Last Updated and Effective Date: DECEMBER 22, 2025
This Privacy Policy explains how TOR IT LLC ("TOR IT", "we", "us" or "our") collects, uses, protects, and discloses personal data when you visit our website or contact us through our inquiry form (https://tor-it.com/ and all related web features) (the "Service"). It forms part of the Terms of Use you accepted (the "Contract").
This Privacy Policy is based on the provisions of the data protection laws applicable in your country of residence.
1. Controller
The "Controller" of your personal data under this Privacy Policy is Limited Liability Company "TOR IT".
If you have any questions about how we process your personal data under this Policy, you can contact us at:
E-mail: bkv@tor-it.com
2. Personal Data We Collect
We collect the personal data that you provide to us directly and some data automatically when you use our website. Specifically, we collect:
All the above categories of data are collected only when you voluntarily provide them (e.g., by filling out our contact/purchase request form) or by using our site. We do not collect sensitive data (such as health or racial data) or payment card details (no payments are processed on our website).
We do not obtain personal data from third-party sources.
3. How We Use Your Personal Data
We use your personal data for specific, legitimate purposes, as described below. We only use data in ways that are compatible with the purpose for which it was collected. Our main purposes are:
Responding to inquiries and providing services:
We process your contact details and inquiry content to respond to your questions and help you with purchasing our system. This processing is necessary to perform our contractual or pre-contractual obligations with you (e.g., discussing product purchase) or our legitimate interests in communicating with you and providing customer service.
Improving our website and security:
We use analytics data (browser, device, IP, cookies) to understand how visitors use our site and to maintain its security. This is done based on our legitimate interests (to optimize our site and prevent fraud) and does not override your privacy rights.
Marketing and newsletters:
If you consent, we may send you marketing emails about our products and services. This is done with your explicit consent (which you can withdraw at any time). We do not send unsolicited marketing; you must opt in.
Legal compliance:
We may use your data to comply with applicable laws or respond to lawful requests (for example, keeping records for tax or accounting purposes). In such cases, processing is necessary to fulfill our legal obligations.
We will never use your personal data for purposes that are not described above or incompatible with the context in which it was collected.
4. Legal Basis for Processing
Under the EU General Data Protection Regulation (GDPR), we rely on the following legal bases for processing your personal data:
4.1. Performance of the Contract
Processing necessary to take steps at your request prior to entering a contract (e.g., discussing or fulfilling a purchase of our system).
4.2. Legitimate Interest
We may process your personal data when we (or a third party) have a legitimate interest in using it in a certain way, provided that such processing is both necessary and balanced against any potential impact on your rights and freedoms. Where the data protection laws of your country of residence recognize "legitimate interests" as a lawful basis for processing, we rely on this legal basis to:
4.3. Consent
Where required by law (e.g., for sending marketing emails), we process data based on your consent. You may withdraw your consent at any time without affecting the lawfulness of any processing carried out before your withdrawal (see below).
4.4. Legal Obligation
If we must process your data to comply with a legal requirement (for example, accounting or tax laws), we do so on the basis of that obligation.
By using our website or submitting your data, you acknowledge these purposes and legal grounds. GDPR requires that we inform you of both the purpose and the legal basis for each processing activity.
5. Cookies
As outlined in our Cookie Notice, we use cookies and similar technologies such as pixels, ad tags and local storage to improve your experience, provide convenience and maintain security. For simplicity, we call all these tools "cookies." In practice, cookies support functions like authentication, security, feature enablement and analytics.
We collect marketing and analytics cookies based on your consent obtained via the cookie banner. If you've granted consent for cookies, you may modify or withdraw that consent at any time via the "Manage Cookies" option on our website.
6. Disclosure and Third-Party Services
We do not sell your personal data. We share your personal data only with third parties that perform services on our behalf or as required by law. These include:
Service Providers: Trusted vendors that provide IT, hosting, analytics, and marketing services. For example, we use Hetzner (Germany) for hosting and data storage, and Google for analytics. These providers act as data processors and are contractually bound to protect your data.
Affiliated Entities: If applicable, other companies within the TOR IT group may access your data solely to provide services.
Legal and Financial Advisors: Third parties such as accountants or lawyers, but only to the extent needed for legal compliance or business operations.
Public Authorities: We may disclose personal data to comply with a legal obligation (e.g., a valid court order, tax authority request, or investigation by a government agency).
