Privacy policy.

1. Who is responsible

This website is operated by:

Carolyn Pini (Colorpini)
Hurdackerstr. 21
8600 Dübendorf, Switzerland
Email: info@colorpini.com

I am the data controller for any personal data processed through colorpini.com.

2. What data I collect and why

Email signup (MailerLite)

If you sign up for the free monthly coloring page, I collect your email address (and, if you give it, your first name) so I can send you the monthly reminder. The signup form is processed by MailerLite (MailerLite Limited, Ireland; technical infrastructure partly in the United States). MailerLite acts as my processor under a Data Processing Agreement.

• Purpose: sending the monthly free coloring page and event reminder.
• Legal basis: your consent, given when you submit the form. You can withdraw consent at any time using the "unsubscribe" link in any email.
• Retention: until you unsubscribe, then deleted within 30 days.

Contact form

If you write to me through the contact form, I receive your name, email address and message in my inbox at the email above. I store these only in my regular email account and only for as long as needed to reply and keep a record of our conversation. I do not pass these messages to anyone else.

• Purpose: answering your question or request.
• Legal basis: your request, and my legitimate interest in being able to reply.
• Retention: typically up to 2 years after our last exchange, then deleted.

Server access logs

My hosting provider keeps standard server access logs (IP address, browser type, requested page, timestamp, referring URL) for security and to diagnose technical problems. These logs are kept for a short period (typically 7 to 30 days) and are then deleted automatically.

Cookies and analytics

This site does not set tracking cookies, does not use Google Analytics, and does not build profiles about you. Some browser-native preferences (such as remembering an open menu) may use a small piece of localStorage, which never leaves your browser and is never read by me or anyone else.

3. Third-party content and services

Google Fonts

My pages load typefaces (Playfair Display, Inter, Caveat) from the Google Fonts CDN. When the font file is fetched, your IP address is transmitted to Google. I do not embed Google Fonts on the basis of marketing, but on the basis of consistent display of typography. Google's privacy policy: policies.google.com/privacy.

Etsy

All purchases happen on Etsy. When you click an Etsy link, you leave this site and Etsy's own privacy policy applies: etsy.com/legal/privacy.

Facebook, Instagram and Pinterest

The Colorpini Facebook page, Facebook group, Instagram account and Pinterest boards are linked from this site but they are hosted by Meta and Pinterest respectively. When you click one of those links, the privacy policies of those platforms apply. This site itself does not embed any Facebook, Instagram or Pinterest tracking pixels.

Hosting provider

This site is hosted on Microsoft Azure (Microsoft Corporation, United States). The provider processes the same server access logs described in section 2 on my behalf. Microsoft Azure transfers may take place to the United States; these are covered by the EU-US Data Privacy Framework and Standard Contractual Clauses. Microsoft's privacy statement: privacy.microsoft.com.

4. International data transfers

MailerLite is based in Ireland with some technical infrastructure in the United States. Transfers to the United States are covered by Standard Contractual Clauses (SCCs) of the European Commission and MailerLite's own EU-US Data Privacy Framework certification.

Etsy, Meta (Facebook and Instagram) and Pinterest are US-based and operate under their own privacy frameworks. By interacting with their links you accept their data practices.

5. Your rights

Under the Swiss Federal Act on Data Protection (FADP / nFADP) and, where applicable, the EU General Data Protection Regulation (GDPR), you have the right to:

• Ask what personal data I hold about you (right of access).
• Have inaccurate data corrected (right of rectification).
• Have your data deleted, where there is no overriding reason to keep it (right of erasure).
• Restrict or object to processing.
• Receive your data in a portable format (right to data portability).
• Withdraw consent at any time, with no effect on the lawfulness of past processing.
• Lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC, edoeb.admin.ch) or, if you are in the EU, with your local supervisory authority.

To exercise any of these rights, write to me at info@colorpini.com. I will reply within 30 days at the latest.

6. Children

This site is intended for adults. I do not knowingly collect personal data from anyone under 16.

7. Security

The site is served over HTTPS. The hosting provider and MailerLite both apply industry-standard security measures. No system is 100% secure; if I ever become aware of a data breach affecting you, I will notify you and the relevant authority as required by law.

8. Changes to this policy

I may update this policy when the site changes (for example when I add or remove a service). The "Last updated" date at the top of this page shows when it was last revised. For material changes that affect your subscription, I will notify subscribers by email.

9. Contact

Questions about this policy? Write to me at info@colorpini.com. I read every message personally.