top of page

Privacy Policy

Last updated: March 26, 2026

​

This Privacy Policy describes how Michal Luzzatto Photography (“we”, “us”, or “our”) collects, uses, and discloses your information when you use our website:
www.michal-luzzatto.com

 

By using the website, you agree to the collection and use of information in accordance with this Privacy Policy.

 

1. Data Controller

For the purposes of applicable data protection laws, including the GDPR,
Michal Luzzatto Photography is the data controller of your personal data.

​

Contact:
mail@michal-luzzatto.com

 

2. Information We Collect

We may collect the following types of information:

 

Personal Data

  • Name

  • Email address

  • Information provided through contact forms

  • Information related to purchases

 

Usage Data

  • IP address

  • Browser type and version

  • Pages visited and time spent

  • Device identifiers

 

3. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Contractual necessity – to process purchases and provide services

  • Legitimate interests – to improve our website, security, and marketing

  • Consent – where required (e.g., cookies, marketing communications)

 

4. How We Use Your Information

We use your information to:

  • Provide and operate the website

  • Process purchases (including prints and digital products such as courses)

  • Respond to inquiries

  • Send marketing communications (where permitted)

  • Improve performance and user experience

  • Conduct analytics and advertising, including remarketing

 

5. Payments

Payments are processed by third-party providers, including:

  • PayPal

  • Grow Payments

  • Max (credit card processing)

We do not store your payment details. Payment providers handle your data according to their own privacy policies.

 

6. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Analyze traffic

  • Improve functionality

  • Support advertising and remarketing

 

These may include:

  • Google Analytics

  • Meta (Facebook/Instagram) Pixel

  • Other advertising tools

 

Where required by law, we will request your consent before using non-essential cookies.

You can manage cookies through your browser settings.

 

7. Remarketing

We may use remarketing services to advertise to users who previously visited our website.
This may result in you seeing our ads on third-party platforms.

 

8. Sharing Your Information

We may share your information with:

  • Service providers (analytics, payments, marketing tools)

  • Business partners (if applicable)

  • Authorities where required by law

 

We do not sell your personal information.

 

9. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy or as required by law.

 

10. Your Rights (GDPR)

If you are located in the European Economic Area (EEA), you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request deletion of your data

  • Restrict processing

  • Object to processing

  • Request data portability

 

To exercise your rights, contact:
mail@michal-luzzatto.com

 

11. Your Privacy Rights (CCPA/CPRA)

If you are a California resident, you may have the right to:

  • Know what personal data we collect

  • Request deletion of your personal data

  • Request details about how your data is used

  • Opt out of the sale or sharing of personal information

 

We do not sell personal information.

 

To exercise your rights:
mail@michal-luzzatto.com

We will not discriminate against you for exercising your rights.

 

12. Do Not Track (CalOPPA)

Our website does not currently respond to “Do Not Track” signals.

 

13. International Data Transfers

International Data Transfers Your information, including Personal Data, may be transferred to - and maintained on - computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

For users in the European Economic Area (EEA), please note that we transfer data to countries outside the EEA, including Israel and the United States. We ensure that such transfers are conducted with appropriate safeguards in place, such as:

​

  • Adequacy Decisions: Relying on the European Commission's decision that certain countries (including Israel) provide an adequate level of data protection.

  • Standard Contractual Clauses (SCCs): Using specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

 

* Data Processing Agreements: Ensuring our third-party service providers (e.g., payment processors and analytics tools) adhere to strict data protection standards.

 

14. Children’s Privacy

This website is not intended for children under the age of 13.
We do not knowingly collect personal data from children.

 

15. Third-Party Links

Our website may contain links to third-party websites.
We are not responsible for their privacy practices.

 

16. Changes to This Policy

We may update this Privacy Policy from time to time.
Updates will be posted on this page with a revised date.

 

17. Contact

For any questions:
mail@michal-luzzatto.com

bottom of page