Business Transitions: In the event of a merger, acquisition, or sale of assets involving TOR IT, your personal data may be transferred to the new owner or successor. Any such transfer would be subject to confidentiality and security commitments.
All third parties listed above are required to use your personal data only for the purposes we specify and in compliance with GDPR.
7. International Data Transfers
Currently, we store and process your personal data in the European Union (Germany). Under GDPR, transfers of personal data outside the EU/EEA must be done with appropriate safeguards. If in the future we transfer data to another country (for example, if we expand operations to the US or elsewhere), we will ensure compliance by using one of the following safeguards as required:
If any international transfers occur, we will disclose them here and ensure that your data remains protected according to GDPR standards.
8. Data Retention and Security
We retain your personal data only as long as necessary for the purposes described above (for example, to respond to your inquiry or to comply with a contract). In general, we will delete or anonymize your data when it is no longer needed. For instance, inquiry records might be kept for a period (e.g., up to 5 years) to meet legal or business requirements, after which they are securely deleted. Specific retention periods are determined based on legal and business requirements.
We implement appropriate technical and organizational measures to protect personal data from unauthorized access, loss, or alteration. These measures include secure servers with access controls, encryption in transit (HTTPS) and at rest where possible, firewalls, regular security updates, and strict access policies. We restrict data access to authorized personnel on a need-to-know basis. Despite these safeguards, no method of data transmission or storage can be guaranteed 100% secure; however, we strive to protect your data in accordance with industry best practices.
9. Your Privacy Rights
According to the GDPR, you have certain rights as a data subject, including the right to access, right to data portability, right to rectification, right to withdraw consent, right to object, right to erasure, right to restriction of processing, right to lodge a complaint, and right to contact a Data Protection Authority (DPA). Please be aware that there may be limitations or exceptions to these rights, depending on the specific circumstances and legal requirements. If anything is unclear, please don’t hesitate to contact us and ask any questions. Below, you can find more information about these rights and how you can exercise them.
— You contest its accuracy;
— The processing is unlawful, and you oppose erasure;
— We no longer need it, but you require it to establish, exercise, or defend legal claims; or
— You have objected to processing pending verification of our legitimate grounds.
To exercise any of these rights, please contact us at bkv@tor-it.com. Once you submit a request, we will review and respond promptly — typically within 30 days. In certain cases, we may need additional time to investigate and fulfil your request. Once completed, we will confirm via the email address you provided.
By submitting a request, you confirm that you are the individual to whom the data relates and that you have the legal capacity and authority to act on your own behalf. We may verify your identity using the information you supply if there is any doubt. Additionally, where required by law, we may need to share your request and our response with third parties, including regulatory authorities.
10. Children’s Privacy
No Collection from Minors: We do not knowingly collect personal data from anyone under eighteen (18) years of age.
Under‑18 Users: If you are under 18, please do not register for our Service or submit any personal information.
Parental Rights: If you are a parent or legal guardian and believe that your child under 18 has provided us with personal data in violation of this Policy, please contact us using the details in Section 1 of this Privacy Policy.
11. Changes to This Privacy Policy
We may update this Privacy Policy at any time, at our sole discretion. If we make significant changes, we will notify you by appropriate means (for example, via email or a notice on our website). If you do not receive a direct notification, you can always review the latest version here.
Each time we amend this Policy, the "Last updated" date at the top will reflect the change. We recommend that you check this page periodically to stay informed of any updates. All changes take effect immediately upon posting.
12. Difficulties in accessing this Privacy Policy
If you have difficulty accessing this Privacy Policy online, please contact us using the details in Section 1. We will provide you, at no cost, with a copy of this Policy in an alternative, easy‑to‑read format, upon request.
Please note that we will not collect or process any additional sensitive personal data, such as health information in connection with your request for an alternative format.
13. Contact Information
If you have any questions, concerns, or comments about this Privacy Policy, or if you wish to submit a request or complaint regarding how we process your personal data, please contact us using the details below:
Limited Liability Company "TOR IT" (LLC TOR IT),
8 Yervand Kochar Street
Center District
0070, Yerevan
Armenia
E-mail: bkv@tor-it.com
Phone: +1 413 314 5784
This Privacy Policy is based on the provisions of the data protection laws applicable in your country of residence.
1. Controller
The "Controller" of your personal data under this Privacy Policy is Limited Liability Company "TOR IT".
