Privacy Policy

2. Personal Data We Collect

The categories of personal data we may collect depend on how you interact with the Site. We collect only what is reasonably necessary to provide the Site, respond to inquiries, and run our education business in a secure and measurable way.

• Identity and contact data: name, email address, and (if you choose to provide it) phone number.
• Form content: the message you send, your interests (e.g., a specific course topic), time zone, availability, background context, and any other details you include.
• Technical data: IP address, browser type and version, device type, operating system, language settings, and approximate location inferred from IP (city/region level).
• Usage data: pages you visit, time spent, referral source, and interaction events (such as clicks on key navigation or form actions).
• Cookies and identifiers: first-party cookies for session continuity and consent storage, and (where you opt in) analytics and marketing cookies.
• Conversion events: events that indicate a successful interaction (for example, sending a contact request) and the attribution context needed to measure performance.

We do not intentionally collect special-category data (such as health data, religious beliefs, or political opinions), financial account details, or government identification numbers through our standard contact forms. Please do not include such information in your message.

3. Why We Process Personal Data & Legal Bases

Where GDPR and related laws apply, we process personal data under the legal bases described below. In practice, most processing falls into a small set of predictable activities: responding to inquiries, running and securing the Site, and measuring what content is useful.

Automated decision-making: we do not engage in automated decision-making or profiling that produces legal or similarly significant effects on you within the meaning of GDPR Art. 22.

4. Cookies & Tracking Technologies

We use cookies and similar technologies (such as pixel tags and server-side event forwarding) to keep the Site functioning, remember your cookie choices, and (if you opt in) understand traffic and measure marketing performance.

We group cookies into three categories. These categories match our Cookie Policy and the cookie controls available through the “Manage cookie preferences” link in the footer.

Essential cookies (always active)

Essential cookies are required for basic functionality such as session continuity and storing your consent choice. These cookies do not require opt-in consent in many jurisdictions because the Site cannot operate correctly without them.

• _site_session: used for session continuity and basic request integrity. Retention: session to short-term (implementation-dependent).
• cookie_consent: stores your cookie consent choice. Retention: 12 months.

Analytics cookies (opt-in)

Analytics cookies help us understand traffic and improve content. When enabled, we may use Google Analytics 4 (GA4) configured to reduce data granularity where possible (for example, IP anonymization or similar privacy controls depending on the tool’s configuration). Retention for analytics data is typically set to 14 months.

• _ga (example): GA4 user identifier. Typical retention: 2 years.
• _ga_XXXXXXXXXX (example): GA4 session state. Typical retention: 2 years.

Marketing cookies (opt-in)

Marketing cookies are used for conversion measurement and to show relevant advertising. When enabled, marketing tools may create or read identifiers that support attribution, remarketing audiences, and frequency management.

• _gcl_au (example): Google Ads conversion linker. Typical retention: 90 days.
• _fbp and _fbc (examples): Meta Pixel identifiers. Typical retention: 90 days.

Beyond cookies, some vendors support server-side event transmission (for example, hashed identifiers based on email where permitted and configured). Where used, this is governed by the same consent category as the corresponding marketing or analytics tool.

5. Consent (EEA/UK) and How to Withdraw

Users in the EEA and the UK receive a cookie notice designed to support consent requirements under GDPR / UK GDPR. Analytics and marketing cookies activate only after explicit, informed, freely given consent (Art. 6(1)(a)).

Your choice is stored in the cookie_consent cookie (typically for 12 months). You may withdraw consent at any time by selecting “Manage cookie preferences” in the footer, or by clearing cookies in your browser. Withdrawal does not affect the lawfulness of processing carried out before you withdrew consent.

6. Sharing With Advertising & Service Partners

We may share limited personal data with service providers that help us operate the Site, protect it from abuse, and measure performance. The exact tools depend on how the Site is configured at any given time and on your consent preferences.

• Google LLC: analytics and advertising measurement (for example, Google Analytics 4 and Google Ads). Data shared may include cookie identifiers, usage events, and conversion events depending on consent.
• Meta Platforms, Inc.: advertising measurement and remarketing (for example, Meta Pixel and related tools) depending on consent. Data may include page view and conversion events plus identifiers such as _fbp/_fbc where present.
• Cloudflare: content delivery, performance, and security services. Cloudflare may process IP addresses and security signals to protect against abuse.

We do not sell personal data. Where ad partners are used, data is processed to provide measurement and delivery services to us. We do not permit providers to use Site data for their own independent commercial purposes.

