Privacy Policy – Torodoro S.L. 

Effective Date: August 6, 2025

Torodoro S.L. (“Torodoro,” “we,” “us,” or “our”) is committed to protecting your privacy and handling your personal data in compliance with the European General Data Protection Regulation (GDPR) and applicable data protection laws. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our business listing and scheduling website or related services. Torodoro S.L. acts as the “data controller” of your personal data for purposes of EU data protection law. By using our website and services, you acknowledge that you have read and agree to this Privacy Policy. We outline below what data we collect, why we collect it, the legal bases for processing your data (as required under GDPR), and your rights regarding that data.

Information We Collect

We collect personal information from you in several ways, including information you provide directly, data collected automatically through technology, and information from third-party sources:

• Information You Provide. When you create an account, submit a business listing, schedule an appointment, or otherwise interact with our services, you may provide personal details such as your full name, email address, phone number, postal address, and account login credentials. If you are a business owner, you may also provide business-related information (e.g. business name, address, description, operating hours). We collect any content you submit or post on our platform, such as reviews, comments, or messages you send to other users or to us. If you make a purchase or payment through our site (for example, to upgrade a listing or book a paid service), we (or our payment processor) will collect payment information such as credit card details or other financial data necessary to process the transaction.
  
  

• Information Collected Automatically. When you use our website or mobile app, we automatically collect certain data about your device and usage. This includes your IP address, browser type, device identifiers, operating system, referring URLs, pages or screens viewed, search queries on the site, dates/times of visits, and other usage statistics. We may also collect approximate location information (e.g. country or city) based on your IP address, or precise geolocation if you grant permission (for example, to show nearby listings). We gather this information through log files, cookies, and similar tracking technologies as described below (see Cookies and Tracking Technologies). This automatically collected data helps us understand how users interact with our services, enabling us to improve performance and user experience.
  
  

• Information from Third Parties. We may receive or supplement your information with data from third-party sources. For example, we might obtain public business directory listings, social media profile information, or data from marketing partners and data providers to enhance the accuracy and reach of our business listing service. If you choose to interact with our services via social media (for instance, using a Facebook/Google login or sharing content), those platforms may send us certain information about you (according to their privacy policies and your settings). We handle any third-party-sourced data in accordance with this Privacy Policy and any additional restrictions imposed by the source.
  
  

Note. We do not knowingly collect sensitive personal data (such as government ID numbers, financial account passwords, or health information) through our website, and we ask that you not provide this type of information on our platform. The personal data we collect is generally limited to what is necessary for the purposes explained in this policy.

How We Use Your Information (Purposes and Legal Bases)

We use the personal information we collect to operate our site, provide and improve our services, and communicate with you. Each processing activity is conducted under a lawful basis as required by the GDPR. Below we describe the purposes for which Torodoro processes your data, along with the corresponding legal bases:

• Providing and Managing Services. We use your information to create and manage your user account, authenticate you when you log in, and enable you to use our platform features (such as posting business listings or scheduling appointments). We also process data to facilitate bookings and transactions you request, and to display your submitted business information to other users. 

Legal basis. This is generally necessary for the performance of a contract with you (i.e. our Terms of Service) or to take steps at your request prior to entering a contract (Art. 6(1)(b) GDPR).

• Communicating with You. We process contact details (like your email or phone number) to send service-related communications. This includes responding to your inquiries, sending confirmations or updates about appointments or listings, notifying you of important changes or issues (such as updates to this policy), and providing customer support. 

Legal basis. Performance of contract for essential communications, and legitimate interests (Art. 6(1)(f) GDPR) for customer support and general inquiries – we have a legitimate interest in effectively responding to user communications and ensuring customer satisfaction.

• Personalizing Content and User Experience. We may analyze your use of the site (such as past searches or listings viewed) to personalize the content and recommendations you see. For example, we might highlight new listings in your area or suggest businesses based on your interests. 

Legal basis. Legitimate interests – it’s in our interest to tailor our services to users’ preferences and improve their experience. We ensure that any such processing is not intrusive and does not override your rights; you can contact us to object if you prefer not to receive personalized content.

