Privacy Policy

Last Updated: February 3, 2026

Maria Wandiba (“we,” “us,” or “our”) operates the website www.mariawandiba.com. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Information We Collect

We collect different types of information depending on how you interact with our website:

1.1 Information You Provide Directly

- Contact information (name, email address) when you contact us

- Any information you provide in blog comments or forms

- Newsletter subscription information (if applicable)

1.2 Automatically Collected Information

- Usage data: Pages visited, time spent on pages, links clicked

- Device information: Browser type, operating system, IP address

- Analytics data: Collected through Google Analytics (see Section 4)

1.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies. For detailed information about the cookies we use, please see our Cookie Policy at www.mariawandiba.com/cookie-policy.

2. How We Use Your Information

We process your personal data for the following purposes:

- Website Operation: To provide, maintain, and improve our website functionality

- Communication: To respond to your inquiries and communicate with you

- Analytics: To understand how visitors use our website and improve user experience

- Legal Compliance: To comply with legal obligations and protect our rights

- Security: To detect, prevent, and address technical issues and security threats

3. Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

- Consent: When you provide explicit consent (e.g., newsletter signup, cookie acceptance)

- Legitimate Interest: For website analytics, security, and improvement

- Legal Obligation: To comply with applicable laws and regulations

- Contractual Necessity: To fulfill any agreements with you

4. Third-Party Services

We use the following third-party services that may collect and process your data:

4.1 Squarespace (Website Hosting)

Our website is hosted on Squarespace, which provides essential website functionality and security features.

- Data collected: Session data, technical information for website operation

- Purpose: Website hosting, security, and performance

- Privacy Policy: https://www.squarespace.com/privacy

4.2 Google Analytics

We use Google Analytics to understand how visitors use our website.

- Data collected: Anonymized usage data, browser information, demographics

- Purpose: Website analytics and improvement

- Privacy Policy: https://policies.google.com/privacy

- Opt-out: You can opt out using the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

- Analytics data: Automatically deleted after 26 months (Google Analytics default)

- Contact form submissions: Retained for 3 years unless deletion is requested

- Email communications: Retained until you request deletion

- Cookies: See our Cookie Policy for specific retention periods

6. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights:

- Right to Access: Request access to your personal data

- Right to Rectification: Request correction of inaccurate data

- Right to Erasure: Request deletion of your personal data (“right to be forgotten”)

- Right to Restriction: Request restriction of processing

- Right to Data Portability: Receive your data in a portable format

- Right to Object: Object to processing of your data

- Right to Withdraw Consent: Withdraw consent at any time

- Right to Lodge a Complaint: File a complaint with your local supervisory authority

To exercise any of these rights, please contact us at mwandiba@gmail.com.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no internet transmission is completely secure, and we cannot guarantee absolute security.

Security measures include:

- SSL/HTTPS encryption for data transmission

- Regular security updates and monitoring

- Access controls and authentication

- Secure hosting infrastructure provided by Squarespace

8. International Data Transfers

Your data may be transferred to and processed in countries outside the EEA, including the United States (where Squarespace and Google are based). We ensure such transfers comply with GDPR requirements through:

- Standard Contractual Clauses (SCCs)

- Adequacy decisions by the European Commission

- Other legally approved transfer mechanisms

9. Children’s Privacy

Our website is not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately, and we will delete the information.

10. Blog Comments (If Applicable)

If you leave comments on our blog:

- Your name, email, and comment content are collected

- Your IP address and browser user agent may be collected for spam detection

- An anonymized hash of your email may be provided to Gravatar (if used) to display your profile picture

- Comments are public and visible to all website visitors

11. Contact Forms

When you submit a contact form:

- Your name, email, and message content are collected

- This information is used solely to respond to your inquiry

- We do not share this information with third parties except as necessary to respond to your request

12. Links to Other Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies when you visit them.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post any changes on this page and update the “Last Updated” date above.

For significant changes, we may provide additional notice (such as a prominent announcement on our website or email notification if we have your email address).

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: mwandiba@gmail.com

Website: www.mariawandiba.com

For GDPR-related inquiries or to exercise your rights, you may also contact us at the email address above.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with:

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data:

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.