Privacy Policy

Please read this privacy policy carefully. By accessing this site or using it and sending me any personal data, you accept the terms of this privacy policy.

Please note that by leaving this page (eg by going via a link to a page in another domain), the user goes to an area where this privacy policy does not apply. Best Language is not responsible for the privacy policy of websites operated by other entities.

The following privacy and cookies policy describes the rules for dealing with personal data and the use of cookies on the website

I reserve the right to make changes to the Privacy Policy.

The law
On 25 May 2018, the EU regulation on the protection of personal data will become applicable – Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data data and repealing Directive 95/46 / EC (referred to as “GDPR”).

Privacy information

  • The data controller is [Piers Midwinter] with its registered office in [Best Language, ul. Wladyslawa Reymonta 1/12, Opole 45-065, Poland], entered in the Register of Entrepreneurs under KRS number: [1334753], for which the register is kept by the Court [name of court, place, name of the department], Economic Department of the National Court Register, NIP: [5213439515], Regon: [161579995]. Data protection is carried out in accordance with the requirements of the generally applicable law, and their storage takes place on secured servers. Contact with the website administrator is possible via the contact form
  • The service provider is also the administrator of people subscribed to [Mailchimp] newsletter.
  • Personal data is processed: a. in accordance with the provisions on the protection of personal data, b. in accordance with the implemented Privacy Policy, c. to the extent and for the purpose necessary to establish, shape the contents of the Agreement, change or to resolve it and to properly implement the Services provided electronically, d. to the extent and purpose necessary to fulfil legitimate interests (legitimate purposes), and the processing does not violate the rights and freedoms of the data subject: to the extent and purpose consistent with the consent expressed by you if [for example] you subscribed to the newsletter.
  • Every data subject has the right to access data, rectify, delete or limit processing, the right of opposition, the right to file a complaint to Piers Midwinter
  • Contact with the person supervising the processing of personal data in the organisation of the Service Provider is possible by electronic means via the contact form
  • I have the right to process your data after the termination of the Agreement or withdrawal of consent only to the extent of the need to seek possible claims before the court or if national or EU regulations or international law oblige us to retain data.
  • The Service Provider has the right to share personal data of the User and other his data with entities authorised under the applicable law (eg law enforcement authorities).
  • The removal of personal data may occur as a result of the withdrawal of consent or filing a legally admissible objection to the processing of personal data.
  • Personal data is processed only by persons authorised or processed by us, with whom we work closely
  • I operate two websites
  • I direct and update both of my websites. I have created all the content (Youtube video’s, Graphics, HTML 5 adverts, text and hyperlinks etc.).
  • I am the GDPR Data Protection Officer
  • There is no management board etc – I am a sole trader.
  • This GDPR Policy was originally created on 18th May 2018
  • This policy is reviewed at least once a month. The next review will be before 18th June 2018
  • I am committed to safeguarding the privacy of all my website users and anyone contacting me

Best Language ensures the security of personal data through appropriate technical and organizational measures to prevent unlawful data processing and their accidental loss, destruction and damage.

Best Language makes special care that personal information is processed in accordance with the principles of personal data processing specified in art. 5 GDPR, i.e .:

  • Principle 1 – legally, reliably and transparently,
  • Principle 2 – collected for specific and legitimate purposes and not further processed in a manner inconsistent with these purposes;
  • Principle 3 – adequate, relevant and limited to what is necessary for the purposes for which it is processed;
  • Principle 4 – correct and updated as necessary;
  • Principle 5 – stored in a form that permits the identification of the data subject for no longer than is necessary for the purposes for which the data are processed;
  • Principle 6 – processed in a manner that ensures adequate security of personal data;
  • Principle 7 – in a manner that ensures the implementation of the rights of data subjects;
  • Principle 8 – not transferred without adequate protection to countries outside the European Economic Area or international organizations.

GDPR requires security of storage as well as transmission of personal data. If you have a contact form, then an SSL certificate is required. Without going into the technological details one can say that SSL encrypting data ensures the privacy of transmitted data. Personal data can be viewed only by your browser and the final recipient, thanks to which it is not possible to overhear and decrypt data from such transmission.

  • I respect the right to privacy and I care about data security. For this purpose, among others, secure communication encryption protocol (SSL) is used.

I use Anti-spam software – software that protects your computer from spam, which is unwanted or unnecessary e-mail. Advanced software also protects against phishing, ie messages from fraudsters impersonating subcommittees such as Poczta Polska, PGE. There are many anti-spam programs on the market. Such programs will work on hand computers in the entertainment selection.