• Marketing and Newsletters. With your permission, we will use your contact information (email or phone) to send you newsletters, special offers, or promotional communications about our services or partner offerings. For instance, we might email you updates on new features or discounts available on Torodoro. 

Legal basis. Consent (Art. 6(1)(a) GDPR) – we will only send you marketing emails or texts if you have opted in to receive them (e.g. by subscribing to our newsletter). You have the right to withdraw your consent at any time, and every marketing message will include an easy way to opt out or unsubscribe. (In certain cases, if you are an existing customer, we may send you marketing about similar products or services based on our legitimate interest in promoting our business, but we will always honor opt-out requests.)

• Advertising and Analytics. We use data about your interactions with our site to serve relevant advertising and to conduct analytics. For example, we (or our advertising partners) may process information on what pages you visit or content you view to infer your interests and show you targeted advertisements on our site or on third-party sites (see Behavioral Advertising below for details). We also analyze usage data (often in aggregate form) to understand user engagement and improve our website’s functionality and content. 

Legal basis. For analytics that are necessary to operate and improve the service, we rely on legitimate interests (under GDPR) – specifically, our interest in understanding how our services are used and improving them. We take steps to minimize privacy impact, such as using aggregated or pseudonymous data for analytics when possible. However, for any advertising or analytics activities that involve non-essential cookies or tracking technologies, we will obtain your consent in accordance with ePrivacy laws. You can withdraw consent for analytics/advertising cookies at any time via our cookie management tools (see Cookies below).

• Security and Fraud Prevention. We process personal data as needed to maintain the security of our website, protect against fraud, abuse, and unauthorized access, and enforce our terms and policies. This may include verifying user identities, investigating suspicious activity, and using automated systems to detect misuse of our Services. 

Legal basis. Legitimate interests – we have a legitimate interest in safeguarding our platform and business against fraud, security threats, and other harms. In some cases, processing for security may also be necessary for compliance with legal obligations (e.g. keeping records of consents or user bans as required by law).

• Legal Compliance. We will use or disclose your information to the extent necessary to comply with our legal obligations. For example, we may retain transaction records for tax and accounting regulations, or disclose data in response to valid law enforcement requests or court orders. Legal basis. Compliance with a legal obligation (Art. 6(1)(c) GDPR) – when laws require us to process or retain certain data, we are legally bound to do so. Additionally, if we need to use data to protect our own legal rights or defend against legal claims, we would do so under legitimate interests or as necessary for the establishment, exercise, or defense of legal claims.
  
  

If we plan to process personal information for a purpose that is incompatible with the original purposes above, we will provide you with notice and, if required, request your consent before doing so. We do not use your data for any automated decision-making that produces legal or similarly significant effects without human involvement (for instance, we do not use algorithms to approve or reject services to you without a manual review).

Cookies and Tracking Technologies

Like most websites, Torodoro uses cookies and similar tracking technologies (such as web beacons, pixels, and device identifiers) to provide and personalize our Services, analyze usage, and facilitate advertising. Cookies are small text files stored on your browser or device which allow us or third parties to recognize you and make your next visit easier and more useful. We use the following categories of cookies:

• Essential Cookies. These cookies are necessary for our site to function properly. They enable core features such as user login, account navigation, and secure checkout. Without these cookies, the services you have asked for (like accessing secure areas or submitting forms) cannot be provided.
  
  

• Analytics and Performance Cookies. These cookies collect information about how visitors use our site (for example, which pages are visited most often, or if users receive error messages on certain pages). We use this data to improve the website’s performance and design. For instance, we use Google Analytics to help analyze site traffic and understand user interactions. The information collected is generally aggregated and does not directly identify you.
  
  

• Functionality Cookies. These cookies remember your preferences and choices to provide a more personalized experience. For example, they may recall your language selection, region, or other settings so you don’t have to re-enter them each time. They can also enable enhanced features like keeping you logged in or showing which listings you’ve viewed already.
  
