Privacy Policy

Last updated: September 26, 2025

1. Introduction

CodeCraft Academy ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit our website or use our services.

2. Information We Collect

2.1 Information You Provide

  • Contact Information: Name, email address, phone number
  • Account Information: Username, password, profile details
  • Payment Information: Billing address, payment method details
  • Course Information: Progress, assignments, certifications
  • Communications: Messages, feedback, support requests

2.2 Information Collected Automatically

  • Device Information: IP address, browser type, operating system
  • Usage Data: Pages visited, time spent, click patterns
  • Cookies: Website preferences, session data
  • Analytics Data: Performance metrics, user behavior

3. How We Use Your Information

We use your personal information for the following purposes:

  • Service Provision: Deliver our programming courses and educational content
  • Communication: Send course updates, support responses, and important notices
  • Personalization: Customize your learning experience and recommend relevant courses
  • Payment Processing: Handle billing and payment transactions
  • Improvement: Analyze usage patterns to enhance our services
  • Marketing: Send promotional materials (with your consent)
  • Legal Compliance: Meet regulatory requirements and protect our rights

4. Legal Basis for Processing

Under UK GDPR, we process your personal data based on:

  • Contract Performance: Providing educational services you've signed up for
  • Legitimate Interest: Improving our services and preventing fraud
  • Consent: Marketing communications and optional cookies
  • Legal Obligation: Tax reporting and regulatory compliance

5. Information Sharing

We may share your information with:

5.1 Service Providers

  • Payment processors (Stripe, PayPal)
  • Email service providers (Mailchimp)
  • Analytics providers (Google Analytics)
  • Cloud hosting services (AWS, Google Cloud)
  • Customer support platforms

5.2 Legal Requirements

We may disclose information when required by law, court order, or to protect our rights and the safety of our users.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.

6. International Transfers

Some of our service providers are located outside the UK. When we transfer your data internationally, we ensure appropriate safeguards are in place, including:

  • Adequacy decisions by the UK Government
  • Standard contractual clauses
  • Binding corporate rules
  • Other appropriate safeguards approved by the ICO

7. Data Retention

We retain your personal data for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Pursue legitimate business purposes

Typically, we retain:

  • Account Data: Until account deletion plus 3 years
  • Course Records: 7 years for certification purposes
  • Financial Records: 7 years for tax compliance
  • Marketing Data: Until you unsubscribe

8. Your Rights

Under UK GDPR, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Revoke consent for marketing or cookies

To exercise these rights, contact us at [email protected]

9. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. For detailed information about our cookie practices, please see our Cookie Policy.

Cookie Categories:

  • Necessary Cookies: Essential for website functionality
  • Analytics Cookies: Help us understand website usage
  • Marketing Cookies: Used for targeted advertising

10. Data Security

We implement robust security measures to protect your personal data:

  • SSL/TLS encryption for data transmission
  • Encrypted data storage
  • Regular security audits and penetration testing
  • Staff training on data protection
  • Access controls and authentication
  • Incident response procedures

11. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will delete it immediately.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

13. Changes to This Policy

We may update this privacy policy from time to time. When we make changes, we will:

  • Update the "Last updated" date
  • Notify you via email for significant changes
  • Post a notice on our website
  • Seek your consent if required by law

14. Contact Information

If you have questions about this privacy policy or our data practices, please contact us:

Data Protection Officer
CodeCraft Academy
42 Tech Square, Innovation District
Manchester M1 4BF
United Kingdom

Email: [email protected]
Phone: +44 161 876 5432

15. Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your personal data appropriately:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
United Kingdom

Website: https://ico.org.uk
Phone: 0303 123 1113