Privacy and Cookies Policy

Privacy & Cookie Policy (UK & EU)

Last updated: 27/12/2025 (content updated for accuracy and compliance)

This Privacy & Cookie Policy explains how we collect and use personal data when you visit or use our websites and services, including the Elite Wedding School and Fairytale Day (Приказен ден) brands.

1. Who we are (Data Controller)

We are the data controller for the personal data described in this policy.

Legal entity (Bulgaria):
Boutique wedding agency Fairytale day EOOD
Бутикова Сватбена Агенция „Приказен ден“ ЕООД
BULSTAT: 207893990
Registered address:
1421 Sofia, Lozenets
12 Milin Kamak Str.
Bulgaria

Contact emails:

UK ICO registration number: 00010725115

This policy applies to our websites (including eliteweddingschool.com and prikazenden.com) and to services we provide, including digital products and courses hosted on Podia.

2. What personal data we collect

Depending on how you interact with us, we may collect:

2.1 Usage data (website/app data)

This can include IP address, approximate location, device and browser details, pages visited, time spent on pages, clicks, referral sources, and interactions with ads and content.

2.2 Enquiry and correspondence data

Information you provide when you contact us (e.g., name, email address, message content, and metadata such as time sent).

2.3 Customer and client data

If you purchase a product or become a client, we may collect contact details and information needed to deliver the service (e.g., billing details, course access information, booking and planning information).

2.4 Marketing and preferences data

Email subscription details, preferences, and engagement data (e.g., whether you opened an email or clicked a link), where provided by the platform you subscribed through.

We do not intentionally collect special category data (e.g., health data). Please avoid sending it unless we explicitly ask for it.

3. How we use your data and our legal bases (UK GDPR & EU GDPR)

We only process personal data where we have a valid lawful basis.

3.1 To operate our websites and keep them secure

  • Purpose: Website administration, troubleshooting, security, fraud prevention, backups.
  • Legal basis: Legitimate interests (running a secure, reliable business) and, where applicable, contract.

3.2 To respond to enquiries and communicate with you

  • Purpose: Replying to messages, providing information you request, keeping records of communications.
  • Legal basis: Legitimate interests and/or steps prior to entering a contract.

3.3 To deliver products, courses, and services

  • Purpose: Provide access to digital products, course delivery, customer support, client management.
  • Legal basis: Contract (performance of a contract with you) and legal obligation (e.g., accounting/tax recordkeeping where applicable).

3.4 Payments and transaction administration

  • Purpose: Taking payments, handling refunds, dealing with payment queries, preventing fraud.
  • Legal basis: Contract and legal obligation.
  • Important note: We do not store full card details. Payments for the wedding planning course are processed via Stripe or Revolut Business (as applicable). Some digital products may be purchased via Podia.

3.5 Marketing communications (email)

  • Purpose: Sending newsletters, offers, and updates.
  • Legal basis:
    • Consent (for most email marketing sign-ups), and/or
    • Legitimate interests (limited marketing to existing customers where permitted by law, with an easy opt-out).

You can unsubscribe at any time using the link in our emails or by contacting us at the addresses above.

3.6 Analytics and advertising measurement

  • Purpose: Understanding how users use our sites, measuring ad performance, improving campaigns and content.
  • Legal basis: Consent (where cookies/trackers are used), because UK PECR/EU ePrivacy rules generally require consent for non-essential cookies.

We use tools including (as you confirmed): Google Analytics, Google Ads, Facebook/Meta Pixel, Pinterest, and Instagram/Meta-related tracking.

4. Automated decision-making and profiling

We may use basic profiling for marketing (e.g., showing you content/offers aligned with pages you viewed or resources you downloaded).

  • This is used to make communications more relevant (for example, sending a sequence of emails related to the topic you requested).
  • We do not use automated decision-making that produces legal or similarly significant effects (such as automatic credit decisions).