  

• Advertising Cookies. Torodoro and our advertising partners use cookies and pixels to deliver relevant advertisements to you on our site and on third-party websites. These cookies record information about your visit to our site and your interactions (e.g. which listings or categories you viewed) and may combine it with data from other websites to build a profile of your interests. This profile helps us show you ads that are more likely to interest you, including ads for Torodoro services when you visit other sites. (For example, after visiting our site, you might see an advertisement for Torodoro on a different website – this is enabled by advertising cookies/pixels.) These cookies also limit the number of times you see the same ad and help measure the effectiveness of ad campaigns.
  
  

Cookie Consent. In jurisdictions where it is required (including the EU), we will obtain your consent before setting non-essential cookies or similar trackers on your device. When you first visit our site, you will see a cookie banner or pop-up asking you to agree to our use of cookies. You can choose to accept all cookies, reject non-essential cookies, or customize your cookie preferences. If you opt in to certain categories (like analytics or advertising cookies), you can change your mind later: we provide a mechanism (e.g. a “Cookie Settings” link or preference center) for you to withdraw consent or adjust settings at any time. Additionally, most web browsers allow you to control cookies through their settings (e.g. you can block third-party cookies or delete cookies). However, please note that disabling cookies entirely may affect the functionality of our site – for example, you might not be able to log in or use some interactive features if cookies are turned off.

For more detailed information on the cookies and trackers we use, you can refer to our Cookie Policy (if available) or contact us. We also honor Do Not Track (DNT) signals to the extent feasible; if your browser is configured with DNT, we will treat it as a preference to disable non-essential cookies.

Sharing Your Information

We value your privacy and handle your personal data with care. We do not sell your personal information to third parties for monetary compensation. However, we do share certain categories of data with third parties under the following circumstances, in order to operate our business and provide our Services:

• Service Providers (Processors). We share data with trusted third-party companies that perform services on our behalf, under contract. These providers help us with various business operations, such as:
  
  

  • Website hosting and infrastructure (e.g. cloud hosting providers or data center services that store our website and databases)
    
    

  • Payment processing (e.g. payment gateways or processors that handle credit card transactions securely)
    
    

  • Email and Marketing distribution (e.g. platforms like Mailchimp or similar, which we use to send newsletters or service emails to you)
    
    

  • Analytics services (e.g. Google Analytics or similar tools that process usage data for insights)
    
    

  • Customer support tools (e.g. helpdesk or live chat software that may route your queries)
    
    

  • Scheduling and communication tools (if we integrate any calendar scheduling APIs, SMS notification services, etc.)
    
    

• These third-party service providers act on our instructions and are contractually obligated to handle data securely and only for the purposes we specify. We ensure that they implement appropriate data protection measures, and when these providers are located outside the European Economic Area (EEA), we establish legal transfer mechanisms as described in Section 9 (International Data Transfers) below to protect your information.
  
  

• Business Partners and Affiliates. We may share information with affiliated companies or business partners who collaborate with us in providing the Services or running joint promotions. For example, if Torodoro S.L. is part of a group of companies, your data might be shared with our affiliates for internal administrative purposes or combined customer support. We might also co-sponsor an event or promotion with a partner and, in that context, share participant information (with your consent if required). In all such cases, partners will be contractually bound to protect your data, and you will be informed at the point of data collection if any partner needs access to your info for a specific initiative.
  
  

• Advertising Partners. As noted under Cookies, we work with third-party advertising networks and social media platforms to deliver targeted ads. Those parties may receive certain pseudonymous identifiers (like cookie IDs or device IDs) and contextual information about your browsing to enable ads. For instance, we might upload a hashed version of your email to a platform like Facebook or Google to find others with similar interests for targeted campaigns – but only if we do so in compliance with privacy laws and with appropriate notice/consent. Additionally, if you click on or interact with a Torodoro advertisement on a third-party site, a portion of your data (like the fact you visited or signed up) may be reported back to that advertising network for performance and attribution analysis.
  
