limit internal access, but it may not be necessary for our educational services.

3. Why We Process Personal Data & Legal Basis

We process personal data only where we have a lawful basis. In the EEA/UK, these bases are described in GDPR Article 6. The table below summarizes our main purposes.

  • Responding to requests and providing course information: When you submit the registration form, we use your name and email to send you course details and respond to your questions. Legal basis: Article 6(1)(b) (steps prior to entering a contract) and Article 6(1)(a) (consent) where required.
  • Analytics and site improvement: If you consent, we use analytics tools to understand which pages are helpful and how visitors navigate our lessons and curriculum information. Legal basis: Article 6(1)(a) (consent).
  • Marketing and advertising measurement: If you consent, we may use marketing cookies to measure advertising performance, attribute registrations, and build audiences for remarketing and lookalike advertising. Legal basis: Article 6(1)(a) (consent).
  • Security and fraud prevention: We use technical logs and security controls to protect the Site, prevent abuse, and diagnose issues. Legal basis: Article 6(1)(f) (legitimate interests), balanced against your rights.
  • Legal and compliance obligations: We may keep certain records to meet legal requirements or respond to lawful requests. Legal basis: Article 6(1)(c) (legal obligation).

Automated decision-making (Article 22): We do not engage in automated decision-making or profiling that produces legal effects or similarly significant effects on you.

4. Cookies & Tracking

Cookies are small text files stored on your device. We also use similar technologies (such as pixel tags and server-side event forwarding) to understand usage and measure conversions. We categorize these tools as Essential, Analytics, and Marketing. Your choices are stored in the cookie_consent cookie and can be changed at any time using “Manage cookie preferences” in the footer.

Essential cookies (always active)

Essential cookies are required for the Site to function reliably. They are set without consent where permitted by law.

  • _site_session for basic session continuity (retention: session).
  • cookie_consent to store your cookie preferences (retention: 12 months).
  • Security-related cookies such as CSRF protection where applicable (retention: session).

Analytics cookies (consent required)

If you opt in, we may use Google Analytics 4 (GA4) with IP anonymization to understand aggregate trends such as page popularity and navigation paths. Example cookies include _ga and _ga_XXXXXXXXXX. Our typical analytics data retention is 14 months.

Marketing cookies (consent required)

If you opt in, marketing cookies may be used to measure advertising performance and to build audiences for remarketing or lookalike campaigns. Examples include _gcl_au (Google Ads) and _fbp/_fbc (Meta). These cookies are commonly retained for 90 days, though exact retention may vary by provider configuration and browser settings.

Beyond cookies, some providers may derive device identifiers from your IP address and user-agent string. If we use server-side measurement (for example, Meta Conversion API or server-side tag management), identifiers may be hashed before transmission where applicable.

5. Consent (EEA/UK)

Users in the EEA and UK receive a consent notice under GDPR/UK GDPR. Analytics and marketing cookies activate only after explicit, informed, freely given consent (Article 6(1)(a)). Your consent choice is recorded in the cookie_consent cookie for up to 12 months.

You can withdraw consent at any time via “Manage cookie preferences” in the footer or by clearing cookies in your browser. Withdrawal does not affect the lawfulness of processing based on consent before it was withdrawn.

6. Sharing With Advertising & Service Partners

We share personal data only when it is necessary to operate the Site, respond to your requests, or measure and improve our marketing and content (where you have consented). We do not sell personal data.

  • Google LLC (Google Analytics 4, Google Ads, Google Tag Manager, remarketing): cookie identifiers, usage data, and conversion events. Privacy policy: https://policies.google.com/privacy
  • Meta Platforms, Inc. (Pixel, custom/lookalike audiences, Conversion API): page views, conversion events, audience membership signals, and where applicable hashed identifiers. Privacy policy: https://www.facebook.com/privacy/policy
  • Cloudflare (content delivery network and security): IP-based threat detection and performance optimization. Privacy policy: https://www.cloudflare.com/privacypolicy/

We do not permit these providers to use Site data for their own independent commercial purposes beyond providing services to us, subject to their platform terms and your consent settings.