5. Who we share data with (processors and third parties)

We share personal data only as needed to run our business and deliver services. This can include:

  • Hosting, website and course platform providers (including Podia for course/digital product delivery and customer management) Podia+1
  • Payment providers (including Stripe and Revolut Business, as applicable) Revolut+1
  • Email/marketing platforms (if used for newsletters and automation)
  • Analytics and advertising partners (Google/Meta/Pinterest, etc.)
  • Professional advisers (accountants, legal advisers, insurers) where necessary
  • Authorities where required by law or to protect legal rights

We do not sell your personal data.

6. International transfers (outside the UK/EEA)

Some service providers may process data outside the UK/EEA (for example, in the United States).

Where international transfers occur, we ensure appropriate safeguards, such as:

  • Transfers to organisations certified under the EU–US Data Privacy Framework (where applicable) EUR-Lex+1
  • Transfers under the UK’s UK Extension / UK–US Data Bridge (where applicable) GOV.UK+1
  • Standard Contractual Clauses (EU) and the UK’s approved transfer tools (as needed)

7. Data retention (how long we keep your data)

We keep personal data only as long as necessary for the purpose collected, then securely delete or anonymise it.

Unless a longer period is required by law or for legal claims, we use these typical retention periods:

7.1 Wedding planning and agency clients

  • Up to 7 years after the end of the relationship (to support accounting/tax and contractual/legal requirements).

7.2 Course students and digital product purchasers

  • Up to 7 years from purchase (accounting/tax records), and access/support records as needed for service delivery.

7.3 Newsletter subscribers (marketing-only)

  • Up to 2 years after your last meaningful interaction (e.g., open/click), or earlier if you unsubscribe or request deletion.

7.4 Enquiries that do not convert

  • Up to 12 months after last contact (to manage follow-up and recordkeeping), unless you ask us to delete sooner.

7.5 Legal claims

If a dispute arises (or we reasonably anticipate one), we may retain relevant data for longer until the matter is resolved and limitation periods have expired.

8. Security

We use appropriate technical and organisational measures to protect your personal data, including access controls, secure systems, and encryption where appropriate. However, no internet transmission is completely secure, and you provide information at your own risk.

9. Your rights (UK GDPR & EU GDPR)

You have rights including:

  • Access to your data
  • Rectification (correction)
  • Erasure (“right to be forgotten”)
  • Restriction of processing
  • Objection to processing (including direct marketing)
  • Data portability (in certain cases)
  • Withdraw consent (where processing is based on consent)
  • Lodge a complaint with a supervisory authority

To exercise rights: email us at hello@eliteweddingschool.com or office@prikazenden.com.

Complaints:

  • UK: Information Commissioner’s Office (ICO)
  • Bulgaria/EU: Commission for Personal Data Protection (CPDP)

10. Children

Our websites and services are intended for individuals aged 16+. If we learn we have collected data from a child under 16, we will delete it.

11. Third-party websites

Our sites may include links to third-party websites. We are not responsible for their privacy practices. Please review their policies directly.

Cookie Policy

12. What cookies are

Cookies are small text files placed on your device when you visit a website. Some cookies are necessary for the site to function; others help with analytics and advertising.

Cookies can be:

  • Session cookies (deleted when you close your browser)
  • Persistent cookies (remain until they expire or you delete them)

13. How we use cookies

We use cookies and similar technologies for:

  • Strictly necessary functions (security, site functionality)
  • Preferences (remembering choices)
  • Analytics (understanding site use)
  • Marketing (measuring ads and showing relevant content)

14. Consent for cookies (UK PECR / EU ePrivacy)

On your first visit, we will ask for your consent for non-essential cookies (analytics/marketing). You can change your preferences at any time via the cookie settings on the site (where available) or by adjusting your browser settings.

15. Cookies used by our service providers

Depending on your settings and interactions, cookies/trackers may be set by:

  • Google (Analytics/Ads)
  • Meta (Facebook/Instagram Pixel)
  • Pinterest
  • Podia (platform functionality and service delivery) Podia+1

16. Managing cookies

You can manage cookies through:

  • Our cookie consent tool (where provided), and/or
  • Your browser settings (block/delete cookies)

Blocking all cookies may affect the functionality of parts of our websites.

17. Changes to this policy

We may update this policy from time to time by publishing a new version on our websites. Please check back periodically.