  

• Legal Disclosures. We will disclose personal information to government authorities, law enforcement, or other parties if required to do so by law or legal process, or if we have a good-faith belief that such disclosure is necessary to (i) comply with a legal obligation (e.g. a subpoena or court order), (ii) protect and defend our rights or property, (iii) prevent fraud, abuse, or illegal activity, or (iv) protect the personal safety of our users or the public. We will make such disclosures only to the extent that is strictly necessary and in accordance with applicable laws.
  
  

• Corporate Transactions. In the event that Torodoro S.L. is involved in a merger, acquisition, sale of assets, bankruptcy, or reorganization, your personal data may be transferred to the successor or acquiring entity as part of that transaction. If such a transfer occurs, we will ensure the new owner will continue to honor your personal data rights and privacy under terms consistent with this Policy. We will also provide notice (e.g. via email or prominent notice on our site) if your data becomes subject to a different privacy policy due to a corporate change.
  
  

Aside from the above, any third parties with whom we share data will only receive information necessary for their specific functions, and they are prohibited from using it for other purposes. We do not sell, rent, or trade your personal data for commercial benefit. If in the future we ever consider selling personal information, we will provide required notices and opt-in/opt-out choices in accordance with applicable privacy laws.

Behavioral Advertising

As part of our marketing strategy, Torodoro engages in behavioral advertising (also known as interest-based or retargeted advertising). This means that after you visit our website, you might see advertisements for Torodoro or our services as you browse other sites on the internet. We work with advertising networks and platforms that use cookies and pixels to remember your visit to our site and then show you related ads on other websites. For example, if you searched our site for local restaurants, you might later see an ad for Torodoro featuring restaurant listings while reading a news article on a different website.

How it works. Technologies like the Facebook Pixel or Google Ads cookies record data about your visit (such as the pages you viewed or actions you took on Torodoro). This data is used to categorize you into interest groups. Advertisers (including us) can then bid to show ads to those interest groups on participating ad networks. The information used for this purpose does not include your name, contact details, or a direct identifier; it typically relies on digital identifiers (cookie ID, device ID) and is used in a pseudonymous way to target ads.

Your choices. You have the ability to control or opt out of behavioral advertising:

• When you first visit our site, if you decline advertising cookies via our cookie consent banner, we will not deploy third-party ad cookies/pixels on your device, meaning you should not receive Torodoro retargeting ads tied to that device/browser.
  
  

• Even after initially consenting, you can adjust your cookie settings on our site to disable advertising trackers at any time. We will honor such preferences and stop using your data for targeted ads on a going-forward basis.
  
  

• Additionally, you can opt out of interest-based advertising on many major networks by using industry tools. For example, the Network Advertising Initiative (NAI) and Digital Advertising Alliance (DAA) offer web pages where you can see which member companies have cookies on your browser and choose to opt out of them. In the USA, you can visit aboutads.info/choices to control targeted ads. In the EU/EEA, you can visit the Your Online Choices site (youronlinechoices.eu) to opt out of targeted advertising cookies from participating companies. You can also adjust your preferences for Google Ads via Google’s Ad Settings, and for Facebook via your Facebook account ad settings.
  
  

• On mobile devices, you can usually limit ad tracking via your device settings (there is typically an option to “Reset Advertising ID” and/or turn on “Limit Ad Tracking” or “Opt out of Ads Personalization” in your iOS or Android settings).
  
  

Please note that even if you opt out of personalized ads, you may still see advertisements – they just will not be tailored to your interests. Also, opting out via cookies is browser-specific, so if you use multiple browsers or devices, you should set your preferences on each one.

Data Retention

We will retain your personal information only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of providing the Services, satisfying any legal, accounting, or reporting requirements, and resolving disputes. In practice, this means:

• Account Information. If you have an account with Torodoro, we will keep your account data while your account is active. All the personal data associated with your account will be stored until you delete your account or request deletion, or if your account has been inactive for an extended period (we may choose to purge inactive accounts after a certain number of years, with prior notice). Upon deletion of an account, we will remove or anonymize personal data within a reasonable time, except for information we are required to keep by law (see below).
  
