Privacy Policy

Last updated: October 1, 2025

House on Fire (www.wehoufi.com) is committed to protecting the privacy of its users. This Privacy Policy outlines what data we collect when you use our website, how we process, store and protect it, and your rights regarding your personal information. Our goal is to provide a transparent and secure user experience, in line with the applicable legislation of the Republic of Serbia and international data protection standards, including the General Data Protection Regulation (GDPR – Regulation (EU) 2016/679).

Information We Collect

Technical Data:
We automatically log certain technical information when you visit our website, including your IP address, device type, browser, operating system, time of access and pages visited. This data is used in aggregated form only, for analytics and optimisation purposes.

Analytics:
We use Google Analytics and Google Tag Manager to collect anonymised and aggregated statistics, including the number of visits, time spent on website, most-read articles, approximate location of users, and general interest categories. These insights help us improve our content and plan platform development.

Contact and “You Write” Submissions:
When you contact us via Contact Form 7 or submit written work for the “You Write” section, we collect only the information you provide voluntarily (e.g., name, email address, short bio, and links). Submissions are sent exclusively via email for review and approval. If published, they appear with your name or pseudonym, a short bio, and optionally, contact information — always with your explicit consent.

Multilingual Settings:
The website uses WPML Multilingual CMS and WPML String Translation to display content in multiple languages. The language is automatically set according to your browser preferences, but can also be manually selected. These settings are used solely to enhance website functionality and the user experience.

Embedded Content and Social Sharing:
We may embed content from third-party platforms such as Instagram, TikTok, X (formerly Twitter), and YouTube, as well as provide links to other websites. You may also share our content via Facebook, Reddit, LinkedIn, WhatsApp, Viber or email. Your interactions with these services are governed by their own privacy policies.

Advertising and Commercial Metrics:
If we collaborate with advertisers or partners, we may provide them with aggregated, anonymised performance metrics, such as: total visits and unique visitors, page views, average reading time, bounce rates, repeat visits, content interactions (shares, link clicks), and top-performing sections and articles. We may also share general demographic and geographic data (e.g., country, city, device type, browser, browser language), and interest-based audience insights derived from analytics tools.

For advertising campaigns, we may share overall metrics such as the number of impressions, clicks, and campaign performance — always in anonymous, aggregated form.

Personal user data is never shared without explicit consent or unless required by law.

Donations via PayPal:

Our website includes a PayPal widget that enables visitors to make voluntary donations. When you click the donation button, you are redirected to PayPal’s platform, where their terms and privacy policy apply. During the transaction, PayPal may process your personal data such as your name, email address and donation amount — this data is not stored on our servers.

In the context of voluntary donations made via PayPal, your personal data is processed directly by PayPal Holdings, Inc., in accordance with their own data protection policies, over which we have no control. House on Fire does not receive or store any payment card details, bank account numbers or other sensitive financial information.

PayPal cookies and scripts are loaded only after users give consent via our cookie banner.

We never share personal data without your explicit consent or unless required by law.

Cookies and Website Caching:
We use the CookieYes | GDPR Cookie Consent plugin to manage cookie preferences in a transparent way. Additionally, we use LiteSpeed Cache to improve website speed and performance. Details are available in our Cookie Policy.

How We Use the Data

We process data solely for the following purposes:

·         to maintain website functionality and automatic language display,

·         to analyse traffic and improve our content,

·         to communicate with users and contributors directly,

·         to publish submissions with the author’s explicit consent,

·         to share anonymised usage data with potential partners and advertisers.

We do not use your data to make automated decisions that produce legal or similarly significant effects.

We do not sell or rent personal data to any third party.

Personal data submitted voluntarily (e.g. via forms or email) is processed on the basis of informed consent.

Data is retained only for as long as necessary to fulfil its intended purpose or as long as legally required under applicable regulations.

We process personal data on the basis of one or more lawful grounds, including your explicit consent, the performance of a contract (e.g., in relation to published submissions), compliance with legal obligations, our legitimate interests (such as improving website functionality), or where processing is necessary to protect vital interests.

Donor data (e.g., name, email address, donation amount) is used only to confirm the payment or, upon request, to acknowledge support publicly — always with the donor’s consent.

International Transfers

Some data may be transferred and processed outside of Serbia (e.g. in the EU or the United States), always in line with relevant data protection laws. We only use service providers that offer adequate safeguards, such as Standard Contractual Clauses (SCCs).

Data Sharing and Protection

Your data may be shared only:

  • with authorised service providers (e.g., hosting via Premium Web Hosting / Hostinger, analytics tools, customer support),
  • when required by law or a competent authority,
  • for advertising or partnership reporting – in fully anonymised and statistical form, with no personally identifiable information included.

We implement appropriate technical and organisational safeguards to prevent unauthorised access, misuse or data loss. However, users should be aware that no online data transmission or storage is completely risk-free.

Access to personal data is granted only to authorised data processors (e.g., hosting providers, analytics tools, and communication platforms), and strictly to the extent necessary to deliver their services. All data processors operate under agreements that include binding data protection obligations and safeguards, in accordance with applicable laws and the GDPR.

In accordance with GDPR, in the event of a data breach, users and supervisory authorities will be notified within 72 hours of becoming aware of the incident, where feasible.

User Rights

In accordance with GDPR and applicable Serbian law, users have the right to:

  • Access – to request a copy of the personal data we hold about you;
  • Rectification – to request correction of inaccurate or incomplete data;
  • Erasure – to request deletion of data, unless retention is required by law;
  • Restriction – to request temporary suspension of processing in specific situations;
  • Portability – to receive your data in a structured, commonly used format;
  • Objection – to object to data processing, where applicable.

If you have donated via PayPal, you may request access to basic data shared with us (e.g. name, donation amount), and ask for its deletion or correction — if we have stored any of it.

To exercise any of your rights, please contact us at: hey@wehoufi.com

If you believe your data has been handled improperly, you have the right to lodge a complaint with the Commissioner for Information of Public Importance and Personal Data Protection (Serbia’s supervisory authority).