Toroni & CompanyConsulting & Technology

Privacy Policy

Last updated: March 6, 2026

1. Introduction

Toroni & Company ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website toroniandcompany.com (the "Site") or engage with our services.

This policy applies to all visitors, users, and clients of Toroni & Company and is designed to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable state and federal privacy laws.

2. Information We Collect

Personal Information You Provide

When you interact with our Site or services, you may voluntarily provide us with personal information, including:

  • Name, job title, and company name
  • Email address and phone number
  • Mailing or business address
  • Information submitted through contact forms, consultation requests, or service inquiries
  • Payment information (processed securely through third-party payment processors)

Information Collected Automatically

When you visit our Site, we may automatically collect certain information, including:

  • IP address and approximate geographic location
  • Browser type and version, operating system, and device information
  • Pages visited, time spent on pages, and navigation paths
  • Referring website or source
  • Cookies and similar tracking technologies (see Section 7)

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to your inquiries and provide requested services
  • To process transactions and send related information
  • To send administrative communications (e.g., service updates, appointment confirmations)
  • To send marketing communications (with your consent, where required)
  • To improve our website, services, and user experience
  • To analyze website usage and trends
  • To comply with legal obligations and protect our rights
  • To detect, prevent, and address fraud or security issues

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on one or more of the following legal bases:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose.
  • Contract: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legitimate Interest: Processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms.
  • Legal Obligation: Processing is necessary to comply with a legal obligation.

5. How We Share Your Information

We do not sell your personal information. We may share your information with:

  • Service Providers: Third-party vendors who perform services on our behalf (e.g., hosting, analytics, payment processing, email delivery)
  • Professional Advisors: Lawyers, accountants, and consultants as necessary for our business operations
  • Legal Requirements: When required by law, regulation, legal process, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you have given us explicit permission to share your information

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. When personal data is no longer needed, we securely delete or anonymize it.

7. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and understand where our visitors come from. Cookies are small text files stored on your device.

Types of Cookies We Use

  • Essential Cookies: Required for the Site to function properly
  • Analytics Cookies: Help us understand how visitors interact with the Site (e.g., Google Analytics)
  • Marketing Cookies: Used to deliver relevant advertisements and measure campaign effectiveness

You can control cookie preferences through your browser settings. Most browsers allow you to refuse or delete cookies. Note that disabling certain cookies may affect the functionality of the Site.

8. Your Rights

For EEA/UK Residents (GDPR)

Under the GDPR, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Data Portability: Request your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

For California Residents (CCPA/CPRA)

Under the California Consumer Privacy Act and California Privacy Rights Act, you have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of your personal information
  • Opt out of the sale or sharing of your personal information (we do not sell personal information)
  • Non-discrimination for exercising your privacy rights
  • Correct inaccurate personal information
  • Limit the use of sensitive personal information

To exercise any of these rights, please contact us at privacy@toroniandcompany.com. We will respond to your request within the timeframe required by applicable law (typically 30 days for GDPR, 45 days for CCPA).

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, secure hosting, and regular security assessments. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

10. International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our service providers operate. If you are located in the EEA, UK, or Switzerland, we ensure that any international data transfers are protected by appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission.

11. Children's Privacy

Our Site and services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly.

12. Third-Party Links

Our Site may contain links to third-party websites or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of third-party sites. We encourage you to review the privacy policy of every site you visit.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will post the updated policy on this page with a revised "Last updated" date. We encourage you to review this policy periodically.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Toroni & Company

Email: privacy@toroniandcompany.com

Website: toroniandcompany.com/contact