  

• Transaction and Booking Data. Information related to business listings, appointments, or transactions (including communications or reviews associated with those) is kept as long as needed to complete the transaction and provide any follow-up services. We may retain records of transactions or bookings (including invoices, receipts, and correspondence) for a certain retention period after completion, in case of disputes or inquiries, and to comply with financial record-keeping laws.
  
  

• Marketing Data. If you have consented to receive marketing emails or newsletters, we will retain your contact details for that purpose until you unsubscribe or withdraw your consent. If you opt out, we may keep your contact information on an internal suppression list to ensure we honor your opt-out decision in the future.
  
  

• Log and Analytics Data. We typically retain website logs, analytics records, and security logs for a brief period (such as 30 days up to a few months) unless the data is needed longer for security investigations or legal purposes. Analytics data that has been aggregated or anonymized may be kept longer for statistical analysis (since it no longer identifies any individual).
  
  

After the applicable retention periods above have elapsed, or if you request erasure of your data, we will either securely delete or anonymize your personal information so that it can no longer be associated with you. If complete deletion is not immediately feasible (for example, because the data is stored in backup archives), we will ensure the data is isolated and protected from further processing until deletion is possible.

Legal Archiving. Please note that even after you close your account or request deletion, we may retain certain personal data if necessary to comply with legal obligations. For instance, we are required to keep certain transaction records for a minimum period (e.g. for tax, audit, anti-fraud, or regulatory purposes). We may also retain information as needed to establish or defend legal claims – but only for as long as the claim could lawfully persist. All such retained data will remain subject to strict confidentiality and will only be used for the purposes of meeting our legal requirements or legitimate interests. Once those obligations are fulfilled, the data will be erased or anonymized.

Your Rights

As a user of our services and as a “data subject” under EU law, you have specific rights regarding your personal data. Torodoro S.L. is committed to honoring these rights. You may exercise the following rights at any time, free of charge:

• Right of Access. You have the right to request a copy of the personal data we hold about you, and to obtain information about how we process it. This includes details of the purposes of processing, the categories of data, the recipients to whom data has been disclosed, and the envisaged retention period, among other information.
  
  

• Right to Rectification. If any of your personal information is inaccurate or incomplete, you have the right to ask us to correct or update it. We encourage you to keep your profile information up-to-date, and you can edit certain information via your account settings. For any details you cannot change yourself, simply contact us and we will rectify inaccuracies.
  
  

• Right to Erasure (Right to be Forgotten). You have the right to request deletion of your personal data in certain circumstances. You can ask us to erase your data, for example, if it’s no longer necessary for the purpose we collected it, or if you withdraw consent and we have no other legal basis to continue processing, or if you object to processing based on legitimate interest and we do not have an overriding reason to continue. We will honor valid erasure requests and also instruct any service providers to delete your data, subject to any legal retention requirements (as noted in the Data Retention section above). Do note that if you request deletion of your data or account, we may not be able to provide you with certain services thereafter.
  
  

• Right to Restriction of Processing. You have the right to request that we limit the processing of your data in certain situations. For instance, if you contest the accuracy of your data, you can request a restriction while we verify the information; or if you have objected to processing (see below) and we are considering your objection, you can ask that we pause other processing of the data. When processing is restricted, we will store your data securely and not use it except to the extent allowed by you or required by law (e.g. for legal claims). We will inform you before lifting any restriction.
  
  

• Right to Data Portability. For data that you have provided to us and which we process by automated means under consent or contract, you have the right to receive that data in a structured, commonly used, machine-readable format, and to transmit it to another controller where technically feasible. In practical terms, this means you can request that we export certain key personal data (such as your profile info and content you provided) in a format like CSV or JSON, so that you can easily import it into another service. Where possible, and if you request, we may also directly transfer the data to another company if the receiving party accepts such transfers.
  
