Privacy Policy
At Amanar.io, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information.
Table of Contents
1. Introduction
Amanar.io ("we", "us", or "our") operates an online learning platform that provides educational courses, certifications, and related services. This Privacy Policy describes how we handle your personal information when you use our website, mobile applications, and services (collectively, the "Platform").
We are committed to complying with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws. By using our Platform, you consent to the practices described in this Privacy Policy.
2. Data Controller
The data controller responsible for your personal information is:
Company: Amanar.io
Address: Tunis, Tunisia
Email: privacy@amanar.io
Data Protection Officer: dpo@amanar.io
3. Information We Collect
We collect various types of information to provide and improve our services:
Personal Information You Provide
- Account Information: Name, email address, password, profile picture, phone number (optional)
- Payment Information: Billing address, payment card details (processed securely through third-party payment processors)
- Profile Data: Bio, education history, professional background, interests, preferences
- Communications: Messages sent through our Platform, support tickets, survey responses
- Instructor Information: Tax ID, bank account details, certifications, teaching credentials
Information Collected Automatically
- Device Information: IP address, browser type, operating system, device identifiers
- Usage Data: Pages viewed, courses accessed, time spent, click patterns, search queries
- Learning Progress: Course completion rates, quiz scores, certificates earned, video watch time
- Location Data: Approximate geographic location based on IP address
- Cookies & Tracking: Session cookies, analytics cookies, preference cookies (see Section 10)
Information from Third Parties
- Social Media: Profile information if you sign in via Google, Facebook, or LinkedIn
- Payment Processors: Transaction confirmations, fraud prevention data
- Analytics Providers: Aggregated usage statistics and behavior patterns
- Referral Partners: Information about users who join through referral programs
4. How We Use Your Data
We use your personal information for the following purposes:
Service Delivery
- • Create and manage your account
- • Process course enrollments and payments
- • Deliver educational content and materials
- • Issue certificates and track progress
- • Facilitate instructor-student communication
Platform Improvement
- • Analyze usage patterns and trends
- • Personalize your learning experience
- • Recommend relevant courses
- • Improve Platform functionality
- • Develop new features and services
Communication
- • Send transactional emails (receipts, confirmations)
- • Provide customer support
- • Send course updates and notifications
- • Share promotional offers (with consent)
- • Conduct surveys and gather feedback
Security & Compliance
- • Prevent fraud and abuse
- • Enforce our Terms and Conditions
- • Comply with legal obligations
- • Protect user safety and security
- • Respond to legal requests
5. Legal Basis for Processing (GDPR)
Under GDPR, we process your personal data based on the following legal grounds:
-
•
Contractual Necessity: Processing necessary to fulfill our contract with you (e.g., providing courses you purchased)
-
•
Legitimate Interests: Processing for our legitimate business interests (e.g., improving services, fraud prevention) balanced against your rights
-
•
Consent: Processing based on your explicit consent (e.g., marketing communications, optional features)
-
•
Legal Obligations: Processing required to comply with applicable laws and regulations
6. Data Sharing and Disclosure
We may share your personal information with the following parties:
Service Providers
Third-party vendors who help us operate the Platform: payment processors (Stripe, PayPal), cloud hosting (AWS), email services (SendGrid), analytics (Google Analytics), customer support tools.
Instructors
When you enroll in a course, we share limited information (name, email, progress) with the instructor to facilitate learning and communication.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
Legal Requirements
We may disclose information to comply with legal obligations, court orders, government requests, or to protect our rights and safety.
With Your Consent
We may share information with other parties when you explicitly consent to such sharing.
Important: We do NOT sell your personal information to third parties for their marketing purposes.
7. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy:
- Active Accounts: Data retained while your account is active and for a reasonable period after closure
- Course Data: Learning progress and certificates retained indefinitely to maintain your educational records
- Payment Records: Transaction data retained for 7 years for tax and accounting purposes
- Marketing Data: Deleted upon withdrawal of consent or after 2 years of inactivity
- Legal Holds: Data may be retained longer when required by law or for legitimate legal purposes
When data is no longer needed, we securely delete or anonymize it.
8. Data Security
We implement robust security measures to protect your personal information:
Technical Measures
- • SSL/TLS encryption for data in transit
- • AES-256 encryption for data at rest
- • Secure password hashing (bcrypt)
- • Regular security audits and penetration testing
- • Firewall protection and intrusion detection
Organizational Measures
- • Limited employee access on need-to-know basis
- • Staff training on data protection
- • Confidentiality agreements with vendors
- • Incident response procedures
- • Regular security awareness programs
Note: While we use industry-standard security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
9. Your Rights
You have the following rights regarding your personal data:
Right to Access
Request a copy of the personal data we hold about you
Right to Rectification
Correct inaccurate or incomplete personal data
Right to Erasure ("Right to be Forgotten")
Request deletion of your personal data under certain circumstances
Right to Restriction
Limit how we use your personal data
Right to Data Portability
Receive your data in a structured, machine-readable format
Right to Object
Object to processing based on legitimate interests or for direct marketing
Right to Withdraw Consent
Withdraw consent for processing at any time (does not affect prior processing)
Right to Lodge a Complaint
File a complaint with your local data protection authority
How to Exercise Your Rights
To exercise any of these rights, please contact us at:
11. International Data Transfers
Your personal data may be transferred to and processed in countries other than your country of residence, including Tunisia and countries where our service providers operate.
Safeguards for International Transfers
- ✓ We ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission
- ✓ We work with service providers certified under recognized data protection frameworks
- ✓ We conduct due diligence to ensure adequate data protection standards
12. Children's Privacy
Age Requirement: Our Platform is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18.
If you are under 18, you may only use our Platform with the involvement and consent of a parent or legal guardian.
If we become aware that we have collected personal data from a child under 18 without parental consent, we will take steps to delete that information promptly. Parents who believe we may have collected information from their child should contact us at privacy@amanar.io.
13. Third-Party Links
Our Platform may contain links to third-party websites, plugins, and applications. Clicking on these links may allow third parties to collect or share data about you.
Important: We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to read the privacy policy of every website you visit. This Privacy Policy applies only to information collected by Amanar.io.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
How We Notify You:
- We will post the updated policy on this page with a new "Last Updated" date
- For material changes, we will provide prominent notice (email notification or Platform banner)
- Your continued use of the Platform after changes constitutes acceptance
- We encourage you to review this policy periodically
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Mailing Address
Amanar.io
Tunis, Tunisia
Response Time
We will respond to your inquiry within 30 days