A Bad Girl's Journal

PRIVACY POLICY

Effective Date: April 1st, 2026

I. CONTROLLER INFORMATION

This website, https://www.badgirlsjournal.com (the “Website”), is operated by STOYANOVA Group LTD (the “Controller”).

For any questions regarding this Privacy Policy or the processing of personal data, you may contact: editorial@badgirlsjournal.com

II. SCOPE AND PURPOSE

This Privacy Policy describes how personal data is collected, used, disclosed, and protected when you access or use the Website.

The Controller processes personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

III. PERSONAL DATA WE COLLECT
We may collect and process the following categories of personal data:

1. Newsletter Subscription Data

When you subscribe to our newsletter, we collect:

  • First name
  • Email address

This data is processed for the purpose of:

  • Delivering newsletters
  • Providing updates and communications
  • Sending marketing content

The legal basis for this processing is Article 6(1)(a) GDPR (consent).

You may withdraw your consent at any time by using the unsubscribe link included in each email.

2. Contact Form Data

When you submit an inquiry via our contact form, we collect:

  • First name
  • Last name
  • Email address
  • Message content

This data is processed for the purpose of responding to your inquiry.
The legal basis is Article 6(1)(f) GDPR (legitimate interest).

3. Comments Data

When visitors leave comments on the Website, we collect:

  • Information provided in the comments form
  • IP address
  • Browser user agent string

This data is used for:

  • Spam detection
  • Moderation and publication of comments

The legal basis is Article 6(1)(f) GDPR (legitimate interest).

4. Technical and Usage Data

We may automatically collect certain technical data, including:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and interaction data

IV. COOKIES

The Website uses cookies and similar technologies to ensure proper functionality and to analyze user behavior.

Cookies may include:

  • Strictly necessary cookies
  • Analytics cookies
  • Preference cookies

Non-essential cookies are only activated upon obtaining your prior consent in accordance with Article 6(1)(a) GDPR.

You may manage or withdraw your consent at any time via the cookie settings available on the Website.

V. ANALYTICS

We use third-party analytics services, including:

  • Google Analytics
  • DreamHost analytics tools

These services may collect information about your use of the Website, including IP address and browsing behavior.

Where applicable, IP anonymization measures are implemented.

VI. EMBEDDED CONTENT

The Website may include embedded content (e.g., videos, images, social media content).

Embedded content from third-party websites behaves as if the user has visited those websites directly.
Such third parties may collect data, use cookies, and monitor interactions in accordance with their own privacy policies.

VII. DATA SHARING AND RECIPIENTS

Personal data may be shared with third-party service providers acting as data processors, including:

  • ConvertKit (email marketing services)
  • Google (analytics services)
  • DreamHost (web hosting services)

These providers process data on behalf of the Controller and are contractually bound to ensure appropriate data protection safeguards.

VIII. DATA RETENTION

Personal data is retained only for as long as necessary for the purposes for which it was collected:

  • Newsletter data: until withdrawal of consent
  • Contact form data: for the duration necessary to handle the inquiry
  • Comments: retained unless deletion is requested

IX. INTERNATIONAL DATA TRANSFERS

Personal data may be transferred to and processed in countries outside the European Economic Area (EEA).

Where such transfers occur, appropriate safeguards are implemented in accordance with GDPR, including Standard Contractual Clauses approved by the European Commission.

X. DATA SUBJECT RIGHTS

Under GDPR, you have the following rights:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object
  • Right to withdraw consent at any time
To exercise these rights, please contact: editorial@badgirlsjournal.com

XI. DATA SECURITY

The Controller implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including protection against unauthorized access, alteration, disclosure, or destruction of personal data.

XII. DATA BREACH PROCEDURES

In the event of a personal data breach, the Controller will comply with applicable legal obligations, including notification to relevant supervisory authorities where required.

XIII. AUTOMATED DECISION-MAKING

No automated decision-making or profiling is carried out.

XIV. CHANGES TO THIS POLICY

This Privacy Policy may be updated. Any changes will be published on this page.

XV. CONTACT

For any questions regarding this Privacy Policy or data protection matters, please contact: editorial@badgirlsjournal.com

You’re Early

The CATS Club is currently in the making.


Like a hidden garden, waiting for spring, some doors need to be found before they open to anyone…

Opening May 1, 2027.

Stay Close

Get our private letters on the latest launch news, bad-girls’ favorites, cultural musings, style obsessions, and all the sweetest secrets.

By subscribing, you agree to our Terms and Conditions and acknowledge our Privacy Policy.

Let's be e-girlfriends!

Subscribe for private letters steeped in bad girls’ favorites, feminine chaos, and soft order.