This website also uses CloudFlare. This protects my web services from DDoS attacks through 23 Data Centers scattered around the world

Server logs

  • The use of the Site involves the transmission of queries to the server on which the Site is stored.
  • Each query addressed to the server is saved in the server logs.
  • Logs saved and stored on the server, data stored in the server logs are not associated with specific people using the Site and are not used by the Administrator to identify the User.

Sharing videos from the web is legal

For a long time, there has been a discussion whether the so-called embedding on the website of multimedia files made available elsewhere is compliant with the copyright law. This file usually contains a song, so its distribution should be obtained by the creator of the author. The situation seems to be even more complicated when “embedded” file, was previously placed on the network without the author’s consent. In this situation, is the responsibility for the unauthorised dissemination of the work only to the person sharing the work, or also the person who embedded it on their website? This issue was discussed at the end of 2014 by the Court of Justice of the European Union.

  • I have created the videos that are on my Youtube channel. I have embedded some of them on this website

Consent of the child to data processing – it is lawful to process personal data of a child over 16 years of age. If the child is under the age of 16, such processing is lawful only in cases where the consent has been expressed or approved by the person having parental authority or custody of the child and only in the scope of expressed consent.

  • I thus have no Facebook friends who are under the age of 16
  • I will NOT accept friendship requests from children under the age of 16 UNLESS they have parental consent to be Facebook Friends with me.

Comments and GDPR
Especially on blogs, but also on web portals, you can leave comments on articles. It can be done by any user who has the will and does so voluntarily.

But to add a comment you have to enter your details. These are usually the first name (or nickname), email address and commentary. If you use an external Disqus application, the data is collected on the application’s side.

Any user who wants to leave a comment in this way accepts the Disqus regulations. You display these comments only on your site.

I use a built-in comments system in WordPress. The system thus asks you to agree to the processing of this data.

The Privacy Policy does not apply to websites and companies whose contact details are provided on the websites.

Summary of actions taken

  • I opened my company on April 1st, 2014
  • I signed the Power of Attorney on 24th May 2017. I thus have a lawyer that represents me. Information on who my Lawyer can be requested by email.
  • I have an Accountant that looks after all of my companies paperwork. I have had my current Accountant since May 2015. I also have records from my previous Accountant too. My Companies paperwork is full and complete. It resides with my Accountant. Information on who my current Accountant or Accountants can be requested by email.
  • I have created a computerised newsletter called “GDPR Consent form” which asks all recipients of my newsletter service to update their subscription settings. This newsletter was sent out to the clients on my e-mail list on the 20th May 2018. A link to the newsletter was also published on Facebook in order to give clients every opportunity to change the personal data I have on them within my Mail-chimp newsletter service. A copy of this newsletter can be requested by email.
  • I have heavily updated my website to comply with GDPR legislation. This includes:
    • A new toolbar that automatically appears at the bottom of the screen every time a visitor visits my website. This toolbar contains information about Cookies containing the following message “I am using cookies to give you the best experience on my website. You can find out more about which cookies I am using or switch them off in settings.” It also contains a button that lets users “Accept” my cookies policy.
    • A new checkbox that is integrated into every single contact form on this website. The checkbox relates to the message “By using this form you agree with the storage and handling of your data on this website.”
    • Deleting Google Analytics tools
    • Ensuring that the only way to contact me is via the contact form (with the checkbox designed to ensure users have read my Privacy Policy)
  • I created and sent a “Client engagement document” – this aimed to gain permission to use personal data (name, address, telephone number, email address etc – as well as parental consent to contact any clients under the age of sixteen and to teach them etc.).
  • This document was last updated on 2nd June 2018

Privacy Centre

At the bottom of this page you will find the Privacy Centre. This includes tools on:

  • Your right to be forgotten
  • Copyright infringements
  • Contacting the Data Protection Officer
  • Data Rectification
  • Media Credits
  • Requesting a copy of all your personal data used on this website
  • Privacy Settngs
  • Terms and Conditions
  • Subscribe and unsubscribe


  • Privacy Policy is a document whose content must comply with the provisions of the GDPR
  • The acronym “GDPR” refers to General Data Protection Regulation
  • The words “I”, “me”, “my” and “myself” refer to Piers Midwinter
  • Best Language is the brand name for my Polish company.
  • The phrase “My Company” refers to Best Language
  • The phrase “Public profiles” can refer to a short description of me and/or my company in a short article on an external website such as Facebook etc.
  • My websites are ( and
  • For the purposes of better acceptance of the Privacy Policy, the term “User” has been replaced with the terms “You”, “Administrator” – “We”.
  • The term “RODO” means Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC

Cookies Q&A

This section summarises the main GDPR key questions and answers in terms of Cookie data…

What information is being collected by the Cookies?

