General Data Protection Regulation (GDPR) Compliance

Last Updated: December 25, 2024

Domain is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This document explains how we collect, use, store, and protect your information when you use our educational platform.

1. Data Controller Information

Domain operates as the data controller for personal information collected through our platform.

Contact Details:

• Company Name: Domain
• Address: 102-106 Strickland St, Whitehorse, YT Y1A 2J5, Canada
• Email: [email protected]
• Phone: +13065853060

2. Legal Basis for Processing

We process your personal data under the following lawful bases:

• Contractual Necessity: To provide educational services you have enrolled in
• Legitimate Interest: To improve our platform, communicate updates, and ensure security
• Consent: For marketing communications and optional features
• Legal Obligation: To comply with applicable laws and regulations

3. Personal Data We Collect

3.1 Information You Provide

• Account registration details (name, email address, password)
• Profile information (learning preferences, educational background)
• Payment and billing information
• Course enrollment and completion data
• Communications with our support team
• Feedback and survey responses

3.2 Automatically Collected Information

• Device and browser information
• IP address and location data
• Learning activity and progress tracking
• Platform usage statistics
• Cookies and similar technologies

4. How We Use Your Data

We use your personal data for the following purposes:

• Providing access to educational content and course materials
• Processing enrollments and managing your account
• Tracking learning progress and issuing certificates
• Communicating important updates and notifications
• Processing payments and maintaining billing records
• Improving platform functionality and user experience
• Providing technical support and responding to inquiries
• Preventing fraud and ensuring platform security
• Analyzing usage patterns to enhance educational offerings
• Sending marketing communications (with your consent)

5. Your Rights Under GDPR

As a data subject, you have the following rights:

5.1 Right of Access

You can request confirmation of whether we process your personal data and obtain a copy of that data.

5.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

5.3 Right to Erasure

You can request deletion of your personal data under certain circumstances, including when it is no longer necessary for the purposes collected or you withdraw consent.

5.4 Right to Restriction of Processing

You can request limitation on how we use your data in specific situations.

5.5 Right to Data Portability

You can request your data in a structured, commonly used format and transmit it to another controller.

5.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

5.7 Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produces legal or significant effects.

5.8 Right to Withdraw Consent

Where processing is based on consent, you can withdraw that consent at any time.

6. Exercising Your Rights

To exercise any of your rights, please contact us using the details provided above. We will respond to your request within one month, though this may be extended by two additional months for complex requests.

You will not be charged a fee for exercising your rights unless your request is manifestly unfounded or excessive.

7. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this document:

• Active Accounts: Data retained while your account remains active
• Course Records: Learning progress and certificates retained for educational verification purposes
• Financial Records: Billing information retained as required by applicable tax and accounting regulations
• Marketing Data: Retained until you withdraw consent or unsubscribe
• Inactive Accounts: Data deleted or anonymized after prolonged inactivity

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions recognizing equivalent data protection standards
• Other legally recognized transfer mechanisms

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Employee training on data protection practices
• Incident response procedures

10. Data Sharing and Disclosure

We may share your personal data with:

10.1 Service Providers

Third-party vendors who assist with platform operations, payment processing, email delivery, and analytics. These providers are contractually obligated to protect your data.

10.2 Legal Requirements

Authorities and organizations when required by law, legal process, or to protect our rights and safety.

10.3 Business Transfers

In connection with mergers, acquisitions, or asset sales, where your data may be transferred as part of business assets.

We do not sell your personal data to third parties.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance platform functionality and analyze usage. You can manage cookie preferences through your browser settings. Blocking certain cookies may affect platform functionality.

Categories of cookies we use:

• Essential Cookies: Required for platform operation
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how users interact with our platform
• Marketing Cookies: Used for targeted communications (with your consent)

12. Children's Privacy

Our platform is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.

13. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

14. Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority if you believe we have processed your personal data unlawfully. You can contact the supervisory authority in your country of residence, workplace, or where the alleged infringement occurred.

15. Changes to This Document

We may update this GDPR compliance document to reflect changes in our practices or legal requirements. We will notify you of significant changes through our platform or by email. Continued use of our services after changes constitutes acceptance of the updated terms.

16. Contact for Data Protection Matters

For questions, concerns, or requests related to your personal data and GDPR rights, please contact us:

• Email: [email protected]
• Phone: +13065853060
• Address: 102-106 Strickland St, Whitehorse, YT Y1A 2J5, Canada

We are committed to addressing your concerns and resolving any issues in a timely and transparent manner.

---

Consent Record: By using our platform, you acknowledge that you have read and understood this GDPR compliance document and how we process your personal data.