ACCOUNT
0,00  0

Cart

No products in the cart.

Shop

Privacy Policy and Cookie Policy

Last Updated: 02.06.2025

Privacy Policy

Introduction:
 This Privacy Policy explains how VISUAL ART Katarzyna Kozdra-Baczulis (the "Company", "we", "us" or "our") collects, uses, and protects your personal data when you visit our website and purchase digital products (Photoshop plugins, Lightroom presets) through our WordPress/WooCommerce online store. We are committed to protecting your privacy in compliance with the EU General Data Protection Regulation (GDPR). This Policy also describes your rights regarding your personal data and includes information about our use of cookies and similar technologies. By using our site, you agree to the practices described in this Policy (which includes our Cookie Policy below).

Data Controller Information

The data controller responsible for your personal data is VISUAL ART Katarzyna Kozdra-Baczulis, a company registered in Poland. You can contact us at:

  • Address: ul. Różowa 18/2 70-781 Szczecin

  • Email: hello@va-presets.com

Personal Data We Collect

We only collect personal data that is necessary for specified purposes. The types of personal data we may collect include:

  • Account Registration Data: As required by our Terms of Service, you must create a user account to purchase and access our Digital Products. When you register for an account, we collect, at a minimum, your email address and require you to create a password. We may also ask for your name or other optional details during registration. Your password is stored securely using hashing technology and is not visible to us.

  • Order Information: When you make a purchase, we collect data necessary to process the transaction. This includes your name, billing address, company name and tax ID (if buying as a business), email address, and details of the product purchased. Payment information (such as credit card details or PayPal account) is collected directly by our payment processor – we do not store your full payment card details on our servers.

  • Contact and Support Data: If you contact us for support or inquiries (via email or contact form), we collect your name, email address, and any information you choose to provide in your message.

  • Newsletter Subscription: If you subscribe to our newsletter, we collect your email address (and optionally your name) to send you updates and marketing emails. We use a double opt-in process (you will confirm your subscription via email) to ensure you consent to receiving our newsletter.

  • Automatically Collected Data (Usage Data): When you visit our website, certain data is collected automatically by our web server and third-party services. This may include your IP address, browser type, device information, operating system, referral URL, pages viewed, and the dates/times of access. We also use cookies and similar tracking technologies (explained in our Cookie Policy) to collect information about your interactions with the site. For example, we use Google Analytics to gather anonymous statistics on site usage (page views, clicks, etc.) and Google Ads cookies for advertising/remarketing purposes. These tools may collect technical identifiers (like cookie IDs and device IDs) and usage data.

  • Anti-Spam/Security Data: Our site uses Google reCAPTCHA and similar tools to prevent spam and abuse. When you interact with features like forms or login, these tools may automatically collect hardware and software information (such as device and application data) and send it to Google for risk analysis. This can include IP address and user behavior data needed to distinguish bots from legitimate users.

We do not intentionally collect any sensitive personal data (such as race, religion, health, etc.), nor do we knowingly collect data from children (see Children’s Privacy below). Our store is intended for adults and businesses.

Purposes and Legal Bases for Processing

We process your personal data only for specific purposes and in accordance with the legal bases allowed under GDPR Article 6. The purposes for which we process data, and their corresponding legal bases, are:

  • To Create and Manage Your User Account: We process your Account Registration Data to create your account, enable secure login, manage your profile, associate purchases with your account, and provide access to your purchased Digital Product downloads via your account dashboard as described in our Terms of Service. Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)). Creating and maintaining the account is necessary to provide the core service you requested (purchasing and accessing digital products).
  • To Fulfill Orders and Provide Services: We use your Order Information to process transactions, deliver the digital products you purchased, provide receipts/invoices, and communicate with you about your order (e.g. order confirmations, download links, or support related to your purchase). Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)) – this processing is necessary to fulfill the sales contract with you. If you do not provide this data, we cannot process your order.

  • To Comply with Legal Obligations: We retain transaction records, invoices, and certain personal data in order to meet accounting, tax, and other legal obligations. For example, under Polish and EU law, we must keep invoice data for a minimum of 5 years from the end of the fiscal year. This may include your name, purchase details, and billing information. Legal Basis: Compliance with a legal obligation (GDPR Art. 6(1)(c)). We may also disclose data if required by law (e.g. responding to lawful requests by tax authorities or courts).

