Privacy Policy
Last updated: January 2025
1. Introduction
CertPilot ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our certification preparation platform.
2. Information We Collect
2.1 Personal Information
We may collect the following personal information:
- Name and email address
- Profile information and preferences
- Payment information (processed securely through third-party providers)
- Communication preferences
2.2 Usage Information
We automatically collect certain information about your use of our service:
- Log data (IP address, browser type, access times)
- Device information (device type, operating system)
- Usage patterns and interactions with our platform
- Performance data and error logs
2.3 Educational Data
We collect information related to your learning activities:
- Practice exam results and scores
- Study progress and completion rates
- Time spent on different modules
- Performance analytics and trends
3. How We Use Your Information
3.1 Service Provision
We use your information to:
- Provide and maintain our certification preparation services
- Process payments and manage subscriptions
- Personalize your learning experience
- Track your progress and performance
- Send important service updates and notifications
3.2 Improvement and Analytics
We use aggregated data to:
- Improve our platform and content
- Analyze usage patterns and trends
- Develop new features and services
- Ensure platform security and performance
3.3 Communication
We may use your contact information to:
- Send service-related communications
- Provide customer support
- Send marketing communications (with your consent)
- Respond to your inquiries and requests
4. Information Sharing and Disclosure
4.1 We Do Not Sell Your Data
We do not sell, trade, or rent your personal information to third parties.
4.2 Service Providers
We may share information with trusted third-party service providers who:
- Process payments securely
- Host our platform and data
- Provide analytics and monitoring services
- Assist with customer support
4.3 Legal Requirements
We may disclose your information if required by:
- Applicable laws and regulations
- Court orders or legal proceedings
- Government requests
- Protection of our rights and safety
4.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
5. Data Security
5.1 Security Measures
We implement appropriate technical and organizational measures to protect your information:
- Encryption of data in transit and at rest
- Regular security assessments and updates
- Access controls and authentication
- Secure data storage and backup procedures
5.2 Data Breach Response
In the event of a data breach, we will:
- Notify affected users promptly
- Take immediate steps to contain the breach
- Cooperate with relevant authorities
- Implement additional security measures
6. Data Retention
6.1 Retention Periods
We retain your information for as long as necessary to:
- Provide our services
- Comply with legal obligations
- Resolve disputes and enforce agreements
- Improve our services
6.2 Account Deletion
You may request deletion of your account and associated data. We will process such requests within 30 days, subject to legal requirements.
7. Your Rights and Choices
7.1 Access and Control
You have the right to:
- Access your personal information
- Update or correct your information
- Request deletion of your data
- Export your data in a portable format
7.2 Communication Preferences
You can:
- Opt out of marketing communications
- Update your notification preferences
- Unsubscribe from email lists
7.3 Cookies and Tracking
You can control cookies and tracking through your browser settings. However, disabling certain cookies may affect platform functionality.
8. International Data Transfers
8.1 Cross-Border Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.
8.2 Compliance
We comply with applicable data protection laws and regulations, including GDPR for European users.
9. Children's Privacy
9.1 Age Requirements
Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.
9.2 Parental Rights
If you believe we have collected information from a child under 13, please contact us immediately.
10. Third-Party Services
10.1 External Links
Our platform may contain links to third-party websites. We are not responsible for the privacy practices of these external sites.
10.2 Third-Party Integrations
We may integrate with third-party services (e.g., payment processors, analytics). These services have their own privacy policies.
11. Changes to This Policy
11.1 Policy Updates
We may update this Privacy Policy from time to time. Changes will be effective immediately upon posting.
11.2 Notification
We will notify you of significant changes through:
- Email notifications
- Platform announcements
- Updated policy posting
12. Contact Information
12.1 Privacy Inquiries
For questions about this Privacy Policy or your data, contact us at:
12.2 Data Protection Officer
For GDPR-related inquiries, contact our Data Protection Officer at:
13. Complaints
13.1 Internal Complaints
We encourage you to contact us first with any privacy concerns.
13.2 Regulatory Complaints
You have the right to lodge a complaint with your local data protection authority.
14. California Privacy Rights
14.1 CCPA Compliance
California residents have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt out of the sale of personal information
- Right to non-discrimination
14.2 California Contact
For CCPA-related requests, contact us at: california-privacy@certpilot.io