General Data Protection Regulation (GDPR) Policy

Last Updated: June 24, 2025

Virexanth ("we," "our," or "us") is committed to protecting your personal data and respecting your privacy rights. This GDPR Policy explains how we collect, use, store, and protect your personal information in compliance with the General Data Protection Regulation.

1. Data Controller Information

Virexanth acts as the data controller for personal information collected through our services.

Contact Details:

Company Name: Virexanth
Address: Lichnerova 132/40, 903 01 Senec, Slovakia
Email: info@ergosspireconsulting.pro
Phone: +421904518600

2. Legal Basis for Processing Personal Data

We process your personal data based on one or more of the following legal grounds:

Consent: You have given clear consent for us to process your personal data for specific purposes
Contract: Processing is necessary for the performance of a contract with you
Legal Obligation: Processing is necessary to comply with legal requirements
Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided your rights do not override those interests

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information You Provide Directly

Identity information: name, username, title
Contact information: email address, postal address, telephone number
Account credentials: username and password
Financial information: payment details, billing address
Profile information: preferences, interests, feedback
Communication data: correspondence and interactions with us

3.2 Information Collected Automatically

Technical data: IP address, browser type, device information
Usage data: how you interact with our services
Analytics data: performance metrics, session information
Cookie data: information collected through cookies and similar technologies

4. How We Use Your Personal Data

We use your personal data for the following purposes:

To provide and maintain our mentorship services
To process your registration and manage your account
To communicate with you about services, updates, and support
To process payments and prevent fraudulent transactions
To personalize your experience and improve our services
To send marketing communications (with your consent)
To comply with legal obligations and resolve disputes
To analyze usage patterns and optimize platform performance
To protect the security and integrity of our services

5. Your Rights Under GDPR

As a data subject, you have the following rights:

5.1 Right of Access

You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data.

5.2 Right to Rectification

You have the right to request correction of inaccurate personal data and to complete incomplete data.

5.3 Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data under certain circumstances, including:

The data is no longer necessary for the purposes collected
You withdraw consent and there is no other legal basis
You object to processing and there are no overriding legitimate grounds
The data was unlawfully processed

5.4 Right to Restriction of Processing

You have the right to request limitation of processing under certain circumstances.

5.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.

5.6 Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

5.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time.

5.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.

6. How to Exercise Your Rights

To exercise any of your rights, please contact us using the contact information provided above. We will respond to your request within one month, though this may be extended by two additional months for complex requests.

We may request specific information from you to confirm your identity before processing your request.

7. Data Sharing and Third-Party Disclosure

We may share your personal data with:

7.1 Service Providers

Third-party vendors who perform services on our behalf, including:

Payment processing services
Cloud hosting providers
Email delivery services
Analytics providers
Customer support platforms

7.2 Legal Requirements

We may disclose your data when required by law, legal process, or governmental request.

7.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity.

7.4 Data Processing Agreements

All third-party service providers are bound by data processing agreements ensuring GDPR compliance and appropriate data protection measures.

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside your residence. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses approved by the European Commission
Adequacy decisions recognizing equivalent data protection
Binding Corporate Rules for intra-group transfers
Certification mechanisms ensuring appropriate protection

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

Retention periods vary based on:

The nature of the data collected
The purpose for which it was collected
Legal, regulatory, or contractual obligations
Legitimate business needs

When data is no longer needed, we securely delete or anonymize it.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

Encryption of data in transit and at rest
Regular security assessments and audits
Access controls and authentication mechanisms
Employee training on data protection
Incident response procedures
Regular backup and recovery procedures

11. Automated Decision-Making and Profiling

We may use automated processing and profiling to:

Personalize your experience on our platform
Recommend relevant content and services
Analyze usage patterns for service improvement

You have the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significantly affect you. You may request human intervention, express your point of view, and challenge such decisions.

12. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately, and we will take steps to delete such information.

13. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your use of our services. For detailed information about our use of cookies, please refer to our Cookie Policy.

You can control cookie preferences through your browser settings and opt-out mechanisms we provide.

14. Marketing Communications

With your consent, we may send you marketing communications about our services, special offers, and updates.

You can opt out of marketing communications at any time by:

Clicking the unsubscribe link in our emails
Updating your communication preferences in your account settings
Contacting us directly at info@ergosspireconsulting.pro

Opting out of marketing does not affect service-related communications necessary for your account.

15. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

We will provide information about:

The nature of the breach
The likely consequences
Measures taken or proposed to address the breach
Contact information for further inquiries

16. Data Protection Officer

For questions regarding data protection or to exercise your rights, you may contact our designated data protection contact:

Email: info@ergosspireconsulting.pro

Phone: +421904518600

17. Changes to This Policy

We may update this GDPR Policy periodically to reflect changes in our practices or legal requirements. When we make material changes, we will:

Update the "Last Updated" date at the top of this policy
Notify you via email or prominent notice on our website
Request your renewed consent if required by law

We encourage you to review this policy regularly to stay informed about how we protect your data.

18. Supervisory Authority

If you believe we have not addressed your concerns appropriately, you have the right to lodge a complaint with your local data protection supervisory authority. Contact information for supervisory authorities can be found through the European Data Protection Board website.

19. Contact Information

For any questions, concerns, or requests regarding this GDPR Policy or our data practices, please contact us:

Company: Virexanth
Address: Lichnerova 132/40, 903 01 Senec, Slovakia
Email: info@ergosspireconsulting.pro
Phone: +421904518600

This GDPR Policy is effective as of the date indicated above and governs our collection, use, and protection of your personal data in accordance with applicable data protection laws.