  • Customer Support and Communication: If you contact us with questions, support requests, or feedback, we will use your contact data to respond and resolve issues. Legal Basis: Our legitimate interest in providing effective customer service and ensuring customer satisfaction (GDPR Art. 6(1)(f)) or, in some cases, it may be considered a pre-contractual step at your request (Art. 6(1)(b) for inquiries leading to a purchase). We only use this data to assist you and do not use it for marketing unless you have given consent.

  • Newsletter and Marketing Emails: If you have subscribed to our newsletter (or agreed to receive marketing communications), we will use your email to send you our newsletter, product updates, special offers, or other marketing content. Legal Basis: Consent (GDPR Art. 6(1)(a)). You will only receive these emails if you have opted-in, and you can withdraw your consent at any time (see Marketing Communications and Opt-Out below).

  • Analytics and Site Improvement: We use Automatically Collected Data (via cookies and similar technologies) to analyze how our website is used, to troubleshoot performance issues, and to improve our services and user experience. For instance, we use Google Analytics to understand which pages are most visited, how users navigate the site, and other usage patterns. Wherever possible, we utilize IP anonymization for Google Analytics to reduce the impact on your privacy. Legal Basis: Consent (Art. 6(1)(a)), obtained through our cookie consent banner for non-essential cookies. (In some cases, we may rely on legitimate interest (Art. 6(1)(f)) to improve our site; however, in practice, we will not activate analytics cookies without your consent to comply with ePrivacy requirements.)

  • Advertising and Remarketing: Our site uses Google Ads (and potentially other advertising networks) to advertise our products. We may use cookies from these services to measure the effectiveness of our ads (conversion tracking) and to show you targeted advertisements on third-party websites (remarketing). For example, if you visit our site, a Google Ads cookie may record that visit, and this might result in you seeing an ad for our products later on Google’s network. Legal Basis: Consent (Art. 6(1)(a)), obtained via the cookie consent banner for marketing cookies. You will not receive targeted advertising cookies unless you opt-in.

  • Website Security and Fraud Prevention: We process certain data to protect our website, business, and users from fraud, spam, and abuse. For example, we use Google reCAPTCHA to prevent automated bots from abusing our forms, and we may log IP addresses to detect multiple failed transactions or potential attacks. Legal Basis: Legitimate interests (Art. 6(1)(f)) – it is in our interest (and our users’ interest) to ensure the security and integrity of our services. This type of processing is strictly for security and is not used for marketing or any other purpose.

  • Business Records and Administration: We may process and retain data as needed for our general business administration, record-keeping, audits, and to manage any disputes or legal claims. Legal Basis: Legitimate interests (Art. 6(1)(f)) in running a lawful business, or legal obligation if applicable (e.g., keeping records for defending legal claims).

We will not use your personal data for purposes that are incompatible with the above without informing you and obtaining an appropriate legal basis. We do not engage in automated decision-making, including profiling, that produces legal effects or similarly significant effects on you without your explicit consent. Any profiling we do (e.g., analyzing what products might interest you) is only done in the context of marketing to which you have consented, and you have the right to opt out of such profiling at any time.

Data Retention – How Long We Store Your Data

We will keep your personal data only for as long as it is necessary to fulfill the purposes for which it was collected, or as required by law. The retention periods for different categories of data are:

  • Order and Transaction Data: We retain records of purchases (including invoices, order details, and associated personal data) for at least 5 years from the end of the financial year in which the transaction occurred, in compliance with tax and accounting laws. For example, if you made a purchase in 2025, we may retain the data until at least the end of 2030. We may keep basic order information longer if necessary to establish, exercise, or defend legal claims.

  • Payment Information: We do not store your sensitive payment details (like full credit card numbers). Payment processors may retain your payment data according to their own policies (see Data Sharing below). We keep records of the payment transaction (e.g. amount, date, payment method, last four digits of card or PayPal ID) as part of order records for the same 5+ year period.

  • Customer Support Correspondence: Emails or contact form submissions you send us are kept for as long as needed to address your issue and for a short period thereafter in case of follow-up. Typically, we might retain support communications for up to 1–2 years, unless they need to be kept longer for legal reasons (for example, evidence of an agreement or resolution of a dispute).

  • Newsletter Subscription Data: We store your email address and related subscription info for as long as you remain subscribed. If you unsubscribe or withdraw consent, we will promptly remove you from the mailing list and stop sending you emails. We may however retain proof of your prior consent (subscription) and unsubscription request for a certain period (e.g. 2 years) to demonstrate compliance with marketing laws, but we will not use your email for further marketing once you’ve unsubscribed.