  

• Right to Object. You have the right to object to our processing of your personal data at any time when such processing is based on our legitimate interests (or those of a third party). If you object, we will evaluate whether our legitimate grounds for processing override your privacy rights; unless they do, we will cease the processing in question. Importantly, you have an absolute right to object to processing of your personal data for direct marketing purposes at any time. This means if you object to marketing or profiling related to direct marketing, we will stop using your data for those purposes immediately.
  
  

• Right to Withdraw Consent. Where we rely on your consent for any processing of personal data (for example, for sending promotional emails or placing certain cookies), you have the right to withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. If you withdraw consent for marketing emails, we will stop sending them. If you withdraw consent for cookies, we will disable them going forward (though it may take a moment for our systems to reflect changes). There are no negative consequences to withdrawing consent – however, note that if consent was required to provide a service (e.g. certain optional features), those features might become unavailable.
  
  

• Right not to be subject to Automated Decisions. We do not currently carry out any fully automated decision-making (including profiling) that has legal or similarly significant effects on you without human involvement. If we ever introduce such processes, you would have the right not to be subject to a decision based solely on automated processing that significantly affects you, unless it’s necessary for a contract with you, authorized by law, or based on your explicit consent. In any case, you would have the right to obtain human intervention and to contest the decision.
  
  

• Right to Lodge a Complaint. If you believe your data protection rights have been violated, you have the right to file a complaint with a supervisory authority. Torodoro S.L. is based in Spain, so our lead supervisory authority is the Spanish Data Protection Agency (AEPD). You can contact the AEPD (Agencia Española de Protección de Datos) via their website or in writing (C/Jorge Juan, 6, 28001 Madrid, Spain). If you reside in another country, you may choose to contact your local data protection authority as well. We would, however, appreciate the chance to address your concerns directly before you approach a regulator – so please consider reaching out to us first, and we will do our best to resolve any issue.
  
  

Exercising Your Rights. You may exercise any of the above rights by contacting us using the contact details in the “Contact Us” section of this Policy. For security, we may need to verify your identity (for example, by asking you to confirm something about your account or provide ID) before executing your request. We will respond to legitimate requests as soon as possible, and at least within the timeframe required by law (generally within one month, extendable by another two months for complex requests – we’ll notify you if an extension is needed). There is no fee for making a request, unless it is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request (with explanation).

Security Measures

We take the security of your personal information very seriously. Torodoro S.L. has implemented appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These security safeguards include, for example:

• Encryption. We use encryption protocols (such as HTTPS/TLS) to secure data in transit between your device and our servers. Sensitive information (like passwords or payment details) is stored in encrypted form.
  
  

• Access Controls. We limit access to personal data to authorized personnel who have a business need-to-know. Our staff and contractors are bound by confidentiality obligations. We use authentication measures (passwords, two-factor authentication where possible) to prevent unauthorized logins to accounts and systems.
  
  

• Network & System Security. Our servers are protected by firewalls and monitoring systems to detect and block unauthorized access. We keep our software and infrastructure updated with the latest security patches. Regular backups are performed to ensure data integrity.
  
  

• Testing and Audits. We periodically review our information collection, storage, and processing practices, including physical security measures, to guard against unauthorized access. Security audits and penetration tests may be conducted by us or third-party specialists to identify and address potential vulnerabilities.
  
  

• Incident Response. In the event of a data breach or security incident, we have procedures in place to respond promptly. This includes notifying affected users and authorities as required by law, and taking steps to mitigate any damage.
  
  

While we strive to protect your data, please note that no method of transmission over the internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security. You also play a role in keeping your information safe. We encourage you to use a strong, unique password for your Torodoro account and to keep your login credentials confidential. If you suspect any unauthorized access to your account or any security vulnerabilities, please notify us immediately so we can assist.

International Data Transfers

Torodoro S.L. is based in Spain (within the European Economic Area), but the personal data we collect may be transferred to and stored on servers located in other countries, including the United States. Specifically, our primary website servers and some of our third-party service providers (such as cloud hosting, email services, or payment processors) may be located outside of the EEA. This means that your personal information could be processed in a jurisdiction that may not provide the same level of data protection as your home country. For example, if your data is stored on a server in the U.S., it will be subject to U.S. laws and may be accessible to U.S. government authorities under certain conditions.