If you have any questions about how we process your personal data under this Policy, you can contact us at:
E-mail: bkv@tor-it.com
- If you reside in another jurisdiction, please consult the specific channels at the end of this Privacy Policy or contact the Data Protection Officer responsible for your jurisdiction.
2. Personal Data We Collect
We collect the personal data that you provide to us directly and some data automatically when you use our website. Specifically, we collect:
- Contact and identification details:
- Inquiry contents:
- Technical data:
- Cookies and usage data:
All the above categories of data are collected only when you voluntarily provide them (e.g., by filling out our contact/purchase request form) or by using our site. We do not collect sensitive data (such as health or racial data) or payment card details (no payments are processed on our website).
We do not obtain personal data from third-party sources.
3. How We Use Your Personal Data
We use your personal data for specific, legitimate purposes, as described below. We only use data in ways that are compatible with the purpose for which it was collected. Our main purposes are:
Responding to inquiries and providing services:
We process your contact details and inquiry content to respond to your questions and help you with purchasing our system. This processing is necessary to perform our contractual or pre-contractual obligations with you (e.g., discussing product purchase) or our legitimate interests in communicating with you and providing customer service.
Improving our website and security:
We use analytics data (browser, device, IP, cookies) to understand how visitors use our site and to maintain its security. This is done based on our legitimate interests (to optimize our site and prevent fraud) and does not override your privacy rights.
Marketing and newsletters:
If you consent, we may send you marketing emails about our products and services. This is done with your explicit consent (which you can withdraw at any time). We do not send unsolicited marketing; you must opt in.
Legal compliance:
We may use your data to comply with applicable laws or respond to lawful requests (for example, keeping records for tax or accounting purposes). In such cases, processing is necessary to fulfill our legal obligations.
We will never use your personal data for purposes that are not described above or incompatible with the context in which it was collected.
4. Legal Basis for Processing
Under the EU General Data Protection Regulation (GDPR), we rely on the following legal bases for processing your personal data:
4.1. Performance of the Contract
Processing necessary to take steps at your request prior to entering a contract (e.g., discussing or fulfilling a purchase of our system).
4.2. Legitimate Interest
We may process your personal data when we (or a third party) have a legitimate interest in using it in a certain way, provided that such processing is both necessary and balanced against any potential impact on your rights and freedoms. Where the data protection laws of your country of residence recognize "legitimate interests" as a lawful basis for processing, we rely on this legal basis to:
- Enhance and personalize our Service;
- Prevent and detect fraud;
- Protect our legal rights and property;
- Improve security and user experience.
4.3. Consent
Where required by law (e.g., for sending marketing emails), we process data based on your consent. You may withdraw your consent at any time without affecting the lawfulness of any processing carried out before your withdrawal (see below).
4.4. Legal Obligation
If we must process your data to comply with a legal requirement (for example, accounting or tax laws), we do so on the basis of that obligation.
By using our website or submitting your data, you acknowledge these purposes and legal grounds. GDPR requires that we inform you of both the purpose and the legal basis for each processing activity.
5. Cookies
As outlined in our Cookie Notice, we use cookies and similar technologies such as pixels, ad tags and local storage to improve your experience, provide convenience and maintain security. For simplicity, we call all these tools "cookies." In practice, cookies support functions like authentication, security, feature enablement and analytics.
We collect marketing and analytics cookies based on your consent obtained via the cookie banner. If you've granted consent for cookies, you may modify or withdraw that consent at any time via the "Manage Cookies" option on our website.
6. Disclosure and Third-Party Services
We do not sell your personal data. We share your personal data only with third parties that perform services on our behalf or as required by law. These include:
Service Providers: Trusted vendors that provide IT, hosting, analytics, and marketing services. For example, we use Hetzner (Germany) for hosting and data storage, and Google for analytics. These providers act as data processors and are contractually bound to protect your data.
Affiliated Entities: If applicable, other companies within the TOR IT group may access your data solely to provide services.
Legal and Financial Advisors: Third parties such as accountants or lawyers, but only to the extent needed for legal compliance or business operations.
Public Authorities: We may disclose personal data to comply with a legal obligation (e.g., a valid court order, tax authority request, or investigation by a government agency).
Business Transitions: In the event of a merger, acquisition, or sale of assets involving TOR IT, your personal data may be transferred to the new owner or successor. Any such transfer would be subject to confidentiality and security commitments.