  • Analytics Data: Data collected via Google Analytics and similar tools is stored according to the retention settings we’ve agreed with those providers. For example, Google Analytics data is retained for [14 months] by default (or a similar period we configure) and is automatically deleted thereafter. We only view aggregated, anonymized reports and do not personally identify individual site visitors via analytics data.

  • Cookies and Tracking Data: Cookies have varying lifespans. Some cookies (especially essential ones) exist only for the duration of your session or a short period, while others (like analytics or advertising cookies) may last for months unless cleared. Our Cookie Policy below provides details on cookie durations. You can erase cookies from your own browser at any time (see Managing Cookies in the Cookie Policy section).

  • Security Logs: If our site automatically logs IP addresses or device information for security (e.g., firewall logs, reCAPTCHA results), those logs are typically kept only for a short period (a few weeks to a few months) unless a serious incident prompts longer retention. We regularly rotate and purge security logs to minimize data retention, keeping them just long enough to investigate issues or meet legal obligations.

After the applicable retention period, we will either securely delete or anonymize your personal data. For example, data in our order database may be anonymized (so it no longer can be linked to you) once it is no longer needed. Backup copies might persist for a short time beyond deletion, but we have processes to eventually purge or overwrite backups as well.

Data Sharing and Recipients of Personal Data

We treat your personal data with care and confidentiality. We do not sell your personal information to third parties. However, we do share your data with certain trusted third-party service providers (“processors” under GDPR) and other parties when it is necessary to operate our business or required by law. These recipients include:

  • Payment Processors: We use third-party payment providers to handle transactions securely. This may include providers like [Payment Provider Name e.g. PayPal, Stripe] (placeholders for the actual services we use). When you enter payment details, you are typically doing so directly on the payment processor’s secure platform, which means they receive your payment data. The payment processor will process your payment and may send us limited information to confirm the transaction (such as a payment confirmation ID). These providers are independent controllers of your payment data for processing purposes. Please refer to their privacy policies for details on how they handle your personal data. We have agreements in place with these providers to ensure your data is protected.

  • Email Service Provider: For sending our newsletter and marketing emails, we may use an external email marketing service. If you subscribe to our newsletter, your email address (and name, if provided) will be stored on that service’s platform. The provider processes the data only on our instructions for the purpose of sending emails on our behalf. We ensure that any such provider is GDPR-compliant. (If our newsletter is managed in-house via our own server, then your data stays within our systems instead.)

  • Hosting Provider: Our website is hosted on servers provided by zenbox.pl. All data you provide on our website (orders, form submissions, etc.) will be stored on these servers. The hosting provider may have access to the server infrastructure as a processor, but they will only process data for hosting and technical support purposes. Our hosting servers are located in [Country/EU region], so your data is stored in that location (see International Transfers below if outside the EEA).

  • Website Service Providers: We may use other third-party services integrated into our WordPress website, for maintenance, development, or added functionality. For example, if we use a backup service, content delivery network (CDN), or security service (firewall), these providers might process IP addresses or other technical data to operate. We ensure any such providers protect data confidentiality.

  • Analytics and Advertising Partners: As described, we use services like Google Analytics (analytics) and Google Ads (advertising/remarketing). These are provided by Google Ireland Limited (for EU region customers) and Google LLC in the USA. These services set cookies and collect usage data from our site users, which is transmitted to Google. Google acts as a processor for us in providing aggregated analytics reports, and as a controller for some advertising purposes. We have configured these services to limit data collection where possible (e.g., IP anonymization in Google Analytics). We also utilize Google reCAPTCHA for spam protection (also a Google service). In all cases, Google may process data as per their privacy policies. We share data with Google as needed for these services (for example, your site usage info via cookies). See our Cookie Policy for more details on what data is collected and how to opt-out.

  • Other Marketing/Analytics Services: If we use any other third-party tracking or marketing tools (for example, a Facebook Pixel, Twitter advertising, etc.), these services would similarly collect certain data through our site. (Currently, our primary marketing integrations are with Google services, but we mention this for completeness.) Any such service will be disclosed in our Cookie Policy and will only be activated with your consent.

  • Professional Advisors and Auditors: We may share relevant portions of your data with our accountants, auditors, lawyers, or similar consultants if necessary for accounting purposes, auditing our business, or for establishing/exercising legal claims. For example, our accountant may see invoice records that contain personal data when preparing our financial statements or tax filings. These parties are bound by confidentiality obligations.

