Last updated: September 27, 2025
This Privacy Policy explains how Isle of the Monks ("We," "Us," or "Our") collects, uses, and protects your personal information when you use our website, accessible at https://isleofthemonks.com ("Service"). We are committed to safeguarding your privacy and ensuring compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).
Interpretation and Definitions
Interpretation
Words with capitalized initial letters have specific meanings as defined below. These meanings apply whether the terms are singular or plural.
Definitions
- Company: Refers to Isle of the Monks, located in Cyprus.
- Cookies: Small files placed on your device by a website to track browsing activity and store information.
- Country: Refers to Cyprus.
- Device: Any device used to access the Service, such as a computer, cellphone, or tablet.
- Personal Data: Any information relating to an identified or identifiable individual.
- Service: Refers to our website, https://isleofthemonks.com.
- Service Provider: Any third party that processes data on our behalf to facilitate or improve the Service, including GoDaddy for website hosting and email services, Vimeo for video embedding and playback, and Google reCAPTCHA for spam prevention on forms.
- Usage Data: Data collected automatically during your use of the Service, such as IP address or browser type.
- You: The individual or entity using the Service.
Collecting and Using Your Personal Data
Types of Data Collected
- Personal Data
We may collect the following information when you use our contact form:
- First name and last name
- Email address
- Message content
- Usage Data
Usage Data is collected automatically and may include:
- Your device’s IP address
- Browser type and version
- Pages visited, time, and date of visits
- Time spent on pages
- Interaction data with embedded videos, such as play events on Vimeo videos
- Behavioral data for form submissions, such as mouse movements and device interactions, processed by Google reCAPTCHA to prevent spam (only after consent)
- Cookies and Tracking Technologies
We use cookies to enhance your experience. These include:
- Necessary Cookies: Essential for the website to function (e.g., enabling form submissions).
- Cookies Policy Acceptance Cookies: Record your consent to our cookie policy.
We also embed videos from Vimeo, which may set additional cookies and collect usage data (e.g., IP address, device info) when you play the video. This only occurs after you consent via our cookie banner. For details, see our Cookie Policy. You can manage cookie preferences via your browser settings or our cookie banner. We use Google reCAPTCHA on our contact form to prevent spam and abuse. When enabled (after consent), it collects device and behavioral data (e.g., IP address, mouse movements) for risk analysis. For details, see our Cookie Policy.
Use of Your Personal Data
We may use your Personal Data to:
- Respond to your inquiries submitted via the contact form.
- Maintain and improve the Service, including monitoring usage.
- Deliver embedded videos via Vimeo, which may process limited data for playback functionality.
- Prevent spam and abuse on forms using Google reCAPTCHA, which analyzes interactions for security.
- Comply with legal obligations or resolve disputes.
Sharing Your Personal Data
We may share your Personal Data:
- With GoDaddy, our Service Provider, for website hosting and to receive and store contact form messages in our GoDaddy-hosted email account.
- With Vimeo, our Service Provider, for embedding and playing videos on the Service. When you interact with a Vimeo video (e.g., by playing it), Vimeo may receive and process your IP address, device information, and viewing behavior. Vimeo is based in the US, and we ensure GDPR-compliant transfers via their privacy framework.
- With Google reCAPTCHA, our Service Provider, for spam prevention on the contact form. When you submit the form (after consent), Google receives and processes your IP address, device details, and behavioral data (e.g., mouse movements) for risk scoring. Google is based in the US, and we ensure GDPR-compliant transfers via their Data Processing Addendum and Standard Contractual Clauses.
- During business transfers (e.g., mergers or acquisitions).
- With your consent or as required by law (e.g., in response to legal requests).
GoDaddy processes your contact form data (name, email, message) on our behalf to deliver your message to our email account. We ensure GoDaddy complies with GDPR through appropriate agreements.
Vimeo processes video interaction data as described above, and we require them to adhere to GDPR standards.
Google reCAPTCHA processes form data as described, and we require them to adhere to GDPR standards.
Retention of Your Personal Data
We retain Personal Data only as long as necessary to respond to your inquiries or for the purposes outlined in this policy. Contact form data stored in our GoDaddy-hosted email account is kept until no longer needed for communication or legal purposes. Video interaction data shared with Vimeo is retained by them per their privacy policy. reCAPTCHA data shared with Google is retained per their privacy policy (up to 6 months for cookies). Usage Data is retained for internal analysis and deleted when no longer needed, unless required by law.
Transfer of Your Personal Data
Your data is processed in Cyprus but may be transferred to other countries by GoDaddy or other Service Providers. We ensure appropriate safeguards, such as Standard Contractual Clauses, are in place to protect your data during such transfers. This includes transfers to Vimeo in the US, covered by Vimeo's GDPR-compliant mechanisms. This also includes transfers to Google for reCAPTCHA, covered by Google's GDPR-compliant mechanisms.
GDPR Compliance
If you are located in the European Economic Area (EEA), you have the following rights under the GDPR:
- Right to Access: Request access to your Personal Data.
- Right to Rectification: Request correction of inaccurate data.
- Right to Erasure: Request deletion of your Personal Data.
- Right to Restrict Processing: Request limitation of how we process your data.
- Right to Data Portability: Receive your data in a structured, commonly used format.
- Right to Object: Object to processing of your data for certain purposes.
- Right to Withdraw Consent: Withdraw consent at any time, without affecting prior processing.
To exercise these rights, contact us at info@isleofthemonks.com. We will respond within one month, as required by GDPR. You may also lodge a complaint with a supervisory authority, such as the Cyprus Data Protection Commissioner.
Security of Your Personal Data
We use commercially reasonable measures to protect your Personal Data, but no method of transmission or storage is 100% secure. We strive to ensure your data’s safety.
Children’s Privacy
Our Service is not intended for individuals under 13. We do not knowingly collect data from children under 13. If you believe we have such data, contact us to have it removed.
Links to Other Websites
Our Service may link to third-party websites. We are not responsible for their privacy practices. Review their policies before sharing information.
Changes to This Privacy Policy
We may update this policy periodically. Changes will be posted here, and we may notify you via email or a website notice. The updated policy is effective when posted.
Contact Us
For questions or to exercise your GDPR rights, contact us at: