Halintos Torandro Logo
Expert-led training for analyzing hair texture types and developing targeted treatment protocols that work in real salon environments.

General Data Protection Regulation (GDPR) Compliance Policy

Last Updated: May 5, 2025

Halintos Torandro ("we", "our", or "us") is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This policy explains how we collect, use, store, and protect your personal information when you use our online masterclass platform.

1. Data Controller Information

Halintos Torandro is the data controller responsible for your personal data. You can contact us at:

  • Address: Starokostyantynivs'ke Hwy, 26, Khmelnytskyi, 29000, Ukraine
  • Email: contact@halintostorandro.com
  • Phone: +380674394848

2. Legal Basis for Processing Personal Data

We process your personal data based on one or more of the following legal grounds:

  • Consent: You have given clear consent for us to process your personal data for specific purposes
  • Contract: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract
  • Legal Obligation: Processing is necessary for compliance with legal obligations
  • Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information You Provide Directly

  • Name and contact information (email address, phone number, postal address)
  • Account credentials (username, password)
  • Payment and billing information
  • Profile information and preferences
  • Communications with us (support inquiries, feedback, reviews)
  • Course enrollment and completion data

3.2 Information Collected Automatically

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, time spent, features used)
  • Cookies and similar tracking technologies
  • Log files and analytics data

4. How We Use Your Personal Data

We use your personal data for the following purposes:

  • Providing and managing access to our masterclass platform
  • Processing payments and maintaining transaction records
  • Communicating with you about courses, updates, and support
  • Personalizing your learning experience
  • Improving our services and developing new features
  • Ensuring platform security and preventing fraud
  • Complying with legal and regulatory requirements
  • Sending marketing communications (with your consent)
  • Analyzing usage patterns and performance metrics

5. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

5.1 Service Providers

We work with third-party service providers who assist us in operating our platform, including:

  • Payment processors and financial institutions
  • Cloud hosting and storage providers
  • Email and communication service providers
  • Analytics and performance monitoring tools
  • Customer support platforms

5.2 Legal Requirements

We may disclose your personal data when required by law, regulation, legal process, or governmental request.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by regulatory authorities
  • Adequacy decisions recognizing equivalent data protection standards
  • Binding corporate rules for intra-group transfers
  • Other legally recognized transfer mechanisms

7. Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

7.1 Right of Access

You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data.

7.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data.

7.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data under certain circumstances, including when:

  • The data is no longer necessary for the purposes for which it was collected
  • You withdraw consent and there is no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed

7.4 Right to Restriction of Processing

You have the right to request limitation of processing your personal data in certain situations.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

7.6 Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

7.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time.

7.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.

8. Exercising Your Rights

To exercise any of your rights, please contact us at contact@halintostorandro.com. We will respond to your request within one month, though this period may be extended by two additional months for complex requests. We may request verification of your identity before processing your request.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Active account data: retained while your account is active
  • Transaction records: retained for accounting and tax purposes as required by law
  • Marketing data: retained until you withdraw consent or opt out
  • Legal compliance data: retained for periods required by applicable laws

After the retention period expires, we will securely delete or anonymize your personal data.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and audits
  • Employee training on data protection
  • Incident response and breach notification procedures

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform. You can manage cookie preferences through your browser settings. For detailed information, please refer to our Cookie Policy.

12. Automated Decision-Making and Profiling

We may use automated processing to personalize course recommendations and improve user experience. You have the right to object to automated decision-making that produces legal effects or similarly significant effects concerning you.

13. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

14. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach poses a high risk, we will also notify affected individuals without undue delay.

15. Third-Party Links

Our platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal data.

16. Changes to This Policy

We may update this GDPR Compliance Policy periodically to reflect changes in our practices, legal requirements, or regulatory guidance. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

17. Contact Information

If you have questions, concerns, or requests regarding this GDPR Compliance Policy or our data protection practices, please contact us:

  • Email: contact@halintostorandro.com
  • Phone: +380674394848
  • Address: Starokostyantynivs'ke Hwy, 26, Khmelnytskyi, 29000, Ukraine

This policy is designed to comply with GDPR requirements and protect your privacy rights. We are committed to transparency and accountability in all our data processing activities.