  • Authorities and Legal Requirements: If required by law or court order, we may disclose personal data to government authorities, regulators, law enforcement, or courts. For instance, if tax authorities request to see our sales records, we must provide them, or if we receive a subpoena or lawful request related to an investigation, we may need to disclose certain data. We will only do so to the extent that such disclosure is legally required and appropriate.

  • Business Transfers: In the event that our company is involved in a merger, acquisition, sale of assets, or other business transaction, personal data may be transferred to the new owner or partner as part of the transaction. In such cases, we will ensure that the new owner is bound by terms that protect your personal data consistent with this Policy. We will notify you of any change in data controllers if required by law.

Whenever we share your data with service providers, we ensure they are bound by contracts that require them to process personal data in accordance with GDPR, solely for the purposes we specify, and with adequate security measures.

We do not allow third parties to use your data for their own marketing or purposes unrelated to the services they provide to us.

International Data Transfers

We are based in Poland (in the European Economic Area, EEA). However, some of the third parties we work with may be located outside the EEA, which means your personal data could be transferred to or accessed from those countries. In particular:

  • Google Services (Analytics, Ads, reCAPTCHA): Google Ireland Limited is our contracting entity, but as a global company, Google may process data on servers in the United States or other countries. The U.S. does not have an EU adequacy decision for data protection, so we rely on appropriate safeguards for these transfers. Google has certified its compliance with the EU-U.S. Data Privacy Framework and/or uses EU Standard Contractual Clauses (SCCs) in its contracts. These measures are designed to protect your data when transferred outside the EEA. For example, any personal data sent to Google in the U.S. should be protected under these safeguards.

  • Payment Providers: If we use PayPal, note that PayPal (Europe) S.à r.l. is in Luxembourg (EEA), but PayPal may in some cases involve servers in the US or worldwide. PayPal’s privacy policy and agreements include appropriate safeguards (they also previously participated in the Privacy Shield and now follow the new Data Privacy Framework/SCCs). Similarly, if we use Stripe or another provider, they typically use SCCs to cover EU-US transfers, as Stripe, Inc. is based in the US.

  • Email/Newsletter Service: If our email marketing provider is based outside the EEA (for example, Mailchimp is based in the US), then personal data (your email address) might be transferred to that country. We will ensure such providers implement SCCs or are certified under an approved framework to lawfully transfer EU data.

  • Hosting or Other Services: We endeavor to choose hosting and other services within the EEA. If any of our service providers store or access data outside the EEA (for example, a cloud backup in the US), we will make sure appropriate transfer mechanisms are in place (SCCs, adequacy decision, or Data Privacy Framework certification).

We will always take steps to ensure any international transfer of your data complies with applicable data protection laws. This includes assessing the data protection regime of the destination country and putting additional security or contractual measures in place if needed. You can contact us (see Contact Information below) if you have questions about our safeguards for international data transfers or if you want to obtain a copy of the relevant contractual protections (such as SCCs).

Note: By consenting to our use of certain third-party cookies or services, you are deemed informed that your data may be transferred outside your country (for example, by accepting marketing cookies, you allow data to be sent to Google’s advertising services in the US). We only make such transfers with your consent or where necessary for our contract with you.

Your Rights as a Data Subject

Under the GDPR, you have various rights regarding your personal data. We are committed to upholding these rights. You may exercise these rights at any time by contacting us (see Contact Information below). These rights include:

  • Right of Access: You have the right to obtain confirmation of whether we are processing your personal data, and if so, to request a copy of the data we hold about you, as well as information about how we use it. This is commonly known as a “Data Subject Access Request.” We will provide this to you free of charge, within one month (unless the request is complex, in which case we may extend the deadline by up to two further months, but we will inform you if so).

  • Right to Rectification: If any of your personal data we have is incorrect or incomplete, you have the right to have it corrected or updated without undue delay. For example, if you change your email address or notice we misspelled your name, you can ask us to fix it.

  • Right to Erasure (Right to be Forgotten): You can request that we delete your personal data in certain circumstances. For instance, if the data is no longer necessary for the purposes it was collected, or if you have withdrawn your consent and we have no other legal basis to keep it, or if you object to processing and we have no overriding legitimate grounds, or if we unlawfully processed your data. Please note that this right is not absolute – sometimes we must retain certain data to comply with legal obligations or to establish or defend legal claims. If that is the case, we will let you know.