All third parties listed above are required to use your personal data only for the purposes we specify and in compliance with GDPR.
7. International Data Transfers
Currently, we store and process your personal data in the European Union (Germany). Under GDPR, transfers of personal data outside the EU/EEA must be done with appropriate safeguards. If in the future we transfer data to another country (for example, if we expand operations to the US or elsewhere), we will ensure compliance by using one of the following safeguards as required:
- Adequacy Decisions:
- Standard Contractual Clauses (SCCs):
- Consent:
If any international transfers occur, we will disclose them here and ensure that your data remains protected according to GDPR standards.
8. Data Retention and Security
We retain your personal data only as long as necessary for the purposes described above (for example, to respond to your inquiry or to comply with a contract). In general, we will delete or anonymize your data when it is no longer needed. For instance, inquiry records might be kept for a period (e.g., up to 5 years) to meet legal or business requirements, after which they are securely deleted. Specific retention periods are determined based on legal and business requirements.
We implement appropriate technical and organizational measures to protect personal data from unauthorized access, loss, or alteration. These measures include secure servers with access controls, encryption in transit (HTTPS) and at rest where possible, firewalls, regular security updates, and strict access policies. We restrict data access to authorized personnel on a need-to-know basis. Despite these safeguards, no method of data transmission or storage can be guaranteed 100% secure; however, we strive to protect your data in accordance with industry best practices.
9. Your Privacy Rights
According to the GDPR, you have certain rights as a data subject, including the right to access, right to data portability, right to rectification, right to withdraw consent, right to object, right to erasure, right to restriction of processing, right to lodge a complaint, and right to contact a Data Protection Authority (DPA). Please be aware that there may be limitations or exceptions to these rights, depending on the specific circumstances and legal requirements. If anything is unclear, please don’t hesitate to contact us and ask any questions. Below, you can find more information about these rights and how you can exercise them.
- Right of Access
- Right to Rectification
- Right to Erasure ("Right to be Forgotten")
- Right to Restrict Processing
— You contest its accuracy;
— The processing is unlawful, and you oppose erasure;
— We no longer need it, but you require it to establish, exercise, or defend legal claims; or
— You have objected to processing pending verification of our legitimate grounds.
- Right to Object
- Right to Data Portability
- Right to Withdraw Consent
- Right to Lodge a Complaint
To exercise any of these rights, please contact us at bkv@tor-it.com. Once you submit a request, we will review and respond promptly — typically within 30 days. In certain cases, we may need additional time to investigate and fulfil your request. Once completed, we will confirm via the email address you provided.
By submitting a request, you confirm that you are the individual to whom the data relates and that you have the legal capacity and authority to act on your own behalf. We may verify your identity using the information you supply if there is any doubt. Additionally, where required by law, we may need to share your request and our response with third parties, including regulatory authorities.
10. Children’s Privacy
No Collection from Minors: We do not knowingly collect personal data from anyone under eighteen (18) years of age.
Under‑18 Users: If you are under 18, please do not register for our Service or submit any personal information.
Parental Rights: If you are a parent or legal guardian and believe that your child under 18 has provided us with personal data in violation of this Policy, please contact us using the details in Section 1 of this Privacy Policy.
11. Changes to This Privacy Policy
We may update this Privacy Policy at any time, at our sole discretion. If we make significant changes, we will notify you by appropriate means (for example, via email or a notice on our website). If you do not receive a direct notification, you can always review the latest version here.
Each time we amend this Policy, the "Last updated" date at the top will reflect the change. We recommend that you check this page periodically to stay informed of any updates. All changes take effect immediately upon posting.
12. Difficulties in accessing this Privacy Policy
If you have difficulty accessing this Privacy Policy online, please contact us using the details in Section 1. We will provide you, at no cost, with a copy of this Policy in an alternative, easy‑to‑read format, upon request.
Please note that we will not collect or process any additional sensitive personal data, such as health information in connection with your request for an alternative format.
13. Contact Information
If you have any questions, concerns, or comments about this Privacy Policy, or if you wish to submit a request or complaint regarding how we process your personal data, please contact us using the details below:
Limited Liability Company "TOR IT" (LLC TOR IT),
8 Yervand Kochar Street
Center District
0070, Yerevan
Armenia
E-mail: bkv@tor-it.com
Phone: +1 413 314 5784