Privacy Policy

Last updated: [INSERT LAST UPDATED DATE]

This Privacy Policy explains how [INSERT REGISTERED COMPANY NAME] trading as "E-demia Academy" ("we", "us", "our") collects, uses, discloses, and protects your personal information when you use the Platform.

1. Scope

This Privacy Policy applies to all users who access or use the e-demia academy Platform at [INSERT DOMAIN] and any related services.

2. Information We Collect

2.1 Information you provide to us

Account information: name, email address, password, and other details you provide when creating or updating your account.
Profile information: job title, organisation, industry, areas of interest, or other profile details (where applicable).
Course data: enrolments, assignments, messages, posts in discussion forums, submitted projects, assessments, and feedback.
Communications: copies of messages and communications you send to us, including support requests and feedback.

2.2 Payment information

Payments are processed by Paystack. We do not store your complete payment card details.
We may receive limited payment-related information from Paystack, such as transaction IDs, amounts, and status, for record-keeping, fraud prevention, and accounting purposes.

2.3 Automatically collected information

Usage data: pages viewed, time on page, clicks, search queries, interactions with Course content, completion status, and other usage analytics.
Device and log data: IP address, browser type and version, device identifiers, operating system, access times, and referring URLs.
Cookies and similar technologies: identifiers used for authentication, session management, and analytics. See our Cookie Policy for details.

2.4 Learning metrics and analytics

We collect data about your learning activity, including:

Course progress, quiz scores, assignment submissions, completion rates, and completion dates.
Engagement metrics such as time spent on learning activities, participation in discussions, and other interactions.

3. How We Use Your Information

We use your personal information for the following purposes:

To provide and maintain the Platform: including account creation, authentication, Course delivery, progress tracking, and support.
To process payments: including handling Course purchases and refunds via Paystack.
To analyse and improve learning experiences: using learning metrics and analytics to enhance Course content, personalise recommendations, and improve the Platform.
To communicate with you: sending administrative messages, service announcements, security alerts, and responses to your queries.
Marketing (where permitted): sending you information about new Courses, features, or promotions. You may opt out at any time by following unsubscribe instructions or contacting us.
To maintain security and prevent fraud: detecting, investigating, and preventing fraudulent transactions, abuse, or violations of our Terms or Student Honor Code.
To comply with legal obligations: meeting our obligations under South African law and cooperating with lawful requests from regulators or law enforcement.

4. Legal Bases for Processing (where applicable)

Where data protection laws require a legal basis for processing, we rely on:

Contract: to provide services under our Terms of Service.
Legitimate interests: to improve the Platform, prevent fraud, and protect our legal rights.
Consent: for certain types of marketing communications and non-essential cookies.
Legal obligations: for record-keeping and responding to lawful requests.

5. How We Share Your Information

We may share your information with:

Service providers and processors: including:
- Paystack for payment processing;
- AWS (e.g. for email delivery and infrastructure services);
- DigitalOcean and other cloud providers for hosting and infrastructure;
- Analytics, error monitoring, and communication tool providers (if implemented).
Instructors and partner organisations: to the extent necessary to deliver Courses, assess your work, and provide feedback.
Corporate or institutional clients: Where you access the Platform through an employer, institution, or corporate client, we may share limited learning-related information, such as enrolment status, Course completion status, and completion dates, only to the extent necessary to deliver the relevant programme and as described to you at enrolment. We do not share detailed assessment submissions, discussion content, or personal communications with corporate or institutional clients unless:
- You have been clearly informed and consented; or
- Such sharing is required by law.
Legal and regulatory authorities: where required to comply with law, legal process, or requests from competent authorities.
Business transfers: in connection with any merger, acquisition, sale of assets, or similar transaction, subject to appropriate confidentiality safeguards.

6. International Transfers

Your information may be transferred to and processed in countries other than your country of residence, including countries where data protection rules differ. Where required by law, we will take appropriate measures to protect your information, such as contractual safeguards.

7. Data Retention

We retain your personal information for as long as necessary to:

Provide the Platform and Courses;
Comply with our legal and accounting obligations;
Resolve disputes and enforce our agreements.

Where feasible, we may anonymise data so that it can no longer be associated with you.

8. Your Rights

Depending on applicable data protection laws, you may have the right to:

Access the personal information we hold about you.
Request correction of inaccurate or incomplete information.
Request deletion of your personal information, subject to our legal obligations to retain certain data.
Object to or request restriction of certain types of processing.
Withdraw consent where processing is based on consent (for example, marketing communications).

To exercise any of these rights, please contact us at [INSERT CONTACT EMAIL]. We may require proof of identity before responding.

9. Security

We implement reasonable technical and organisational measures designed to protect your personal information against unauthorised access, alteration, disclosure, or destruction. However, no system is completely secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Platform is intended for users aged 18 and over. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child, we will take steps to delete it. If you believe a child has provided us with personal information, please contact us.

11. Third-Party Links

The Platform may contain links to third-party websites or services that are not controlled by us. We are not responsible for the privacy practices of such third parties. We encourage you to review their privacy policies.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Where required by law, we will provide notice of material changes.

13. Contact Us

We have appointed an Information Officer as required under the Protection of Personal Information Act (POPIA).

If you have concerns about how your personal information is processed, you may contact us using the details below. You also have the right to lodge a complaint with the Information Regulator of South Africa.

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

[INSERT REGISTERED COMPANY NAME]
Trading as: E-demia Academy
Email: [INSERT CONTACT EMAIL]
Address: [INSERT POSTAL ADDRESS]