2. User's Personal Data
2.1. Key terms
Upon registration, the User provides the Administration with personal data including name, surname, phone number and e-mail address. When registering and /or using the Service the Platform may automatically or with the participation of a User collect additional personal information, including IP-address, browser version, country, language, UTM parameters, partner's tags, address of a page's referrer, and other technical data, which can be used for identification of the User without taking additional measures.
2.2. Payment Policy
The Administration does not store full card details. It does not act as a Payment Controller, and only receives notifications about successful payments.
It is understood, however, that when receiving payment for the Tariff, the Administration may collect additional information including, inter alia, transaction number, transaction time, type and expiration date of the card used for payments as well as the last four digits of the card number, the cardholder's name, country, and city where the card has been charged.
2.3. Personal Data requested by third party services
2.4. Activity Data Tracking
For the purposes of security and fraud prevention, when the User is logged into their Account the following activities are logged: date and time of signing in, date and time when the payment was made, date and time when the User was actively participating in the educational process, including participation in video-conference calls, home assignment submission, chatting with other Users or the Administration representatives; date and time the password and e-mail were changed. All the content submitted by the User to the Platform is a subject for the Administration moderation.
3. The Personal Data Collection Procedure
The main ways of receiving personal information from Users are as follows:
a) the User provides personal information directly (e.g., when registering on the Platform or using a payment system).
c) the User can provide Personal Data on their own accord when they log in and use third-party services that have been knowingly integrated into the Platform.
4. Personal Data Use
The Administration may use Personal Data provided to it by the User to:
a) Create an Account and Personal account in order to use the Platform.
b) Provide client service and technical support.
c) Send notices by e-mail, such as confirmation of registration, a reminder or a notice about a forthcoming or completed payment, information about upcoming courses, a reminder about the start of the User's course, a reminder about the chat activity or home assignment comments submission, notices about significant changes in client service. These messages are mandatory from a technical point of view and cannot be cancelled for an active account.
d) Email-related educational materials regarding use of the Platform and monthly newsletters containing news connected with the Platform's functions. To opt out from receiving these messages, the User must follow the unsubscribe instruction which is contained in every message they receive.
e) Provide tailored service. For example, location and language detected by the browser are used to set the language of the Platform's interface.
f) Send promotional materials and advertising. Depending on how the User engages with the Platform, they may be sent individual marketing messages about products and services. Also, the information about User interaction with the Platform allows it to recalibrate advertising campaigns, for example, avoid showing social ads to the Platform's users.
5. Transfer of Personal Data to Third Parties
The Administration can share personal data with service providers that perform services on the Administration's behalf. For example, the Administration can engage third parties to help it provide customer support, manage to advertise, send notifications, and newsletters on the Administration's behalf. These third parties are prohibited from using the Users' personal data for promotional purposes.
The Administration can disclose personal data to the extent required by laws or to protect rights and interests if such disclosure is reasonably required in order to comply with laws or to prevent fraud. In particular, the Administration can disclose the User's data if it is lawfully requested by the state authorities or if it receives a justified claim addressed to the User regarding violation of the third parties' rights and/or the Terms of Service Agreement.
The Administration can share the User's personal data with third parties to provide the User with targeted advertising, and also to measure and control its effectiveness. For example, the Administration can use encrypted e-mails to adjust advertising in social networks to avoid showing these ads to current Platform users.
6. Storage of Data
The processing and storage of User's personal data will be carried out on the legal grounds during the time that the account exists. In the event that the account is deleted, some data may be stored insofar as it is necessary for fulfilling legal obligations, settling disputes, preventing fraud, and protecting the interests of the Administration.
The Administration takes all necessary technical and organizational precautions to protect User's personal data against unauthorized or accidental access, deletion or alteration, blocking, copying, disclosure, or other unauthorized actions of third parties.
In case of loss or disclosure of User's personal data, the Administration notifies the User about the fact of their personal data loss or disclosure.
Cookies are small text files sent by the server to the User's device. Cookies perform many functions, for example, they allow to save the settings made by the user, allow the user to move between pages after signing in, and, on the whole, make working on a website easier.
Here is how we use cookie files:
а) Identification — cookie files allow website providers to recognize your advice and your Account so they do not have to request your login details and password every time you go to another page.
b) Analytics — cookie files allow us to obtain information about the viewing how many times this or that page was viewed.
9. Managing Personal Data
The User can review, change or delete Personal data that was provided by the User or that was collected from the User's website, in their personal account or by sending a relevant query to firstname.lastname@example.org. The User may use the same e-mail address should the User request their online Account to be deleted.
For technical reasons, the information may not be deleted straight away, but with a delay. Please note that we may retain some of the information to the extent that is necessary for fulfilling legal obligations, resolving disputes, preventing fraud, and protecting the legitimate interests of the Administration.
10. User's Obligations
In relation to the User to the Administration, the User provides their personal data and keeps it up to date.
11. Administration Obligations
The Administration undertakes to:
c) Take measures to protect the confidentiality of User's personal information according to standard procedures.
d) Block the User's personal information immediately after receiving a request from the User or their legal representative or a relevant authority for the protection of the User's personal data while it is being checked in case invalid data or unauthorized activities are detected.
The Administration may share the User's personal data with the authorities in the relevant jurisdiction solely on the grounds and in accordance with the legislation of the EU and Estonia.
12. Liabilities of the Parties
In case of failure to perform its obligations, the Administration accepts liability for any losses, which amount is limited to the cost of the Tariff, incurred by the User as a result of the unauthorized use of their personal data, in accordance with the legislation of the EU and Estonia, except for the cases when personal data:
a) was disclosed to the competent authorities in the relevant jurisdiction;
b) was disclosed by the third party after it was shared by the Administration with the User's consent;
c) became public before it was lost or disclosed;
d) was received from a third party before it was provided to the Administration;
e) was disclosed with the User's consent;
f) was disclosed as a result of a force majeure event;