Privacy Policy
Last Updated: February 2025
DataPipe Systems is committed to protecting your privacy and personal data. This policy explains how we collect, use, and safeguard your information when you use our website and educational services.
1. Data Controller Information
Company: DataPipe Systems
Address: 89 Athalassa Avenue, 2024 Nicosia, Cyprus
Email: privacy@domain.com
Phone: +357 22 674539
We are the data controller responsible for your personal data and comply with the General Data Protection Regulation (GDPR) and Cyprus data protection laws.
2. Data Collection and Sources
Personal Data We Collect
- Contact Information: Name, email address, phone number, postal address
- Course-Related Data: Educational background, technical experience level, course preferences
- Communication Data: Messages sent through contact forms, email correspondence, support requests
- Payment Information: Billing details for course enrollment (processed by secure third-party providers)
- Technical Data: IP address, browser type, device information, cookies and usage analytics
How We Collect Data
- Directly from you: Contact forms, course enrollment, email communication
- Automatically: Website cookies, analytics tools, server logs
- Third parties: Payment processors, marketing platforms (with your consent)
- Public sources: Professional networking sites (LinkedIn) for business development
3. Legal Basis for Processing
Consent
- • Marketing communications and newsletters
- • Non-essential cookies and tracking
- • Course recommendations and promotions
- • Social media retargeting campaigns
Contract Performance
- • Course enrollment and delivery
- • Payment processing and invoicing
- • Student support and communication
- • Certificate issuance and verification
Legitimate Interest
- • Website analytics and improvement
- • Fraud prevention and security
- • Business development activities
- • Course content enhancement
Legal Obligation
- • Tax and accounting records
- • Regulatory compliance reporting
- • Court orders and legal requests
- • Anti-money laundering checks
4. How We Use Your Data
Educational Services
We use your personal data to deliver high-quality data engineering education and support:
- Course enrollment and progress tracking
- Personalized learning recommendations
- Student support and mentorship programs
- Certification and credential verification
- Alumni network and career services
Communication and Marketing
With your consent, we may use your data for marketing and communication purposes:
- Course updates and new program announcements
- Educational newsletters and industry insights
- Event invitations and webinar notifications
- Surveys and feedback requests
Website and Service Improvement
We analyze usage data to enhance our website and educational offerings:
- Website performance and user experience optimization
- Course content effectiveness analysis
- Technical support and troubleshooting
- Security monitoring and fraud prevention
5. Data Retention Periods
| Data Type | Retention Period | Reason |
|---|---|---|
| Contact form submissions | 3 years | Business correspondence and follow-up |
| Course enrollment records | 7 years | Educational records and certification |
| Payment and billing data | 7 years | Tax and legal compliance |
| Marketing consent | Until withdrawn | Ongoing consent management |
| Website analytics | 26 months | Google Analytics standard retention |
| Security logs | 12 months | Security monitoring and compliance |
6. Data Sharing and Third Parties
Service Providers
We share data with trusted third-party providers who help us deliver our services:
- Payment Processors: Stripe, PayPal for secure payment handling
- Email Services: Mailchimp, SendGrid for course communications
- Analytics: Google Analytics, Hotjar for website optimization
- Cloud Hosting: AWS, Google Cloud for data storage and processing
- Customer Support: Zendesk, Intercom for technical assistance
Legal Requirements
We may disclose your data when required by law or to protect our rights:
- Court orders and legal proceedings
- Tax authorities and regulatory compliance
- Law enforcement requests with proper authorization
- Protection against fraud and security threats
Data Protection Measures
All third-party processors are bound by strict data protection agreements:
- GDPR-compliant data processing agreements
- Regular security audits and compliance checks
- Data minimization and purpose limitation
- Secure data transmission and storage protocols
7. International Data Transfers
Some of our service providers are located outside the European Economic Area (EEA). We ensure adequate protection through:
Protection Mechanisms
- EU Commission adequacy decisions
- Standard Contractual Clauses (SCCs)
- Data Processing Agreements (DPAs)
- Certification schemes and codes of conduct
Key Transfer Destinations
- United States: Google, AWS (adequacy framework)
- United Kingdom: Various providers (adequacy decision)
- Canada: Some analytics providers (adequacy decision)
- Other countries: Standard Contractual Clauses
8. Data Security Measures
Technical Safeguards
Encryption and Access
- • SSL/TLS encryption for data transmission
- • AES-256 encryption for data at rest
- • Multi-factor authentication for staff access
- • Role-based access control systems
Monitoring and Backup
- • 24/7 security monitoring and alerts
- • Regular automated backups
- • Intrusion detection and prevention
- • Vulnerability scanning and testing
Organizational Measures
- Staff training on data protection and privacy
- Regular security awareness programs
- Incident response and breach notification procedures
- Annual security audits and compliance reviews
9. Your Data Protection Rights
Access and Control
- Right to Access: Request copies of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your data
- Right to Restrict: Limit how we process your data
Portability and Objection
- Data Portability: Receive your data in a portable format
- Right to Object: Stop processing for marketing purposes
- Withdraw Consent: Remove consent at any time
- Lodge Complaints: Contact supervisory authorities
How to Exercise Your Rights
To exercise any of these rights, contact us using the information below:
Email: privacy@domain.com
Phone: +357 22 674539
Post: DataPipe Systems
89 Athalassa Avenue
2024 Nicosia, Cyprus
Response Time: We will respond to your request within 30 days. For complex requests, we may extend this period by 60 days with notification.
10. Data Breach Procedures
In the unlikely event of a data breach affecting your personal data, we will:
Immediate Response
- Contain the breach within 72 hours
- Assess the scope and impact
- Notify supervisory authorities
- Document the incident thoroughly
User Notification
- Direct notification if high risk to you
- Clear description of what happened
- Steps we are taking to address it
- Recommendations for your protection
11. Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we make material changes:
- We will notify you by email if you have an account with us
- We will post a notice on our website homepage
- We will update the "Last Updated" date at the top of this policy
- We will seek your consent for any substantial changes affecting your rights
We recommend reviewing this policy periodically to stay informed about how we protect your data.
12. Contact Information
Privacy Questions
For any questions about this privacy policy or our data practices:
Email: privacy@domain.com
Phone: +357 22 674539
Address: 89 Athalassa Avenue, 2024 Nicosia, Cyprus
Supervisory Authority
If you have concerns about our data handling, you can contact:
Cyprus Data Protection Authority
1 Iasonos Street, 1082 Nicosia
Phone: +357 22 818 456
Email: commissioner@dataprotection.gov.cy
Questions About Your Privacy?
Our privacy team is here to help. Contact us for any questions about your data or to exercise your rights.