Privacy Policy

1.Who we are

English Refresher ("we", "us", "our") operates the website englishrefresher.com and sells digital English-learning products. We are the data controller responsible for your personal data.

2.The data we collect

Information you give us

• Account & orders: name, email address, billing details, and order history when you buy a product or create an account.
• Newsletter: your name and email address if you subscribe.
• Contact form: your name, email, and the contents of your message.

Payment information

Card payments are processed securely by Stripe. We do not see or store your full card number — Stripe handles it as an independent controller/processor under its own terms.

Information collected automatically

• Server logs: our hosting provider automatically records technical data such as IP address, browser type, and pages requested. This is needed to keep the website secure and running.
• Cookies: small files stored on your device — see Section 9.

3.How we use your data

• To process your orders and deliver your digital downloads.
• To send order confirmations, receipts, and customer-service messages.
• To send our newsletter and offers, where you have given consent (you can unsubscribe at any time).
• To operate, secure, and improve the website.
• To meet our legal, accounting, and tax obligations.

4.Our legal bases (GDPR Article 6)

5.Who we share your data with

We never sell your personal data. We share it only with the service providers ("processors") that help us run the site, and only as far as needed:

• Stripe — payment processing.
• Bluehost — website hosting and email delivery.
• Where required by law, to public authorities (e.g. tax authorities).

6.International data transfers

Some of our providers (such as Stripe and Bluehost) may process data outside the European Economic Area, including in the United States. Where this happens, the transfer is protected by appropriate safeguards, such as the European Commission's Standard Contractual Clauses or an adequacy decision (e.g. the EU–US Data Privacy Framework).

7.How long we keep your data

• Order & accounting records: for the period required by Czech accounting and tax law (generally 5–10 years).
• Newsletter data: until you unsubscribe or ask us to delete it.
• Contact messages: for as long as needed to handle your enquiry and a reasonable period afterward.

8.Your rights under the GDPR

You have the right to: access your data; correct inaccurate data; request erasure; restrict or object to processing; data portability; and withdraw consent at any time (without affecting earlier processing). To exercise any of these, email [email protected]. We will respond within one month.

You also have the right to lodge a complaint with the Czech supervisory authority: Úřad pro ochranu osobních údajů (ÚOOÚ), Pplk. Sochora 27, 170 00 Praha 7, uoou.gov.cz.

9.Cookies

We use essential cookies to make the site and shop work (for example, to keep your cart and login session active). These do not require consent. If we ever add non-essential cookies (such as analytics), we will ask for your consent first through a cookie banner. For full details, see our Cookie Policy.

10.Children's privacy

Our shop and services are intended for adults (teachers and adult learners). We do not knowingly collect personal data from children under the age of 15 (the digital-consent age in the Czech Republic) without parental consent. If you believe a child has provided us data, contact us and we will delete it.

11.How we protect your data

We use industry-standard measures including HTTPS encryption, a security firewall, access controls, and trusted, GDPR-aware service providers. No method of transmission over the internet is 100% secure, but we work to protect your data and review our safeguards regularly.

12.Changes to this policy & how to contact us

We may update this policy from time to time. The "Last updated" date at the top shows the latest version. For any privacy question or request, email [email protected].