Skip to main content

Privacy Policy

This policy explains how pehlvarix collects and uses personal data when you visit this website, contact us, or register interest in our educational course.

Last Updated: March 14, 2026

1. Introduction & Controller Identity

This Privacy Policy explains how pehlvarix (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit this website and interact with our course-related forms and content. The website is an educational portal for a course that teaches consumer technology advisory skills, including product knowledge, customer communication, and retail consulting fundamentals. This website provides educational content only and does not sell electronic products or provide technical services.

Data Controller: Pehlvarix Education s.r.o., U Nikolajky 3325/34, SmĂ­chov, 150 00 Praha, Czechia. You can contact us at [email protected].

Effective Date: March 14, 2026. We do not currently appoint a Data Protection Officer (DPO) because the nature and scale of processing on this website does not require it; however, we treat privacy requests seriously and respond promptly using the contact details in Section 18.

2. Personal Data We Collect

We collect only the data that is needed to operate the site, respond to enquiries, and provide course-related information. Depending on how you use the site, we may collect the following categories:

  • Identity and contact information: name, email address, and phone number if you provide it in a message or contact request.
  • Form content: the text you include in messages, questions about the learning program, and any details you choose to share about your role or training context.
  • Technical data: IP address, browser type and settings, device type, operating system, language settings, and approximate location derived from IP (city/region-level).
  • Usage data: pages viewed, time spent, referral source, click paths, and interactions with site elements (such as opening an FAQ entry).
  • Cookies and identifiers: first-party cookies that support session continuity and your cookie choices, plus third-party cookies if you consent to analytics and marketing (see Section 4).
  • Conversion events: events related to form submissions (for example, “registration interest sent”), used to measure whether our communications and pages are working as expected.

We do not intend to collect special-category data (such as health information, religious beliefs, political opinions), financial account details, or government identification numbers through this website. Please do not include such data in free-text fields.

3. Why We Process Your Data & Legal Basis (GDPR Art. 6)

We process personal data for clear and limited purposes. The legal bases below apply under the GDPR and related European privacy laws:

  • Contact and registration-interest forms: to respond to your request and provide course information. Legal basis: Art. 6(1)(b) (steps prior to entering into a contract) and Art. 6(1)(a) (consent) where you explicitly consent to being contacted.
  • Analytics (optional): to understand how people use the site and improve content clarity. Legal basis: Art. 6(1)(a) (consent).
  • Marketing/remarketing (optional): to measure advertising performance and show relevant messages to people who have shown interest in the course. Legal basis: Art. 6(1)(a) (consent).
  • Security and fraud prevention: to protect the site, prevent abuse, and maintain availability. Legal basis: Art. 6(1)(f) (legitimate interests).
  • Legal obligations: to comply with applicable laws and enforce our policies. Legal basis: Art. 6(1)(c) (legal obligation).

Automated Decision-Making (Art. 22): We do not engage in automated decision-making or profiling that produces legal or similarly significant effects. If we use advertising audiences, it is to measure performance and relevance, not to make decisions that materially affect you.

4. Cookies & Tracking

Cookies are small text files stored on your device. This site also may use pixel tags and similar technologies, depending on your consent choices. We group cookies and tracking into three categories that match our Cookie Policy at /cookie-policy/.

Essential (always active)

Essential cookies are required for the site to function and to remember your cookie preferences. These do not require consent in many jurisdictions. Examples include: _site_session (session continuity) and cookie_consent (stores your cookie choice). Retention ranges from session to 12 months. We may also use an anti-forgery/CSRF token when needed to protect forms.

Analytics (optional; consent required)

If you opt in, we may enable Google Analytics 4 to understand page usage and improve our educational content. Where available, we configure IP anonymization. Analytics cookies may include _ga (2 years) and _ga_XXXXXXXXXX (2 years). We set analytics retention to 14 months for reporting.

Marketing (optional; consent required)

If you opt in, we may enable marketing cookies to measure ad performance, attribute conversions, and show relevant course messages. Cookies may include _gcl_au (Google Ads, 90 days), _fbp (Meta Pixel, 90 days), and _fbc (Meta click identifier, 90 days when a click ID is present).

Beyond cookies, marketing measurement can involve pixel tags (for example, Google tags or Meta Pixel). In some setups, events may also be sent server-side (for example via Meta Conversion API or server-side tag management). Where identifiers are used, they may be derived from request metadata such as IP address and User-Agent, and may include hashed identifiers for matching, depending on your consent and configuration.

5. Consent (EEA/UK)

Users in the EEA and UK receive a consent notice under GDPR/UK GDPR. Analytics and marketing cookies activate only after explicit, informed, freely given consent (Art. 6(1)(a)). Your consent choice is recorded in the cookie_consent browser cookie (12 months). You may withdraw consent at any time via “Manage cookie preferences” in the footer, or by clearing cookies in your browser. Withdrawal does not affect the lawfulness of processing carried out before you withdrew consent.

