PRIVACY POLICY
for the “Business Pathfinder Chronicles” Website
https://business-pathfinder.com
Date of Publication/Last Update: October 22, 2025
1. GENERAL PROVISIONS AND JURISDICTION
1.1. Purpose of the Document: This Privacy Policy (hereinafter the “Policy”) governs the procedure for the processing, collection, storage, and protection of Personal Data (PD) obtained by the Data Controller from the Users of the Website.
1.2. Data Controller (We/Us): The Administrator and owner of the Website, Sergey V. P. (operating as an individual or a registered business entity).
1.3. Applicable Law: This Policy is developed and operates in accordance with the requirements of the General Data Protection Regulation (GDPR) of the European Union/United Kingdom and other applicable international data protection laws to ensure an adequate level of protection for Users globally.
2. CATEGORIES OF PERSONAL DATA COLLECTED
The Data Controller may process the following categories of Personal Data:
| Category of Personal Data | Source of Collection |
| Voluntarily Provided Data (Upon Registration/Application/Order): | |
| Full Name | Provided by the User in forms |
| Email Address | Provided by the User in forms |
| Telephone Number | Provided by the User in forms |
| Links to social media accounts, messengers | Provided by the User during registration or contact |
| Automatically Collected Data (Upon Website Use): | |
| IP address | Automatically transmitted by the User’s device |
| Cookie Data | Collected using Website technologies |
| Browser and Operating System Information | Automatically transmitted by the User’s device |
| Access time, visited pages | Automatically collected by analytical systems |
2.1. Data Verification: The Data Controller does not verify the accuracy of the Personal Data provided by the User. The User is responsible for providing complete and accurate data.
3. PURPOSES AND LEGAL BASIS FOR PROCESSING (GDPR Principles)
The Data Controller processes Personal Data exclusively for the following purposes and on the corresponding lawful bases:
| Purpose of Processing | Lawful Basis (GDPR terminology) |
| Communication and responding to inquiries | Consent of the data subject / Legitimate Interest of the Controller |
| Provision of paid consulting Services (ref. Terms of Service) | Performance of a Contract to which the data subject is a party |
| Payment and Refund Processing | Performance of a Contract / Compliance with a legal obligation (accounting) |
| Improving Website and Service quality | Legitimate Interest of the Controller |
| Distribution of informational and marketing materials | Consent of the data subject (subscription) |
4. PERSONAL DATA PROCESSING AND STORAGE
4.1. Processing Methods: PD is processed by collecting, recording, systematising, accumulating, storing, refining (updating, changing), extracting, using, transferring (provision, access), depersonalising, blocking, deleting, and destruction.
4.2. Storage and Location: Storage of PD is carried out in jurisdictions that ensure an adequate level of data protection (which may include cross-border transfer), until the processing goals are achieved or until the User withdraws their consent.
5. TRANSFER TO THIRD PARTIES AND CROSS-BORDER DATA FLOW
5.1. General Rule: The Data Controller does not transfer PD to third parties without the data subject’s consent, except as required by law.
5.2. Cross-Border Transfer and Contractors: The Data Controller may transfer PD to its contractors (e.g., hosting, CRM systems, analytics, email services), including those located outside the User’s country of residence (cross-border transfer).
5.3. Protection Guarantee (Critical): Transfer of PD to contractors is carried out only if the contractor meets the following conditions:
- The contractor undertakes to maintain confidentiality and process data only on the instructions of the Data Controller.
- The contractor undertakes to ensure a level of PD protection corresponding to the requirements of the GDPR and applicable international data protection legislation.
6. COOKIES AND ANALYTICS USE
6.1. Purpose of Cookies: The Data Controller uses Cookies and similar technologies to ensure the Website’s operation, collect statistical data, remember User preferences, and display personalised advertising.
6.2. Consent for Cookies (Critical): By continuing to use the Website, the User consents to the use of Technical Cookies. The collection of Analytical and Marketing Cookies is carried out only after obtaining the User’s explicit, active consent via a dedicated Cookie Consent Banner.
6.3. Cookie Management: The User has the right to block or delete Cookies at any time using their browser settings, which may, however, lead to partial inoperability of the Website.
7. DATA SUBJECT RIGHTS (GDPR/INTERNATIONAL RIGHTS)
The User (Data Subject) has the right to:
- Right of Access and Rectification: Obtain information regarding the processing of their PD and demand its correction, blocking, or destruction if the data is incomplete, outdated, inaccurate, illegally obtained, or unnecessary for the stated purpose of processing.
- Right to Withdraw Consent: Withdraw their consent to the processing of PD at any time by sending a corresponding notification to the Data Controller.
- Right to Erasure (“Right to be Forgotten”): Demand the deletion of their PD if there are legal grounds (e.g., the data is no longer necessary for the purposes for which it was collected).
- Right to Lodge a Complaint: Lodge a complaint with the authorised data protection authority or through judicial means against the actions or omissions of the Data Controller.
8. US STATE PRIVACY LAWS DISCLAIMER
8.1. Disclaimer of Compliance: The Data Controller, being an individual operating internationally, who does not, at the time of this Policy’s publication, exceed the thresholds established by US State privacy laws regarding annual revenue, volume of data processed, or share of revenue from the sale of personal data (e.g., as established by the California Consumer Privacy Act – CCPA/CPRA), declares that it is not obligated to comply with said US State privacy laws.
8.2. Limitation of Rights for US Residents: In connection with Clause 8.1, the Data Controller does not grant Users who are residents of US states the specific rights provided by those laws (e.g., the right to opt-out of the sale of data, the right to limit the use of sensitive personal data).
8.3. Exception: All Users, including those from the United States, retain the full rights described in Section 7 (Data Subject Rights), as these rights are based on international standards (GDPR) and are applied by the Data Controller to all Users globally.
9. CONTACT INFORMATION AND FINAL PROVISIONS
9.1. Data Controller Contact Person: Sergey V. P.
9.2. Contact Email: business.pathfinder1976@gmail.com
9.3. Policy Amendments: The Data Controller reserves the right to unilaterally amend this Policy. All amendments shall enter into force upon their publication on the Website. The current version of the Policy is always available on the Website.