7. International Transfers

Some service providers may process data outside the EEA/UK, including in the United States. Where international transfers occur, we rely on appropriate safeguards. Depending on the provider and the specific configuration, safeguards may include the EU–US Data Privacy Framework (and the UK Extension), the Swiss–US Data Privacy Framework, and/or Standard Contractual Clauses (EU 2021/914) as a fallback, plus UK IDTA where applicable.

We take reasonable steps to ensure that transfers are protected by contractual and technical measures appropriate to the risk and the nature of the data.

8. Data Retention

We keep personal data only as long as needed for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Retention is guided by practical needs: responding to requests, keeping a consistent correspondence record, and maintaining security.

• Contact submissions: up to 2 years from the last interaction, unless a longer period is required for legitimate business reasons or legal claims.
• Email correspondence: for the duration of the relationship plus 1 year, unless deletion is requested and no overriding legal basis applies.
• Analytics data: typically 14 months (tool configuration dependent) and only if analytics consent is granted.
• Marketing cookies: per cookie lifetime (often 90 days for common ad identifiers) and only if marketing consent is granted.
• Server/security logs: typically up to 90 days, unless we need longer retention to investigate abuse or incidents.
• Consent records: we may retain a minimal record of consent choices for up to 3 years for audit purposes.
• Legal/tax: where applicable, data may be retained for statutory periods (often 6–10 years for certain business records).

9. Your Rights (GDPR & UK GDPR)

If GDPR or UK GDPR applies to you, you may have the right to request access to your personal data (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and to object to processing (Art. 21). Where processing is based on consent, you may withdraw consent at any time (Art. 7(3)).

To exercise your rights, email [email protected]. We aim to respond within 30 days. For complex requests, we may extend the response period by up to 60 additional days, as permitted by law.

You also have the right to lodge a complaint with a supervisory authority. For guidance, consult:

• EU Data Protection Authorities: edpb.europa.eu
• UK Information Commissioner’s Office (ICO): ico.org.uk
• Germany (BfDI): bfdi.bund.de
• France (CNIL): cnil.fr
• Poland (UODO): uodo.gov.pl
• Spain (AEPD): aepd.es

10. Children

This Site is not directed at individuals under 16. We do not knowingly collect personal data from minors. If we learn that a child under 16 has submitted personal data without verifiable parental consent, we will delete it promptly.

11. Do Not Track Signals

Some browsers offer “Do Not Track” (DNT) signals. This Site does not respond to DNT signals in a uniform way because there is no single industry standard. Third-party providers may have their own approaches to DNT.

12. Data Deletion Requests

You may request deletion of your personal data by emailing [email protected] with the subject line “Data Deletion Request”. We may need to verify your identity before completing the request. Where we must keep certain records to comply with legal obligations, we will retain only the minimum required and restrict access.

13. Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal data may be transferred as part of that transaction. If such a transfer materially changes how personal data is used, we will provide notice on the Site.

14. California (CCPA / CPRA)

If you are a California resident, you may have rights under the California Consumer Privacy Act (CCPA) as amended by the CPRA. In the past 12 months, we may have collected the following categories of personal information: identifiers (such as name, email, IP address, cookie identifiers), internet or network activity information (such as pages viewed and interactions), and inferences (such as general content interest derived from usage patterns).

We do not sell personal information as defined by CCPA. We may share certain information for cross-context behavioral advertising when marketing cookies are enabled. California residents may opt out of such sharing through our cookie preferences panel (available via the footer link).

You may request: (1) the categories and specific pieces of personal information we have collected; (2) deletion; (3) correction; and (4) to opt out of sale/sharing. We will not discriminate against you for exercising your rights.

To submit a request, email [email protected] with the subject line “California Privacy Request”. We may need to verify your identity. Authorized agents may submit requests with written proof of authorization.

15. Virginia (VCDPA)

If you are a Virginia resident, you may have rights under the Virginia Consumer Data Protection Act (VCDPA), including the rights to access, correct, delete, and obtain a copy of your personal data, and to opt out of targeted advertising.

We do not sell personal data or engage in profiling that produces legal or similarly significant effects. To submit a request, email [email protected] with the subject line “Virginia Privacy Request”.

If we decline your request, you may appeal by emailing with the subject “Appeal of Refusal — Privacy Request”. We aim to respond to appeals within 60 days. If your appeal is not resolved, you may contact the Virginia Attorney General.

16. Nevada

Nevada residents may submit a verified opt-out request by emailing us with the subject line “Nevada Do Not Sell Request”. We do not currently sell personal information under Nevada Revised Statutes Chapter 603A.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be announced via a notice on the Site at least 14 days before they take effect, when feasible. The “Last Updated” date at the top of this page reflects the current version.

18. Contact

If you have questions about this Privacy Policy or how we handle personal data, contact: