Privacy Notice

How Vorlino handles the information you share — effective January 2025

We operate under a principle of operational necessity. Information reaches us when you interact with our platform, contact our team, or engage with financial discipline resources. What we obtain serves specific functional requirements — nothing more. This notice explains how data enters our systems, what happens during its tenure, who can access segments of it, and under what circumstances it moves beyond our direct control.

Questions about this framework or requests regarding your details can be directed to [email protected] or through postal correspondence at 91 Queen St, Brakpan, 1541, South Africa. Phone inquiries are welcome at +27100063620 during business hours.

Information Emergence and Intake

Details arrive through deliberate actions on your part. When you complete an inquiry form, those fields — name, email, sometimes a phone number — become part of our records. If you register for educational content or programme information, additional elements may emerge: your current financial situation context, learning objectives, perhaps professional background if you choose to share it.

Technical data accumulates passively. Your browser announces itself through standard protocols: device type, operating system, IP address, pages visited on our domain. This happens automatically during any website interaction and helps us understand traffic patterns, identify technical issues, and maintain system security.

Payment details never rest on our infrastructure. When financial transactions occur, card numbers and banking particulars flow directly to payment processors operating under their own security frameworks. We receive confirmation codes and transaction records, but the sensitive payment mechanisms themselves bypass our systems entirely.

Communication Records

Email exchanges, support ticket conversations, phone call summaries — these accumulate as part of service delivery. If you write to us asking about programme structure or financial discipline methodologies, that correspondence becomes part of your client record. The content helps us provide coherent, continuous support rather than treating each interaction as isolated.

Learning Platform Interactions

Should you enroll in structured programmes, additional data emerges. Progress through modules, time spent on resources, assessment responses — this operational information helps us understand engagement patterns and identify where additional support might prove valuable. It serves pedagogical purposes rather than surveillance objectives.

Functional Application and Processing Logic

The primary purpose behind data handling relates directly to service delivery. Contact details allow us to respond to inquiries, send programme information, and maintain ongoing educational relationships. Without your email address, we cannot notify you about programme schedules or send learning resources you've requested.

Technical data serves operational stability. When patterns suggest unusual access attempts or system vulnerabilities, IP logs and browser information help us distinguish legitimate users from potential security threats. Geographic data from IP addresses informs us about where demand concentrates, which influences when we schedule live sessions to accommodate time zones.

Service Improvement

Aggregated usage patterns reveal which educational resources generate the most engagement, where users encounter difficulties, and what content gaps exist in our offerings. This shapes future programme development.

Communication Management

Email preferences and interaction history prevent us from sending redundant information. If you've already received details about a particular programme, our systems flag that to avoid repetitive outreach.

Legal Compliance

Financial education services operate under regulatory frameworks. Record retention of enrollment details, payment confirmations, and educational completion serves both legal requirements and potential dispute resolution.

Marketing communications represent a distinct category. If you've opted into promotional emails about new programmes or financial discipline insights, your details enter a separate communication stream. This remains optional — initial service delivery doesn't require promotional consent, and withdrawal from marketing doesn't affect core educational access.

External Information Movement

Third-party services receive specific data segments when their participation becomes necessary for operational functions. Email delivery platforms receive addresses and message content to distribute programme information. Payment processors receive transaction details to complete enrollment purchases. Video hosting services receive access logs when you view embedded educational content.

These external entities operate under contractual obligations that limit their use of your information to the specific services they provide. They cannot repurpose your details for their own marketing or sell them to other organizations. However, they maintain their own privacy frameworks governing how they handle data within the scope of services rendered.

Legal obligations may compel disclosure. If a court order demands specific records, or regulatory authorities require information under financial services oversight, we comply with lawful requests. Such instances remain rare and occur only when legal process leaves no alternative.

Should our organizational structure change — through acquisition, merger, or business transfer — your records would likely transfer to the successor entity. They would inherit the same obligations outlined here, though their broader privacy practices might differ. Advance notification would occur if feasible under the circumstances.

User Control and Information Rights

Access to your records occurs through direct request. Email [email protected] specifying what information you wish to review, and we'll compile a comprehensive report of details we hold. This typically takes five to seven business days depending on the complexity of your interaction history.

Corrections follow a similar path. If inaccuracies appear in your profile — an outdated email, incorrect name spelling, or erroneous enrollment records — notify us and we'll amend the records. Some changes require verification to prevent unauthorized account modifications, particularly for core identifying details.

Deletion Requests

Requesting removal of your information initiates a graduated process. Active educational relationships complicate immediate deletion since ongoing programme delivery depends on maintaining your records. Once programmes conclude and legal retention periods expire, we can purge details comprehensively.

Financial transaction records face mandatory retention requirements under South African regulatory frameworks. These persist for prescribed periods regardless of deletion requests, though we segregate them from active marketing and operational systems once the core relationship ends.

Communication Preferences

Unsubscribing from promotional emails occurs through links embedded in every marketing message, or by updating preferences in your account dashboard. This removes you from discretionary communications while preserving essential transactional messages — enrollment confirmations, programme schedule changes, or critical system notifications.

For tracking technologies like cookies and similar mechanisms, consult our separate cookie policy document available on the website. That specialized notice addresses browser storage, analytics tools, and session management in detail.

Data Lifespan and Retention Framework

Different categories of information persist for varying durations based on functional necessity and legal mandates. Marketing inquiry details for individuals who never enroll typically remain for two years — long enough to accommodate extended decision-making periods, but not indefinitely. After that window, if no further engagement occurs, the records enter deletion queues.

Enrolled participant records follow more extended retention schedules. Course completion certificates, payment histories, and educational progress records persist for seven years following programme conclusion. This aligns with standard financial services documentation requirements and accommodates situations where participants need historical proof of completed education for professional credentials or tax purposes.

System logs and security-related data refresh on shorter cycles. Access logs typically retain for 90 days unless security incidents flag specific entries for extended investigation. Once the operational security window closes, these technical details cycle out of active storage.

Backup systems complicate immediate deletion. Even after removal from primary databases, your information may persist in backup archives for up to six months before those snapshots refresh. During this interval, the data remains inaccessible for operational purposes but technically exists in our recovery infrastructure.

Privacy Inquiries and Rights Requests

For questions about this notice, requests to access or modify your information, or concerns about how your details are handled, reach our privacy team through the channels below. We respond to privacy-specific inquiries within 72 hours during business weeks.