  • Right to Restriction of Processing: You have the right to request that we limit the processing of your data in certain situations. This can apply if you contest the accuracy of data (until corrected), if our processing is unlawful but you do not want full erasure, or if you need us to keep data solely for legal claims that you need, or if you have objected to processing (pending verification of our grounds). When processing is restricted, such data will only be processed with your consent or for specific reasons like legal claims or important public interest.

  • Right to Data Portability: For data that you have provided to us and is processed by us by automated means on the legal basis of consent or contract, you have the right to receive that data from us in a structured, commonly used, machine-readable format (for example, a CSV file). You also have the right to request that we transmit that data directly to another controller, where technically feasible. In practice, this right is relevant to information you provided for your orders or profile, and which we process electronically.

  • Right to Object: You have the right to object to our processing of your personal data when our legal basis is legitimate interest (Art. 6(1)(f)) or public interest/exercise of authority (Art. 6(1)(e)) – we do not process on the latter basis in our context. You may object on grounds relating to your particular situation. If you object, we will assess whether our compelling legitimate grounds override your interests, rights, and freedoms. If not, we will cease the processing. Importantly, you have an unconditional right to object to your data being processed for direct marketing purposes (Art. 21(2) GDPR). This means if you object to any use of your data for marketing (including any profiling related to direct marketing), we will stop using your data for that purpose immediately.

  • Right to Withdraw Consent: If we are processing your personal data based on your consent (e.g., for newsletter or marketing cookies), you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing that was done before you withdrew consent. For example, if you signed up for the newsletter but later change your mind, you can unsubscribe and we will stop sending you the newsletter.

  • Right to Lodge a Complaint: If you believe that we have infringed your data protection rights or GDPR, you have the right to file a complaint with a supervisory authority, in particular in the EU country where you live or work, or where the alleged infringement took place. As we are based in Poland, our lead supervisory authority is the Polish Personal Data Protection Office (Urzęd Ochrony Danych Osobowych – UODO). You can contact the UODO or your local data protection authority for guidance or to submit a complaint. We would, however, appreciate the chance to address your concerns directly before you do so – please feel free to contact us regarding any issue.

We will do our best to facilitate your rights. For security, we may need to verify your identity before fulfilling certain requests (for example, access or deletion requests) to ensure we do not disclose or delete data to the wrong person. This might involve asking for information to confirm your identity.

Exercising your rights is free of charge. However, if a request is manifestly unfounded or excessive (for example, repetitive), we may either charge a reasonable fee reflecting the administrative cost or refuse to act on the request (as allowed by GDPR). We will explain our reasoning in such cases.

Security of Your Personal Data

We take the security of your data seriously and have implemented appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Website Security: Our site is secured using HTTPS encryption (TLS/SSL). This means that the data you transmit to us (such as when entering personal information in the checkout or contact forms) is encrypted in transit and cannot be easily intercepted by third parties. Always look for the padlock symbol in your browser address bar when submitting data on our site.

  • Access Controls: Internally, personal data is accessible only to those personnel or contractors who need access to fulfill their duties (principle of least privilege). Access to administrative areas of our website, as well as to databases containing personal info, is restricted and protected with strong passwords and, where possible, two-factor authentication.

  • Data Minimization: We strive to collect only the data that we need. By limiting the personal data we handle (for example, no user accounts and no unnecessary details), we reduce the security risk. We also anonymize or pseudonymize data where feasible, especially for analytics (e.g., using Google Analytics with anonymized IP).

  • Secure Hosting and Updates: Our website is hosted with a reputable provider with robust security practices, including firewalls and monitoring. We keep our WordPress, WooCommerce, and other plugins up to date to patch security vulnerabilities. Regular security scans and malware protection tools are in place to detect and prevent unauthorized access.

  • Encryption and Secure Storage: Where applicable, we encrypt sensitive data at rest. For example, if any password or API keys are stored (for system use), they are encrypted. While we don’t store credit card details, any token or identifier from the payment processor is stored securely.

  • Backups and Recovery: We perform regular backups of our site and data to ensure we can recover from any technical incidents or ransomware attacks. These backups are stored securely.

  • Employee/Contractor Training: We ensure that anyone who handles personal data on our behalf is trained in data protection principles and committed to confidentiality. Our team is aware of the importance of protecting personal data.

  • Vendor Due Diligence: We carefully select third-party service providers and require them to have appropriate security measures. For example, Google and payment processors invest heavily in security. We review their compliance resources and ensure GDPR-compliant data processing agreements are in place.

