Privacy Policy
Last Updated: February 2025
Our Commitment to Data Protection
DataFlow Academy is committed to protecting your personal data and respecting your privacy rights. This policy explains how we collect, use, protect, and manage your personal information when you interact with our data analytics courses and educational services in Cyprus.
This policy applies to our website, course enrollment processes, educational materials, and all services provided by DataFlow Academy. By using our services, you agree to the collection and use of information in accordance with this policy.
For privacy-related inquiries, contact us at: privacy@domain.com
1. Information We Collect
Personal Information You Provide
We collect information you voluntarily provide when:
- Enrolling in our data analytics courses
- Submitting contact forms or course inquiries
- Creating an account for course access
- Participating in course evaluations or surveys
- Communicating with our support team
This may include: full name, email address, phone number, professional background, educational history, and course preferences.
Automatically Collected Information
When you visit our website, we automatically collect:
- IP address and geographical location
- Browser type, version, and operating system
- Pages visited and time spent on our website
- Referring website and search terms used
- Device information and screen resolution
Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Remember your preferences and login status
- Analyze website traffic and user behavior
- Provide personalized course recommendations
- Measure the effectiveness of our educational content
For detailed information about our cookie usage, please see our Cookie Policy.
2. How We Use Your Information
Service Delivery and Communication
- Processing course enrollments and managing student accounts
- Delivering educational content and course materials
- Responding to inquiries and providing customer support
- Sending course updates, schedules, and important announcements
- Facilitating communication between instructors and students
Educational Enhancement
- Personalizing course recommendations based on your interests
- Tracking learning progress and course completion
- Improving our curriculum and teaching methodologies
- Analyzing student performance to enhance educational outcomes
- Developing new data analytics courses for Cyprus market
Marketing Communications (with consent)
- Sending newsletters about new courses and programs
- Informing you about special offers and discounts
- Sharing relevant industry insights and analytics trends
- Inviting participation in surveys and feedback sessions
You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails.
Legal and Business Operations
- Complying with Cyprus legal and regulatory requirements
- Protecting against fraud and unauthorized access
- Maintaining accurate financial and tax records
- Resolving disputes and enforcing our terms of service
3. Legal Basis for Processing
Under GDPR and Cyprus data protection laws, we process your personal data based on:
Contract
To provide requested educational services, process enrollments, and deliver course content.
Consent
For marketing communications, cookies, and optional data processing activities.
Legitimate Interest
For business operations, security, fraud prevention, and improving our services.
Legal Obligation
To comply with Cyprus tax laws, regulatory requirements, and other legal obligations.
4. Data Protection and Security
We implement comprehensive security measures to protect your personal data:
Encryption and Secure Storage
All personal data is encrypted both in transit and at rest using industry-standard protocols. Our servers are hosted in secure, ISO 27001 certified data centers.
Access Controls
Access to personal data is strictly limited to authorized personnel who require it for their job functions. All access is logged and monitored.
Regular Security Audits
We conduct regular security assessments and vulnerability testing to ensure our systems remain secure against emerging threats.
Breach Notification
In the unlikely event of a data breach, we will notify relevant authorities within 72 hours and affected individuals without undue delay, as required by law.
5. Data Retention Periods
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy:
| Data Type | Retention Period | Reason |
|---|---|---|
| Course enrollment records | 5 years | Educational record keeping |
| Contact form submissions | 3 years | Customer service follow-up |
| Financial records | 7 years | Cyprus tax law compliance |
| Marketing consent data | Until consent withdrawn | Ongoing communications |
| Website analytics data | 26 months | Performance optimization |
6. Your Privacy Rights
Under GDPR and Cyprus data protection laws, you have the following rights regarding your personal data:
Right to Access
Request a copy of all personal data we hold about you, including information about how it's processed.
Right to Rectification
Correct any inaccurate or incomplete personal data we have about you.
Right to Erasure
Request deletion of your personal data when it's no longer necessary for the original purpose.
Right to Data Portability
Receive your personal data in a structured, commonly used format or transfer it to another provider.
Right to Object
Object to processing of your personal data for direct marketing or other legitimate interests.
Right to Withdraw Consent
Withdraw your consent at any time for processing based on consent, without affecting prior lawful processing.
How to Exercise Your Rights
To exercise any of these rights, contact us at:
- Email: privacy@domain.com
- Phone: +357 22 847391
- Address: 28 Makarios Avenue, 1065 Nicosia, Cyprus
We will respond to your request within 30 days. You also have the right to lodge a complaint with the Cyprus Data Protection Commissioner if you believe your rights have been violated.
7. International Data Transfers
Your personal data is primarily processed within the European Union. When we use third-party services that may transfer data outside the EU, we ensure appropriate safeguards are in place:
- European Commission adequacy decisions for countries with adequate protection levels
- Standard Contractual Clauses (SCCs) for data transfers to other countries
- Binding Corporate Rules for multinational service providers
- Certification mechanisms and codes of conduct where applicable
Third-Party Services
We may use cloud hosting services, analytics platforms, and educational tools that comply with EU data protection standards. All third-party processors are contractually bound to protect your data according to GDPR requirements.
8. Contact Information
Data Controller
DataFlow Academy
28 Makarios Avenue
1065 Nicosia, Cyprus
Phone: +357 22 847391
Email: privacy@domain.com
Supervisory Authority
Cyprus Data Protection Commissioner
1 Iasonos Street, 1082
Nicosia, Cyprus
Phone: +357 22 818 456
Website: dataprotection.gov.cy
9. Policy Updates
We may update this privacy policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify you via email if you have provided your email address
- Display a prominent notice on our website
- Obtain your consent for any changes that significantly affect your rights
We encourage you to review this policy periodically to stay informed about how we protect your personal data. Your continued use of our services after any changes indicates your acceptance of the updated policy.