Privacy Policy

 1. Data Controller  

Harmonic Pathways (Sole Proprietorship: Cosmin Codreanu)  
Draschestraße 73, 1230 Vienna, Austria  
Email: support@harmonicpathways.com  
Phone: +43 664 3528010  

This website is hosted on the Wix.com platform. Wix.com Ltd. (Israel) acts as a data processor under Article 28 GDPR.  

​

 2. Data Collected & Legal Bases

 

• a) Technical Usage Data (Art. 6(1)(f) GDPR)  

- IP address  
- Browser type/version  
- Operating system  
- Access timestamps  
- Pages visited  
- Referrer URL  

*Source:* Automatically collected via Wix server logs and cookies.  

•  b) Contractual Data (Art. 6(1)(b) GDPR)  

- Full name  
- Email address  
- Payment details (processed via Wix Payments/Stripe)  
- Course progress data  

•  c) Communication Data (Art. 6(1)(a) GDPR)  

- Support inquiries  
- Newsletter subscriptions (only with explicit consent)  

​

 3. Cookies & Tracking  

We use the following cookie categories via Wix:  

​

| Category                 | Purpose                            | Retention            |  
|--------------------------|----------------------------------|-----------------        |  
| Essential                  | Session management     | Up to 12 months |  
| Functional               | Language preferences    | 30 days                |  
| Analytics (Matomo)| Usage statistics (opt-in)   | 14 months           |  

​

Consent: A GDPR-compliant cookie banner appears on first visit. Adjust settings anytime at [Cookie Settings Link].  

​

 4. Data Sharing  

​

    a) Third Parties  
| Recipient                   | Purpose                            | Legal Basis                               |  
|----------------------------|----------------------------------|---------------------------------------|  
| Wix.com Ltd.             | Web hosting                    | Data Processing Agreement |  
| Stripe Payments EU  | Payment processing       | Contract fulfillment                 |  
| Mailchimp                  | Newsletters (opt-in only)| Consent (Art. 6(1)(a))               |  

​

    b) International Transfers  
- Wix: Servers in EU/Israel (EU adequacy decision 2021)  
- Stripe: EU-U.S. Data Privacy Framework certified  
- Mailchimp: Standard Contractual Clauses  

​

 5. Data Retention  

​

| Data Type                 | Retention Period             |  
|---------------------------|----------------------------------|  
| User accounts          | 3 years after last login     |  
| Transaction records | 7 years (tax compliance) |  
| Support requests     | 2 years                              |  

​

 6. Your Rights Under GDPR  

​

You have the right to:  
- Access (Art. 15)  
- Rectification (Art. 16)  
- Erasure(Art. 17)  
- Data Portability (Art. 20)  
- Object to marketing (Art. 21)  

  To exercise rights:
Email support@harmonicpathways.com with a redacted ID copy. Response within 30 days.  

​

 7. Security Measures  

- Technical: TLS 1.3 encryption, two-factor admin authentication  
- Organizational: Staff training, access controls  
- Wix-specific: ISO 27001-certified infrastructure, daily backups  

​

 8. Supervisory Authority  

Austrian Data Protection Authority  
Barichgasse 40-42, 1030 Vienna  
Email: dsb@dsb.gv.at  

​

 9. Policy Updates  

We will email users 14 days before substantial changes take effect. The current version is always available at [Privacy Policy Link].  

​

​