  • Incident Response: Despite all measures, no system is 100% secure. In the unlikely event of a data breach that poses a risk to your rights and freedoms, we have procedures to notify the relevant authorities and affected individuals within the timeframe required by GDPR (72 hours for authorities when required, and promptly for individuals when there’s a high risk). We maintain a log of any incidents and continually improve our safeguards based on lessons learned.

Please note that you also play a role in security. For example, if you contact us via email, ensure you don’t include sensitive information in unencrypted emails. And remember that no method of transmission over the internet or method of electronic storage is completely secure – while we strive to protect your personal data, we cannot guarantee absolute security.

Children’s Privacy

Our products and services are not directed to children, and we do not knowingly collect personal data from individuals under the age of 16 (the age at which consent may be required in Poland and many EU countries under GDPR Article 8). If you are under 16, please do not provide any personal information to us.

We do not sell products that are targeted at children, and our website is intended for use by adults or businesses. In the event that we learn we have collected personal data from a child under 16 without verifiable parental consent, we will take immediate steps to delete that information. If you are a parent or guardian and believe your child under 16 has provided personal data to us, please contact us so we can remove the data and opt the child out of any applicable services.

(If local law in Poland or your country sets a different age threshold for requiring parental consent, and if applicable, we will adhere to that. For example, if the age was 13 in some regions, we would apply that lower age. In absence of contrary local law, we use 16 as per GDPR default.)

Marketing Communications and Opt-Out

If you subscribe to our newsletter or otherwise consent to receive marketing communications, we will use your contact information to send you promotional content. This may include:

  • Our email newsletter with news about new products, updates, tips and tutorials related to our digital products.

  • Special offers, discounts, or promotions for our store.

  • Announcements of new releases or features.

We will only send you marketing emails if you have actively opted in (for example, by entering your email in the subscription form and confirming via the double opt-in email). If you have made a purchase from us, we may send you transactional emails related to that purchase (order confirmation, download info, etc.), which are not marketing but necessary service communications. We might also send a one-time follow-up to request feedback or a review for the product you bought, as this relates to your purchase – but such communications will be limited and not ongoing marketing unless you have subscribed.

How to Opt Out: Every marketing email we send will include an “unsubscribe” link at the bottom. You can click that link to instantly stop receiving future emails from that list. Alternatively, you can contact us at hello@va-presets.com with a request to unsubscribe, and we will manually remove you. Once you opt out/unsubscribe, we will cease sending you marketing communications. (However, please note you might still receive non-promotional communications, such as responses to a customer service inquiry or important notices about an ongoing transaction.)

Opting out of our direct marketing will not affect any other services we provide to you. You can continue to use the website and make purchases. It also will not affect any targeted advertising cookies — for those, you need to adjust your cookie preferences (see the Cookie Policy below) or ad settings as described.

We do not share your email or contact information with other companies for them to market to you. Any marketing is only from Visual Art Katarzyna Kozdra-Baczulis about our own products or content. If we ever run joint promotions with a partner, we would do so by sending you the info ourselves (or asking for your permission to share info with them explicitly).

If you have multiple email addresses and you receive our communications to each, you will need to opt out from each address separately. If you continue to receive emails after unsubscribing, please contact us to ensure your request was processed.

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make changes, we will revise the “Last Updated” date at the top of the Policy. If the changes are material, we may also provide a more prominent notice, such as a notification on our website or an email notification (if appropriate and we have your email on file).

We encourage you to review this Policy periodically to stay informed about how we are protecting your information. Your continued use of our website or services after any updates take effect will constitute acceptance of those changes. If you do not agree with any changes to the Policy, you should stop using the site and can contact us if you have concerns.

For significant changes (especially those that might retroactively affect how we handle data collected under a previous policy), we will seek your consent if and as required by law. For example, if we were to start processing data for a new purpose that requires consent, we would obtain that from you.

Previous versions of our Privacy Policy can be obtained by contacting us. We maintain an archive of past privacy notices for transparency.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or about your personal data, please contact us at:

 VISUAL ART Katarzyna Kozdra-Baczulis, a company registered in Poland, ul. Różowa 18/2 70-781 Szczecin

  • Email: hello@va-presets.com

You can also reach out to us via [contact form] on our website (if applicable). We will respond as soon as possible, and certainly within any timeframes required by law.

Cookie Policy

This Cookie Policy is a part of our Privacy Policy and explains how we use cookies and similar tracking technologies on our website. It describes what cookies are, which cookies we use and why, and how you can manage your cookie preferences.