6. Sharing With Advertising & Service Partners

We use reputable service providers to run and improve the site. Depending on your consent settings and how you interact with the website, we may share limited data with:

  • Google LLC (Google Analytics 4, Google Ads, Tag Manager, remarketing): cookie identifiers, usage data, and conversions. Privacy information: https://policies.google.com/privacy
  • Meta Platforms (Pixel, Custom/Lookalike Audiences, Conversion API): page views, conversions, audience membership, and (where configured) hashed identifiers. Privacy information: https://www.facebook.com/privacy/policy
  • Cloudflare (CDN and security): limited technical data such as IP-based threat signals for security and performance. Privacy information: https://www.cloudflare.com/privacypolicy/

We do not sell personal data. These providers are engaged to process data on our behalf for the purposes described in this policy, and we do not permit them to use site data for their own independent commercial purposes beyond what is required to deliver their services.

7. International Transfers

Some of our service providers are based outside the EEA/UK (including in the United States). Where personal data is transferred internationally, we rely on appropriate transfer mechanisms, which may include the EU–US Data Privacy Framework (since July 2023) and its UK Extension and Swiss–US counterpart where applicable, and the European Commission’s Standard Contractual Clauses (EU 2021/914) as a fallback. For the UK, we may rely on the UK International Data Transfer Addendum/IDTA as relevant.

8. Retention

We retain personal data only as long as needed for the purposes described:

  • Contact and registration enquiries: up to 2 years from the last interaction.
  • Analytics data: 14 months in analytics reporting settings (where enabled).
  • Marketing cookies: for the cookie lifetime described in Section 4 (where enabled).
  • Email correspondence: for the duration of the relationship plus 1 year, unless longer retention is needed for legal reasons.
  • Server and security logs: typically 90 days, unless needed to investigate abuse.
  • Cookie consent record: up to 3 years for audit and compliance purposes.
  • Legal and tax records: as required by law (often 6–10 years where invoices or formal accounting records apply).

9. Your Rights (GDPR & UK GDPR)

Depending on your location, you may have rights under GDPR/UK GDPR, including:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restrict processing (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)
  • Right to withdraw consent at any time (Art. 7(3))
  • Right to lodge a complaint with a supervisory authority (Art. 77)

To exercise your rights, email [email protected]. We usually respond within 30 days. For complex requests, the response period may be extended by up to 60 additional days, as permitted by law.

Supervisory authority resources: https://edpb.europa.eu (EU overview), https://ico.org.uk (UK), https://www.uoou.cz (Czech Republic).

10. Children

This site is not directed at individuals under 16. We do not knowingly collect personal data from minors. If we become aware that data from a child under 16 has been submitted without verifiable parental consent, we will delete it promptly.

11. Do Not Track

This website does not respond to Do Not Track (DNT) browser signals. Third-party providers may have their own DNT handling and settings.

12. Data Deletion Requests

You may request deletion of your personal data by emailing [email protected] with the subject line “Data Deletion Request”. We may ask for reasonable information to verify your identity before acting on the request. We aim to complete deletion within 30 days of verification, unless limited retention is required by law.

13. Business Transfers

In the event of a merger, acquisition, asset sale, financing, reorganization, or insolvency, personal data may be transferred to a successor entity. If such a transfer materially changes how personal data is used, we will provide notice on the website.

14. California (CCPA / CPRA)

This section applies if you are a California resident and the California Consumer Privacy Act (as amended by the CPRA) applies to our processing. In the past 12 months, we may have collected the following categories:

  • Identifiers: name, email, IP address, cookie and device identifiers (shared with service providers and, with consent, advertising partners).
  • Internet/network activity: browsing and interaction data (shared with analytics and advertising providers with consent).
  • Inferences: interests or preferences derived from site interactions (used for advertising relevance with consent).

We do not sell personal information as defined by CCPA. We do share information for cross-context behavioral advertising when marketing cookies are enabled; California residents may opt out via our cookie preferences panel. You may have rights to Know, Delete, Correct, Opt-Out of sale/sharing, and Non-Discrimination. To submit a request, email [email protected] with the subject line “California Privacy Request”. We may need to verify your identity. Authorized agents may submit requests with proof of authorization.

15. Virginia (VCDPA)

If you are a Virginia resident and the Virginia Consumer Data Protection Act applies, you may have rights to access, correct, delete, and obtain a copy of your personal data, and to opt out of targeted advertising. To submit a request, email [email protected] with the subject line “Virginia Privacy Request”. We do not sell personal data or engage in profiling that produces legal or similarly significant effects. If we decline a request, you may appeal by emailing with the subject line “Appeal of Refusal — Privacy Request”. We will respond within 60 days. If the appeal is denied, you may contact the Virginia Attorney General.

16. Nevada

Nevada residents may submit a verified opt-out request by emailing [email protected] with the subject line “Nevada Do Not Sell Request”. We do not currently sell personal information under Nevada Revised Statutes Chapter 603A.

17. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or service providers. Material changes will be announced via a site notice at least 14 days before taking effect. The “Last Updated” date at the top of this page will be revised whenever we publish changes.

18. Contact

If you have questions about this Privacy Policy or want to exercise your rights, contact:

Privacy questions

If you want clarification about cookies, consent, or what we store from a course enquiry, send a message here. This form is for privacy-related questions only. For general course enquiries, please use the Contact page.

By submitting, you agree to our Privacy Policy.

What happens next: we will review your message and reply by email. We use your email address only to respond to this request and keep a limited record for compliance.