This privacy policy applies to themicrosettingacademy.com, operated by Atelier Barnard S.L. (CIF B22967194), registered in Palma de Mallorca, Spain. We are the data controller for personal data collected through this website.
For questions about this policy or how we handle your data, contact us at ian@atelierbarnard.co.
Information you provide directly: When you purchase access to The Microsetting Academy, complete a quiz, or subscribe to our communications, we collect the information you provide — such as your name, email address, and payment details (processed securely by Stripe; we do not store card numbers).
Information collected automatically: With your consent, we collect analytics data when you visit our site, including pages viewed, time on page, scroll depth, button clicks, and general geographic location (country/region level). We also read UTM parameters in the URL to understand which channels bring visitors to the site. This data is used to improve the website and understand what content resonates.
Cookies: See the Cookies section below for full details.
We use the data we collect to: deliver the Academy training platform and associated materials; process payments via Stripe; send communications you have opted into; respond to enquiries; improve the website and its content based on analytics; comply with legal obligations.
We do not sell your personal data to third parties. We do not use your data for automated decision-making or profiling.
Where we process your personal data, we do so on the following legal bases:
Consent — for analytics cookies and marketing communications. You can withdraw consent at any time (via the cookie banner or the unsubscribe link in any email).
Contract performance — where processing is necessary to deliver Academy access you have purchased or to respond to an enquiry.
Legitimate interests — for fraud prevention and website security.
We use the following third-party services, each of which processes data in accordance with their own privacy policies and under appropriate data processing agreements:
Google Analytics 4 — website analytics (with consent). Data may be transferred to the US under Google's data processing terms.
Stripe — payment processing. Stripe acts as an independent data controller for payment data.
Kajabi — course hosting and delivery.
ScoreApp — quiz and lead capture.
Academy members: we retain your data for as long as your account is active and for a reasonable period afterwards for legal and accounting purposes. Email subscribers: we retain your email address for as long as you remain subscribed. Analytics data: aggregated and anonymised after 14 months. Contact enquiries: retained for up to 2 years.
Some of our third-party service providers (Google, Stripe, Kajabi) are based in the United States. Where personal data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or the service provider's certification under an approved framework.
Essential cookies: Required for the website to function correctly (e.g., remembering your cookie consent choice). These cannot be disabled.
Analytics cookies: With your consent, we use Google Analytics 4 cookies to understand how visitors use our site — pages visited, session duration, scroll depth, button clicks, and traffic sources. These do not identify you personally. You can withdraw consent at any time by clearing your browser cookies and revisiting the site, where the consent banner will reappear.
No advertising cookies: We do not currently use cookies for advertising or retargeting purposes.
Under the GDPR and Spanish data protection law (Ley Organica 3/2018), you have the right to: access the personal data we hold about you; request correction of inaccurate data; request deletion of your data; object to or restrict processing; data portability; and lodge a complaint with the Spanish Data Protection Authority (AEPD — Agencia Espanola de Proteccion de Datos, www.aepd.es).
To exercise any of these rights, email ian@atelierbarnard.co.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure, including HTTPS encryption, secure payment processing via Stripe, and access controls on our hosting provider (Cloudflare). However, no internet transmission is fully secure, and we cannot guarantee absolute security.
We may update this policy from time to time. We will post the updated version on this page with a revised date. For significant changes, we will notify affected users by email where possible.