Skip to main content

Privacy Policy

Last Updated: March 12, 2026

1. Introduction & Controller Identity

This Privacy Policy explains how aforsteclx (“we”, “us”, “our”) collects, uses, and protects personal data when you visit our website and when you submit information through our registration form for our construction materials sales training course.

For the purposes of the General Data Protection Regulation (“GDPR”) and applicable Czech and EU privacy laws, the data controller is:

This website does not intentionally collect special-category data (such as health data, biometric data, religious beliefs, political opinions) and does not require government identification or financial account details to use the registration form.

2. Personal Data We Collect

We collect personal data in a limited, practical way that supports website operation and course registration communications. Depending on how you interact with the site, we may collect:

  • Identity and contact data: your name and email address when you complete the registration form.
  • Form submission metadata: the date and time of submission, and technical context that helps us detect abuse (for example, basic request headers).
  • Technical data: IP address, browser type/version, device type, operating system, and language settings.
  • Usage data: which pages you visit, approximate time on page, referral source, and click paths (where analytics cookies are enabled by consent).
  • Cookies and identifiers: first-party cookies needed for essential site functions and your cookie consent choice; third-party cookies may be set only when you consent to analytics and/or marketing cookies.
  • Conversion events: signals that indicate you completed a registration action, used for measurement when marketing cookies are enabled by consent.

We do not ask for sensitive personal details for this training website. If you include sensitive information in free-text communications (for example, by email), we will treat it carefully and only use it to respond to your message.

3. Why We Process Data & Legal Basis (GDPR Art. 6)

We process personal data only when we have a lawful basis. The primary reasons and legal bases include:

  • Registration and communications: to respond to your registration, provide course logistics, and answer your questions. Legal basis: Art. 6(1)(b) (steps prior to entering a contract) and Art. 6(1)(a) (consent) where applicable.
  • Analytics and site improvement: to understand which content is useful and how the site performs. Legal basis: Art. 6(1)(a) (consent).
  • Marketing and measurement: to measure advertising performance, build remarketing audiences, and understand conversions. Legal basis: Art. 6(1)(a) (consent).
  • Security and fraud prevention: to protect the site, prevent spam submissions, and maintain integrity and availability. Legal basis: Art. 6(1)(f) (legitimate interest).
  • Legal compliance: to comply with applicable laws, regulations, and lawful requests. Legal basis: Art. 6(1)(c) (legal obligation).

Automated decision-making (GDPR Art. 22): We do not engage in automated decision-making or profiling that produces legal or similarly significant effects.

4. Cookies & Tracking

Cookies are small files stored on your device. We also use similar technologies such as pixel tags and may use server-side measurement tools, depending on your consent preferences. Our cookie categories are:

Essential (Always Active)

Essential cookies are required for the website to function and for your cookie preferences to be remembered. These cookies do not require consent in the EEA/UK.

  • _site_session (first-party): supports session continuity. Retention: session.
  • cookie_consent (first-party): stores your cookie consent choices. Retention: 12 months.

Analytics (Consent Required)

Analytics cookies help us understand how the site is used, for example which pages are visited most often. If enabled, we may use Google Analytics 4 (“GA4”) with IP anonymization where available and with a standard analytics retention setting of 14 months for event-level data.

  • _ga (third-party): GA4 user identifier. Retention: 2 years.
  • _ga_XXXXXXXXXX (third-party): GA4 session state. Retention: 2 years.

Marketing (Consent Required)

Marketing cookies support conversion measurement and advertising personalization, such as remarketing audiences and attribution. If enabled, these cookies may be used by advertising platforms such as Google and Meta to measure campaign performance and to show ads to people who visited our site.

  • _gcl_au (third-party): Google Ads conversion linker. Retention: 90 days.
  • _fbp (third-party): Meta Pixel browser identifier. Retention: 90 days.
  • _fbc (third-party): Meta Pixel click identifier (set when click ID exists). Retention: 90 days.

Beyond cookies, some providers use pixel tags or server-side measurement. If implemented, these may process device identifiers derived from IP address and User-Agent and may process hashed identifiers (such as hashed email) for matching purposes, only where you have provided consent and the implementation supports that configuration.

For more detail on cookies and how to manage preferences, please see our Cookie Policy.

5. Consent (EEA/UK)

Users in the EEA and UK receive a consent notice under GDPR/UK GDPR. Analytics and marketing cookies activate only after explicit, informed, freely given consent (GDPR Art. 6(1)(a)). Your consent choice is recorded in the cookie_consent cookie (stored for up to 12 months).

You can withdraw or change consent at any time by using the “Manage cookie preferences” link in the footer. You can also clear cookies in your browser settings. Withdrawal of consent does not affect the lawfulness of processing based on consent before it was withdrawn.

6. Sharing With Advertising & Service Partners

We share limited data with service providers who help us run the website and (where you consent) measure and improve advertising performance. These partners may process data as processors or as separate controllers depending on the service and configuration.

