Privacy Policy

Manual Donkey ("we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website and services, in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

2. Information We Collect

2.1 Information You Provide

When you use our digital services, we collect:

• Account Information: Email address, password (encrypted).
• Purchase Information: Billing details and payment information (processed securely via Stripe).
• Communications: Messages, inquiries, and support requests sent to us via email.
• Newsletter Subscription: Email address (only if you explicitly opt-in).

Note: We do not collect physical shipping addresses or phone numbers for delivery purposes, as we provide digital products only.

2.2 Automatically Collected Information

• Device Information: IP address, browser type, operating system.
• Usage Data: Pages viewed, time spent on pages, and download history.
• Cookies: See Section 7 for details.

3. How We Use Your Information

We process your personal data for the following purposes:

3.1 Legal Basis: Contract Performance

• Delivering purchased digital manuals via email/download links.
• Providing customer support and responding to inquiries.

3.2 Legal Basis: Legitimate Interest

• Improving our website, products, and enhancing server security.
• Preventing fraud.

3.3 Legal Basis: Consent

• Sending marketing communications (if opted-in).

3.4 Legal Basis: Legal Obligation

• Complying with Polish and EU tax/accounting requirements.

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We share data only with trusted service providers:

4.1 Service Providers

• Stripe: Payment processing (PCI-DSS compliant).
• Railway/PostgreSQL: Secure cloud infrastructure and database hosting.
• Transactional Email Providers: To deliver your download links and order confirmations.

4.2 Legal Requirements

Only when required by law or to protect our legal rights.

5. Data Security

We implement industry-standard security measures:

• Encryption: Data transmission uses SSL/TLS (HTTPS). All passwords are hashed.
• Secure Payments: We do not store credit card information on our servers; all transactions are handled by Stripe.
• Access Controls: Access to personal data is restricted to authorized personnel only.

6. Data Retention

• Account & Order Data: Retained for up to 7 years to comply with tax and legal requirements.
• Marketing Data: Retained until you unsubscribe or request deletion.

7. Cookies

We use essential cookies for session management, authentication, and shopping cart functionality. You can manage cookie preferences through your browser settings.

8. Your Rights (GDPR)

Under GDPR, you have the right to access, rectify, or erase your data ("Right to be Forgotten"), restrict processing, and the right to data portability. To exercise these rights, contact us at [email protected].

9. International Data Transfers

Data may be processed outside the EEA (e.g., Stripe, Cloud Hosting). We ensure appropriate safeguards (Standard Contractual Clauses) are in place to protect your information.

10. Contact Us