By using our website, you can choose whether to allow or refuse non-essential cookies through our cookie consent banner. You can also manage cookies through your browser settings as described below.

What Are Cookies?

Cookies are small text files that are stored on your device (computer, smartphone, tablet) when you visit a website. They are widely used to make websites work efficiently and to provide information to the site owners. Cookies allow a website to remember your actions and preferences (such as keeping you logged in, items in a shopping cart, language settings, etc.) so you don’t have to re-enter them whenever you come back to the site or browse from one page to another.

There are different types of cookies:

  • First-party cookies: These are set by the website you’re visiting (in this case, by our site). Only our site can read these cookies.

  • Third-party cookies: These are set by a domain other than the website you’re visiting, typically when our site integrates external services. For example, cookies set by Google (for analytics or ads) when you visit our site are third-party cookies.

  • Session cookies: These are temporary cookies that last only for the duration of your browsing session. They are deleted from your device once you close your browser. Session cookies are often used for essential functionalities (like remembering what’s in your cart as you navigate).

  • Persistent cookies: These cookies remain on your device for a set period of time after your session (they have an expiration date). They can survive after the browser is closed, so they can recognize your device on your next visit. Persistent cookies are used for remembering preferences or analytics/advertising purposes over multiple sessions.

We also may use similar tracking technologies like web beacons (pixel tags) or local storage. Web beacons are tiny transparent images embedded in webpages or emails that can track certain user activities (such as whether an email was opened). For simplicity, this Cookie Policy refers to all these technologies as “cookies.”

Cookies We Use and Why

We use the following categories of cookies on our website:

  • Essential Cookies (Strictly Necessary): These cookies are necessary for the website to function properly and cannot be switched off in our systems. Without these, certain services or features (like the shopping cart or checkout process) would not be possible. They are usually set in response to your actions, such as setting your privacy preferences, adding items to cart, or filling in forms. Essential cookies do not store any personally identifiable information, and we do not need your consent to use them – we use them by default for the operation of the site. (However, you can still block them via your browser settings if you wish, but parts of the site may not work.)

  • Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. They allow us to count visits, track traffic sources, and see which pages/products are popular, etc. We use this data to improve our website’s performance and user experience. For example, we use Google Analytics cookies to collect information about website usage (such as number of visitors, pages visited, time spent on site). The information collected by these cookies is aggregated and not directly identifying you. We only set analytics cookies if you consent to them, as they are not strictly necessary. If you do not allow these cookies, we will not know when you visited our site and won’t be able to monitor its performance in the same way.

  • Functional Cookies: These cookies allow our site to remember choices you make and provide enhanced, more personal features. For example, a functional cookie might remember that you dismissed a one-time popup or chose a language or region. Another example: if we have a live chat support or similar feature, the cookie might retain your session ID for continuity. While many functional cookies are essential for a good experience, we typically treat them as necessary because without them some preferences might not persist. We currently do not use many separate functional cookies beyond essentials, but any that exist (like remembering a dismissed notice or store preferences) are only used to improve your experience. They do not track you on other sites and may be first-party.

Third-Party Cookies and Services: Some cookies are set by external providers. In particular:

  • Google Analytics: Sets cookies _ga, _gid, _gat (and related). Google Analytics is a web analytics service provided by Google. Google may use the data collected to track and examine the use of our site and to prepare reports on its activities. We have set up Google Analytics with IP anonymization enabled, meaning Google truncates IP addresses for users in the EU, to pseudo-anonymize data. You can opt out of Google Analytics cookies through our banner or by using a browser plugin (Google provides an opt-out add-on). See also Google’s Privacy Policy for Analytics data handling.

  • Google Ads / DoubleClick: Cookies like IDE, _gcl_au, and test_cookie are associated with Google Ads advertising. If you consent to marketing cookies, these allow us to show you targeted ads and measure conversions. Google may also collect data about your visits to other sites to tailor ads – these cookies are how Google connects your browsing behavior. You can control ad personalization through Google’s Ad Settings (adsettings.google.com) and you can opt out of interest-based ads via industry sites like aboutads.info.

  • Google reCAPTCHA: When reCAPTCHA is loaded on our site (for example, on a form), it sets the cookies/items like NID and _GRECAPTCHA. These ensure that interactions are by humans. They may also involve sending hardware/software info (like device and browser characteristics) to Google for analysis. Use of reCAPTCHA is subject to Google’s Privacy Policy and Terms of Service (which are referenced when you interact with it). We may use reCAPTCHA under our legitimate interest to prevent spam and abuse, thus we treat its cookies as essential for security.