  • Please see the images below

Who is collecting it?

  • Please see the images below

How is it collected?

  • The images below show that information is collected by cookies

Why is it being collected?

  • The images below show that there are four main reasons: Strictly Necessary, Unclassified, Statistics and Marketing

How will it be used?

  • Please see the images below

Who will it be shared with?

  • Please see the images below

What will be the effect of this on the individuals concerned?

  • Users can also change their cookie settings in the browser they are using. Information on how this can be done can found here: All about Cookies
  • This website does NOT use Google Analytics tools.
  • This website’s use of Cookies has been identified and verified independently by Cookie Checker
  • The results from Cookie Checker website are shown in the images below

Is the intended use likely to cause individuals to object or complain?

As a result of the above-mentioned points, users can change their cookie settings, switch them off in a browser or accept this website’s use of them. The individuals using website thus have FULL CONTROL of their personal data. They thus have no reason to object or complain.

Newsletter & Marketing

From 25th May 2018, all Marketing, Promotions and Newsletters from me require

  • Your consent through a positive opt-in.
  • Your consent must be given freely
  • You to withdraw consent and/or change the way you subscribe easily

If you are interested in receiving my Newsletters and/or promotions, please do contact me

Personal data

  • The user can use my contact form to transfer his personal data to me
  • Providing personal data is always voluntary. You do not have to provide it. It is your choice.
  • The administrator (Piers Midwinter) guarantees the confidentiality of all personal data provided to him.
  • Personal data is collected with due diligence and properly protected against access by unauthorised persons.
  • The user has the right to request access to, rectify, delete or limit processing; the right to object to the processing; the right to transfer data; the right to withdraw consent to the processing of personal data for a particular purpose, if the User previously gave such consent; the right to file a complaint with Piers Midwinter
  • As a teacher, I use students personal data to contact them about lessons etc

How long data is kept

  • I am a teacher. So I have a very direct relationship with my clients
  • If a student decides to stop learning English completely, then I have no need for their personal data and delete it
  • Sometimes students take a break from learning (e.g. during the summer holidays etc.) and then want to come back.
  • If a student requests personal data to be deleted, I will do so immediately. No student has ever done so – but under the new GDPR regulations, I must now offer this service.
  • Data can be kept for up to four months (To cover myself during the summer holiday). If a student does not resume English lessons by October, their personal data is then deleted permanently

Risk Analysis

This section details the risk of data-leaks after the implementation of GDPR.

  • In terms of website safety: This website is extremely secure – (please read the section above on security). There is an extremely low risk of a personal data breach as calculated by HR-ON
  • In terms of my phone number: My phone number has a verified Samsung “Hiya” Business Profile. This forces any caller to identify themselves before a call is accepted. This thus blocks calls from any parties under the age of 16, spammers and marketers etc.
  • In terms of my mobile phone: My phone uses a biometric fingerprint scan or a unique combination swipe to open it.
  • In terms of my computer: My computer requires a unique password to open it
  • In terms of my office space (where personal data is kept): My flat has Birmingham bars to secure the front door. It also has two locks etc. The building has an active neighbourhood watch scheme
  • The last and MOST important point – I am a Sole Trader and have very few clients! I think it is extremely unlikely anyone would want to steal my data!!!!
  • The risk of a breach of data is thus effectively ZERO

Privacy Centre

Contact DPO

Please visit the Contact page and use the form to send an email to the DPO (Data Protection Officer) – Piers Midwinter

Data Rectification

Please visit the Contact page and use the form to request a change in your personal data

Forget me

Please visit the Contact page and use the form to submit a request to erase your personal data

Terms and Conditions

Please click to visit the Terms and Conditions page. You can also use the Contact form on the Contact page to send an email to Piers Midwinter


At the moment my newsletter is NOT active. So there is no need for an Unsubscribe button. If you do wish to subscribe – please use the Contact form to send your request

Media Credits

All images used on this website have been created or transformed by me. Please contact me for more information

Copyright infringements

Please click this box to visit the DMCA website to report a copyright infringement or alternatively, contact me via the contact form

Privacy Settings

Please click this box to visit the “All About Cookies” website to learn how you can change your cookie settings within your browser.