However, whenever we transfer your personal data out of the EEA, we take steps to ensure it remains protected to EU standards. We will only transfer data to countries which are deemed to have an “adequate” level of protection by the European Commission, or we will use appropriate safeguards as permitted under GDPR. These safeguards include:

• Standard Contractual Clauses (SCCs). For transfers to our service providers in countries without an adequacy decision (such as the U.S.), we sign the European Commission’s approved Standard Contractual Clauses in our contracts with those providers. SCCs are legal clauses that bind the recipient to protect the data according to EU privacy standards. This contractual mechanism is recognized under GDPR as a valid safeguard for data export.
  
  

• Certification to EU-U.S. Data Framework. If applicable, we may rely on certain vendors who participate in frameworks like the EU-U.S. Data Privacy Framework (which, as of 2025, allows certified companies in the U.S. to receive EU personal data lawfully). For example, if a U.S.-based service provider is certified under the Data Privacy Framework or similar approved scheme, we may transfer data to them on that basis.
  
  

• Binding Corporate Rules. In the event Torodoro becomes part of a multinational group that has approved Binding Corporate Rules for internal data transfers, we would utilize those for intra-group transfers of personal data.
  
  

• Explicit Consent / Derogations. In rare cases, we may ask for your explicit consent to transfer data to a third country when no other lawful mechanism is suitable, but you will always be informed of any privacy risks and have the choice to say no. We may also transfer data if it is necessary for the performance of a contract with you (for instance, if you are located outside the EEA and using our service), or for the establishment, exercise, or defense of legal claims, etc., as allowed by GDPR.
  
  

You can request more information about our international data transfers and the safeguards in place by contacting us (see Contact Us below). If we use Standard Contractual Clauses, we can provide a copy of these clauses upon request. Our goal is to ensure that your rights and protections travel with your data, no matter where it is processed.

Children’s Privacy

Our Services are not directed to children, and we do not knowingly collect personal information from individuals under the age of 16 (or the minimum age required by local law, if higher or lower). Torodoro is a business-oriented platform intended for use by adults. By using our site, you affirm that you are at least 16 years old. If you are under 16, please do not access, use, or register on our website. We will not knowingly allow persons under 16 to create accounts or submit personal data.

In the event we learn that we have inadvertently collected personal information from a child under the age of 16, we will take immediate steps to delete such information from our records. If you are a parent or guardian and believe your child (under 16) has provided personal information to us, please contact us right away so that we can investigate and take appropriate action.

Note. In some jurisdictions, including Spain, data protection laws set the digital age of consent (for accepting terms and processing personal data) at slightly different ages (for example, 14 in Spain). Our policy is to err on the side of caution by not servicing anyone under 16. If local law requires parental consent for processing personal data of minors between 14–16, we will comply with those requirements as well. But generally, we aim to avoid any collection of data from minors.

Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make material changes to the policy, we will notify you in a timely manner. For example, we may send a prominent notice to your email address on file or display an alert on our website informing you of the update. We will also update the “Effective Date” at the top of this Privacy Policy to indicate when the latest changes took effect.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. It’s important that you understand our current practices and your rights. If you continue to use our website or services after an updated Privacy Policy has been posted, it will signify your acceptance of the revised terms, to the extent permitted by law. Should we ever seek to use your personal data for a new purpose not originally disclosed to you, we will endeavor to notify you and, if required, obtain your consent.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please do not hesitate to contact us. We are here to help and committed to addressing any privacy-related issues. You can reach our privacy team at:

Torodoro S.L.
Address:
Email: info@torodoro.es

For exercising your data rights (access, deletion, etc.), please reach us via email so we can properly document and process your request. We will respond as promptly as possible and at latest within the timelines required by law.

Thank you for reading our Privacy Policy. Your trust is important to us, and we are dedicated to safeguarding your personal information. If you have any feedback or suggestions about our privacy practices, we welcome your input.