  • WooCommerce (First-party): The WooCommerce plugin sets essential cookies for cart functionality (woocommerce_* cookies as listed). These are first-party, meaning they originate from our domain. They contain no personal data and are necessary for e-commerce features.

  • Cookie Consent Tool: If we use a cookie consent tool or banner (like CookieYes or similar), it will set a cookie to remember your preferences (e.g., cookie_consent or similar). This prevents the banner from popping up on every page load and keeps track of which categories you allowed or denied. This cookie is considered functional/necessary.

  • Other Third-Party Content: If our site includes content from other third parties, such as embedded videos (YouTube/Vimeo) or social media widgets (e.g., a Facebook “Like” button) or external fonts (Google Fonts), those providers might set cookies or use tracking. We currently do not extensively use such embeds; our main third-party integrations are with Google as described. If that changes, we will update the policy.

Managing Cookies: Your Choices

Consent Banner: When you first visit our website, you will see a cookie consent banner or pop-up that allows you to choose which cookies to accept. Essential cookies are enabled by default (as the site cannot run without them), but for other types (Analytics, Marketing) you have the option to accept or reject. We will honor your choices; for example, if you opt out of Analytics cookies, Google Analytics will not run and no analytics cookies will be set.

Browser Settings: In addition to our site controls, you have full control over cookies at the browser level. Most web browsers let you: view what cookies you have and delete them on an individual basis; block third-party cookies; block all cookies for specific sites or all sites; or notify you when cookies are being set. You can usually find these settings in the “options” or “preferences” menu of your browser. To help, here are some links to instructions for managing cookie settings in popular browsers:

  • Google Chrome: You can manage cookies by clicking the three dots menu > Settings > Privacy and security > Cookies and other site data. Chrome’s official instructions are available on Google’s support site.

  • Mozilla Firefox: Go to Menu ☰ > Settings (Preferences) > Privacy & Security > Cookies and Site Data. You can clear data or manage permissions. See Mozilla’s guide on blocking and deleting cookies.

  • Microsoft Edge: Click the three dots ... > Settings > Cookies and site permissions. From here you can manage and view cookies, and set rules for blocking. Microsoft’s support page provides detailed steps.

  • Apple Safari (Mac): Go to Safari > Settings (or Preferences) > Privacy. You can choose to block all cookies or manage website data. To remove specific cookies, click “Manage Website Data...” then remove selected items.

  • Safari (iPhone/iPad): Go to iOS Settings > Safari. You can Clear History and Website Data (which removes cookies) and adjust Privacy & Security settings (e.g., block all cookies, prevent cross-site tracking). On iOS, cookies are managed through device settings rather than in-browser menus.

For other browsers or for more general guidance, you might visit external resources like AllAboutCookies or AboutCookies.org which provide up-to-date information on managing cookies across different browsers.

Please note: Rejecting or deleting cookies may impact your user experience. For example, if you block essential cookies, our site’s core functions (like adding items to cart or logging in, if applicable) might not work properly. Blocking functional cookies might mean certain preferences aren’t remembered. However, refusing Analytics or Marketing cookies should not affect basic site functionality; it will only result in less data collection and less personalized content.

Changes to This Cookie Policy

We may update our Cookie Policy to reflect changes in the cookies we use or for other operational, legal, or regulatory reasons. If there are significant changes, we will notify you either by posting a notice on our site or through other appropriate means. We encourage you to review this Cookie Policy periodically for the latest information about our cookie practices.

The “Last Updated” date at the top will indicate when the latest changes were made.

By continuing to use our site after we post any updates, you acknowledge the Cookie Policy as amended. If necessary (for example, if a new cookie requires consent), we will re-display the consent banner to capture your choices.

Contact Us (Cookie Policy Inquiries)

If you have any questions or concerns specifically about our Cookie Policy or our use of cookies and similar technologies, feel free to contact us at hello@va-presets.com You can also reach out via the contact information provided in the Privacy Policy section.

We will be happy to assist with any queries – whether it’s more detail on a particular cookie, or help with opting out.

By using our website and services, you trust us with your personal data. We value that trust and are committed to keeping your data secure and handling it in accordance with the law. Thank you for reading our Privacy and Cookie Policy. We hope it has clarified how we operate. If anything remains unclear, please do not hesitate to get in touch.