  • Google LLC (Google Analytics 4, Google Ads, Google Tag Manager, remarketing): cookie identifiers, usage data, and conversion events. Privacy: policies.google.com/privacy
  • Meta Platforms, Inc. (Meta Pixel, Custom/Lookalike Audiences, Conversion API where used): page views, conversions, audience membership, and hashed identifiers when configured and consented. Privacy: facebook.com/privacy/policy
  • Cloudflare, Inc. (CDN and security): network traffic, IP-based threat signals, and performance optimization. Privacy: cloudflare.com/privacypolicy/

We do not sell personal data. We do not permit these providers to use site data for their own independent commercial purposes beyond providing services to us, subject to their contractual terms and policies.

7. International Transfers

Some providers may process data outside the EEA/UK, including in the United States. Where applicable, international transfers may rely on the EU-US Data Privacy Framework (including the UK Extension or Swiss-US variant where relevant) and, as a fallback, Standard Contractual Clauses (EU 2021/914) and/or the UK International Data Transfer Agreement (IDTA).

We take steps intended to ensure an appropriate level of protection for personal data transferred internationally, including contractual safeguards and vendor assessments.

8. Retention

We retain personal data only as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Typical retention periods include:

  • Registration submissions: up to 2 years from the last interaction.
  • Email correspondence: for the relationship duration plus up to 1 year, unless a longer period is needed to resolve issues.
  • Server/security logs: typically up to 90 days.
  • Analytics data: 14 months (standard GA4 event retention setting), subject to configuration.
  • Marketing cookies: retained per cookie lifetimes (for example, 90 days for certain marketing cookies).
  • Cookie consent record: up to 3 years for audit purposes.
  • Legal/tax obligations: retained as required by applicable law (often 6–10 years for certain records).

9. Your Rights (GDPR & UK GDPR)

If you are in the EEA or the UK, you may have the following rights, subject to conditions and exceptions in law:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)
  • Right to withdraw consent at any time (Art. 7(3))
  • Right to lodge a complaint with a supervisory authority (Art. 77)

To exercise your rights, contact us at [email protected]. We typically respond within 30 days. In complex cases, we may extend this by up to 60 additional days where permitted, and we will inform you if an extension applies.

Supervisory authority references: EU guidance is available at edpb.europa.eu. UK authority: ico.org.uk. If you are in Czechia, you may also contact the Office for Personal Data Protection (ĂšOOĂš).

10. Children

This site is not directed at individuals under 16. We do not knowingly collect personal data from minors. If we learn that we have collected personal data from a child under 16 without verifiable parental consent, we will delete it promptly.

11. Do Not Track

This website does not respond to Do Not Track (DNT) browser signals. Third-party providers may have their own DNT handling depending on your browser and their configurations.

12. Data Deletion Requests

You can request deletion of your personal data by emailing [email protected] with the subject line “Data Deletion Request”. We may ask for reasonable verification of identity before processing the request. Where we must retain certain data to comply with legal obligations, we will retain only what is necessary and restrict further processing.

13. Business Transfers

In the event of a merger, acquisition, asset sale, financing, reorganization, or insolvency, personal data may be transferred to a successor entity. If such a transfer materially changes how personal data is used, we will provide notice on the website.

14. California (CCPA / CPRA)

If you are a California resident, you may have rights under the California Consumer Privacy Act as amended by the CPRA. In the past 12 months, we may have disclosed:

  • Identifiers (such as name, email, IP address, device identifiers) to service providers and, where consented, to advertising partners.
  • Internet/network activity (such as pages visited and interactions) to analytics and advertising providers where consented.
  • Inferences (such as likely interests based on browsing behavior) to advertising partners where consented.

We do not sell personal information as defined by CCPA. We may share data for cross-context behavioral advertising where marketing cookies are enabled; California residents can opt out via our cookie preferences panel.

Requests can be submitted by emailing [email protected] with the subject “California Privacy Request”. We may verify your identity and may request additional information to process the request. Authorized agents may submit requests with proof of authorization.

15. Virginia (VCDPA)

If you are a Virginia resident, you may have rights to access, correct, delete, and obtain a copy of personal data, and to opt out of targeted advertising. Submit requests by emailing [email protected] with the subject “Virginia Privacy Request”.

We do not sell personal data and we do not engage in profiling that produces legal or similarly significant effects. If we decline a request, you may appeal by emailing with the subject “Appeal of Refusal — Privacy Request”. We will respond within 60 days as required by law.

16. Nevada

Nevada residents may submit a verified opt-out request by emailing [email protected] with the subject “Nevada Do Not Sell Request”. We do not currently sell personal information under Nevada Revised Statutes Chapter 603A.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If changes are material, we will post a prominent notice on the website at least 14 days before the changes take effect. The “Last Updated” date at the top of this page reflects the most recent revision.

18. Contact

If you have questions about this Privacy Policy or how we handle personal data, contact:

Want course dates and delivery format details?

Register and we will email upcoming course options and a short intake checklist. We only use your name and email to contact you about the course, and we do not sell your data.

Open registration page Read Cookie Policy

Registration

If you want upcoming dates and delivery format details, use the registration form. We ask for your name and email only. Typical response time is within 1 business day. This website provides educational training only and does not offer employment guarantees or professional certifications.

Contact details

Data use: your name and email are used to contact you about the course and schedule. We do not sell your data.

By submitting, you agree to our Privacy Policy.