Privacy Policy and Data Protection

Last updated: 1. sept. 2025

​

​

1. Purpose of the Privacy Policy

The purpose of this Privacy Policy is to inform users of the website www.thewaysofconnection.com (the “Website”) about the collection, processing, protection, and storage of their personal data.

The data controller respects your privacy and is committed to handling personal data carefully, in accordance with applicable law, especially the EU General Data Protection Regulation (GDPR) and Slovenian legislation.

By using our Website, you acknowledge that you have read and understood this Privacy Policy. The Privacy Policy may be updated at any time without prior notice. Changes take effect upon publication on the Website, with the “Last updated” date displayed above.

 

2. Data Controller

The data controller is:
 

ILLUMINA way

Gerbičeva 14, SI-1000 Ljubljana, Slovenia

nadja@thewaysofconnection.com

 

If you have any questions about this Privacy Policy or about the protection of your personal data, you can contact us at nadja@thewaysofconnection.com.

 

3. What is Personal Data

Personal data is any information that identifies you as an individual, such as your first and last name, address, email address, phone number, payment details, IP address, or any other information relating to you as an identifiable person.

​

4. Personal Data We Collect

We collect and process two categories of personal data:

 

a) Provided Information (data you give us directly):

• Basic personal data (name, surname)

• Contact information (address, email, phone number)

• Demographic data, interests, and preferences

• Your birth details

• Payment and financial information (billing address, bank/credit card details)

• Business information (company name, business model, goals)

• Information you voluntarily provide via forms, surveys, applications, or email

• Data related to orders, invoices, and subscriptions

• Content of your messages (date, time, and details of communication)

 

b) Device Information (data we collect automatically):

When you use our Website, we automatically collect technical data, including:

• IP address, browser type, time zone, and device type

• Log files (pages viewed, referring/exit pages, date and time of visits, ISP details)

• Cookies (small data files placed on your device, often including a unique identifier)

• Web beacons, tags, and pixels (to track interactions and measure marketing campaigns)

• Referral sources (websites or search terms that directed you to us)

• Information about your interactions with the Website

 

c) Specific Scenarios:

• Purchases: we collect order and invoice data.

• Newsletters: we collect your name, surname, and email.

• Affiliate tracking: we may record which affiliate referred you to us in order to calculate commissions.​

 

5. Legal Bases for Processing

We process personal data on the following legal grounds:

• Fulfillment of contractual obligations

• Compliance with legal obligations

• Your consent

• Our legitimate interests (e.g., improving services, preventing fraud, direct marketing)

 

6. Purposes of Processing Personal Data

We process personal data for specific, explicit, and lawful purposes, including:

• Processing inquiries, orders, and purchases

• Processing payments and preventing fraud

• Fulfilling contractual obligations

• Improving and optimizing the Website (analytics, performance monitoring)

• Marketing activities and informing you about offers, events, and updates

• Profiling for personalized communication and offers

• Tracking affiliate referrals to calculate commissions

• Ensuring website functionality and security

 

7. Direct Marketing and Profiling

With your consent, we may use your personal data for direct marketing via email, post, or other channels.

Marketing messages may be personalized through profiling, which involves grouping users according to interests, visits, and responses, so that you receive more relevant content.

You may unsubscribe at any time (see Section 14).

 

8. Data Retention

• Data processed based on consent is retained until consent is withdrawn.

• Data processed based on contracts or legal obligations is retained in line with legal requirements (e.g., accounting records for 10 years).

• Contract-related data is retained until termination of the contract and for 5 years thereafter.

• Device data (cookies, logs, pixels) is retained for as long as necessary to fulfill the purposes stated or as required by law.

After retention periods expire, data is permanently deleted or anonymized.

 

9. Data Security

We use appropriate technical and organizational measures to protect your personal data, including:

• Secure access control, firewalls, and encryption

• Backups and monitoring systems

• Limiting access to authorized staff and trusted processors only

• Cooperation exclusively with processors that provide adequate data protection guarantees

We process and store your data using the following providers:

• Wix

• Kajabi

• Stripe

• Convertkit

• MailerLite

• Paypal

• Instagram

• Facebook

 

Please visit their individual websites for information on the physical location of their servers where your information is stored.

While we apply strong security measures, no internet transmission can be guaranteed 100% secure. You submit your data at your own risk.

In the event of a data breach, the supervisory authority will be notified unless the breach is unlikely to pose a risk. If the risk is significant, affected individuals will also be informed.

 

10. Cookies, Analytics, and Advertising

Our Website uses cookies and similar technologies (Google Analytics, web beacons, pixels) for:

• Ensuring website functionality

• Improving user experience

• Monitoring traffic and statistics

• Conducting marketing and advertising campaigns

We may also use your data for behavioral advertising, showing you targeted ads based on your browsing activity.

You can manage or disable cookies via your browser. More information on cookies is available at: http://www.allaboutcookies.org

For targeted advertising, you may opt out here:

• Meta (Facebook/Instagram): https://accountscenter.facebook.com/ads

• Google: https://www.google.com/settings/ads/anonymous

• Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

 

11. Data Sharing

We do not sell your data. Personal data may be shared only with:

• Contracted processors: IT providers, delivery companies, email management systems, payment processors (e.g., Stripe, PayPal), analytics providers (e.g., Google), affiliate tracking tools, and client management systems.

• Authorities: when required by law or to protect our rights.

If data is transferred outside the EU/EEA (e.g., to the U.S.), we ensure appropriate safeguards (such as Standard Contractual Clauses) are in place.

 

12. Individual Rights

Under GDPR, you have the right to request:

• Confirmation whether we process your personal data

• Access to your personal data and copies

• Correction or completion of data

• Deletion (“right to be forgotten”)

• Restriction of processing

• Objection to processing (including direct marketing)

• Data portability

• Withdrawal of consent at any time

We will respond to your requests without undue delay, within legal deadlines. For security, we may verify your identity before fulfilling requests.

You also have the right to lodge a complaint with your local supervisory authority (e.g., the Information Commissioner in Slovenia).

 

13. Freedom of Choice

You decide what data to provide. If certain data is not provided, some services (e.g., purchases, newsletters) may not be available.

 

14. Withdrawal of Consent

You can withdraw your consent at any time by:

• Clicking the unsubscribe link in emails

• Sending a request to [Company Email]

Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

 

15. Third-Party Websites

This Privacy Policy applies only to our Website. We are not responsible for the privacy practices of other websites to which we may link. We encourage you to read the privacy policies of those third-party websites.

• WIX: https://www.wix.com/about/privacy

• Newsletter Manager MailerLite https://www.mailerlite.com/legal/privacy-policy

• Credit Card Payments via Stripe https://stripe.com/privacy

• Payments via PayPal https://www.paypal.com/legalhub/paypal/privacy-full

• Instagram https://privacycenter.instagram.com/policy

• Facebook https://www.facebook.com/privacy/policy/

 

16. Complaints

If you have any complaints regarding the use of your personal data, please contact us at nadja@thewaysofconnection.com  so we can resolve the matter.

EU residents may also lodge a complaint with the relevant supervisory authority.

 

17. Changes to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in practices, technology, or legal requirements. Any updates will be published on the Website with a new “Last updated” date.

We encourage you to review this Privacy Policy periodically. Continued use of our Website after updates means you accept the revised terms.