7. International Transfers

Some of our service providers (such as Google and Meta) may process data in countries outside the EEA/UK, including the United States. Where transfers occur, we rely on recognized transfer mechanisms, including:

  • EU–US Data Privacy Framework (DPF) (primary mechanism, where applicable, since July 2023)
  • UK Extension to the EU–US DPF
  • Swiss–US DPF (where relevant)
  • Standard Contractual Clauses (EU 2021/914) as a fallback
  • UK International Data Transfer Agreement (IDTA) as a fallback

8. Data Retention

We keep personal data only as long as necessary for the purposes described in this Policy. Typical retention periods are:

  • Contact and registration submissions: up to 2 years from the last interaction.
  • Analytics data: typically 14 months (provider configuration may apply).
  • Marketing cookies: per cookie lifetime (commonly 90 days for certain advertising cookies).
  • Email correspondence: for the duration of the relationship plus 1 year.
  • Server and security logs: typically 90 days unless needed to investigate incidents.
  • Cookie consent record: up to 3 years for audit and compliance evidence (where applicable).
  • Legal/tax records: as required by law (often 6–10 years for certain records).

9. Your Rights (GDPR & UK GDPR)

Depending on your location, you may have rights regarding your personal data, including:

  • Right of access (Article 15)
  • Right to rectification (Article 16)
  • Right to erasure (Article 17)
  • Right to restriction of processing (Article 18)
  • Right to data portability (Article 20)
  • Right to object (Article 21)
  • Right to withdraw consent at any time (Article 7(3))
  • Right to lodge a complaint with a supervisory authority (Article 77)

To exercise your rights, email us at [email protected]. We aim to respond within 30 days. In complex cases, the response time may be extended by an additional 60 days as permitted by law.

Supervisory authority resources: https://edpb.europa.eu (EU), https://ico.org.uk (UK), https://www.uoou.cz (Czech Republic).

10. Children

This Site is not directed to individuals under 16. We do not knowingly collect personal data from minors. If we learn that personal data from a child under 16 has been collected without verifiable parental consent, we will delete it promptly.

11. Do Not Track

This website does not respond to “Do Not Track” (DNT) browser signals. Third-party providers may have their own DNT handling and opt-out mechanisms.

12. Data Deletion Requests

You can request deletion of your personal data by emailing [email protected] with the subject line “Data Deletion Request”. We may ask for reasonable verification to ensure we delete the correct information. We aim to complete deletion within 30 days, except where we must retain certain data for legal compliance.

13. Business Transfers

If we are involved in a merger, acquisition, asset sale, financing, reorganization, or insolvency, personal data may be transferred to a successor entity. If such a transfer materially changes how your personal data is used, we will provide notice on the Site.

14. California (CCPA / CPRA)

This section applies to California residents where the California Consumer Privacy Act (as amended by the CPRA) applies.

In the last 12 months, we may have collected the following categories of personal information: identifiers (such as name, email, IP address, and cookie IDs), internet or other electronic network activity information (such as browsing interactions), and inferences (such as interests or preferences derived from usage for advertising). We disclose these categories to service providers and, where you consent to marketing cookies, to advertising partners for measurement and audience features.

We do not sell personal information as defined by CCPA. We may share personal information for cross-context behavioral advertising when you enable Marketing cookies. California residents can opt out of such sharing using our cookie preferences panel (accessible via “Manage cookie preferences” in the footer).

California rights may include: the right to know, delete, correct, and opt out of sale/sharing; and the right to non-discrimination. To submit a request, email [email protected] with the subject line “California Privacy Request”. We will verify your identity before fulfilling certain requests. Authorized agents may submit requests with written proof of authorization.

15. Virginia (VCDPA)

Virginia residents may have rights to access, correct, delete, and obtain a copy of personal data, and to opt out of targeted advertising. To submit a request, email [email protected] with the subject line “Virginia Privacy Request”.

We do not sell personal data and we do not engage in profiling that produces legal or similarly significant effects. If we decline your request, you may appeal by emailing us with the subject line “Appeal of Refusal — Privacy Request”. We will respond to an appeal within 60 days. If you remain dissatisfied, you may contact the Virginia Attorney General.

16. Nevada

Nevada residents may submit a verified opt-out request by emailing [email protected] with the subject line “Nevada Do Not Sell Request”. We do not currently sell personal information under Nevada Revised Statutes Chapter 603A.

17. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. If we make material changes, we will post a notice on the homepage at least 14 days before the changes take effect, where required. The “Last Updated” date at the top of this page will be updated whenever we revise the Policy.

18. Contact

For privacy questions, requests, or complaints, contact:

Registration

Get the course details and the recommended materials list

Register with your name and email, and we will send the course outline and next steps. This is an educational craft course only; there is no promise of a specific outcome. Progress depends on practice and individual skill development.

Phone +420 465 501 968 Email [email protected]

Address: Dr. E. Beneše 116, Parník, 560 02 Česká Třebová, Czechia

Company ID: 064824136

By submitting, you agree to our Privacy Policy.

We will use your name and email only to respond with course information. We do not sell your data.

Back to top