Privacy
Policy.
This policy explains how Torsten Advisory collects, uses, and protects personal data submitted through this website.
Contents
01
Who we are
Torsten Advisory is a sole-practitioner consulting firm. For the purposes of the General Data Protection Regulation, UK GDPR, and applicable Canadian privacy law including PIPEDA, the data controller is:
Torsten Advisory
Andrew Mehes, Principal
Toronto, Ontario, Canada
Email: info@torstenadvisory.com
This policy explains how personal data submitted through this website is collected, used, and protected.
02
What data we collect
We collect personal data through two channels on this website:
| Channel | Data collected | Basis |
|---|---|---|
| Meeting bookings Microsoft Bookings | Name, email address, optional phone number, and meeting notes | Contract performance for scheduling the requested meeting |
| Website analytics Hostinger | Page views, visit counts, and referrer URL in aggregated form | Legitimate interest in understanding site usage anonymously |
We do not collect sensitive personal data through this website. We do not run advertising or track individuals across sites.
03
How we use your data
Email enquiries: when you contact us by email, your message and address are used solely to respond to your enquiry. Your email is not added to a mailing list or shared with third parties.
Booking data: used to schedule, confirm, and manage the meeting you requested. Calendar invitations are sent to the address you provide.
Analytics data: used to understand which pages are visited and how visitors arrive at the site. Analytics data is aggregated server-side and contains no personal identifiers.
We will not use your data for automated decision-making, profiling, or marketing without your explicit consent.
04
Data processors
We use third-party services to operate this website:
| Processor | Purpose | Data shared | Privacy terms |
|---|---|---|---|
| Microsoft Corporation Microsoft Bookings | Meeting scheduling and calendar management | Name, email, optional phone, and booking details | privacy.microsoft.com |
| Hostinger International Ltd. Web hosting and analytics | Website hosting and basic server-side traffic analytics | Aggregated traffic data only, with no personal identifiers | hostinger.com legal privacy policy |
We do not use Google Analytics, Meta Pixel, or advertising technology on this website.
05
International transfers
Microsoft operates under the EU Data Boundary programme, which means data from European Economic Area users stored in Microsoft 365 is processed and stored within the EU or EEA where technically feasible. Microsoft is also certified under the EU/US Data Privacy Framework.
Hostinger is incorporated in Lithuania and operates data centres within the EU. Hostinger's Data Processing Addendum incorporates EU Standard Contractual Clauses where applicable.
Torsten Advisory is based in Canada, a country with EU adequacy status under GDPR. Transfers of personal data to Torsten Advisory for the purpose of responding to enquiries are lawful without additional safeguards.
06
Retention
We retain personal data only for as long as necessary for the purpose it was collected.
| Data type | Retention period |
|---|---|
| Booking records | Retained for 12 months after the meeting, then deleted |
| Email correspondence | Retained for the duration of any engagement, then reviewed for deletion |
| Analytics data | Aggregated server-side statistics. No identifiable visitor records are stored |
You may request deletion of your personal data at any time by emailing info@torstenadvisory.com.
07
Cookies and tracking
This website uses no advertising cookies and no cross-site tracking.
Hostinger analytics: the hosting provider's built-in analytics are server-side only. They record aggregate traffic counts without setting cookies in your browser or collecting personally identifiable information.
Microsoft Bookings: when you interact with the booking page, Microsoft may set session cookies necessary for the booking flow to function. These are functional cookies set by Microsoft as a processor, not by Torsten Advisory.
There are no analytics, marketing, or tracking cookies set by torstenadvisory.com itself. You do not need to accept cookies to use this site.
08
Your rights
Under GDPR and UK GDPR, you have rights in relation to your personal data. To exercise any of these rights, contact us at info@torstenadvisory.com. We will respond within 30 days.
Request a copy of the personal data we hold about you.
Ask us to correct inaccurate or incomplete data.
Request deletion where there is no compelling reason to continue processing.
Ask us to limit how we use your data while a dispute is resolved.
Receive your data in a structured, machine-readable format.
Object to processing based on legitimate interests.
If you are based in Canada, you also have rights under PIPEDA, including the right to access your personal information and challenge its accuracy.
09
Contact and complaints
For any privacy-related question, request, or concern, please contact us directly.
Torsten Advisory Data Controller
We take privacy matters seriously and aim to respond to all requests within 30 days.
Email: info@torstenadvisory.com
Subject line: Privacy Request, followed by your name.
If you are located in the EU or EEA and are not satisfied with our response, you have the right to lodge a complaint with your national data protection authority. If you are located in Canada, you may contact the Office of the Privacy Commissioner of Canada.
10
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in tools, practices, or legal obligations. The effective date at the top of this page will be updated accordingly.
Continued use of the website after changes are published constitutes acceptance of the updated policy. We encourage you to review this page periodically.