Privacy Policy
This Privacy Policy aims to help you understand what information we collect, why we collect it, and how you can manage your information.
Why do we collect information from you?
There are three reasons:
-
Provide our services to you. (This data processing is necessary to provide or fulfil a service requested by or for you.)
-
Maintain and improve our services. (This data allows us to understand our customers, their interaction with our website and improve our website to better serve our customers. We may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information. Data processing for analytical and operational improvement purposes is a legitimate business interest. Data processing for security purposes is a legitimate business interest.)
-
For marketing purposes. (We will only send you marketing communications and updates about our products, services and events with your prior consent, where required by law or otherwise in our legitimate interests provided these interests do not override your right to object to such communications. You can withdraw your consent at any time.)
How long do we store data?
Client data such as registration details, company details, data stored by the client in our learning platforms, is stored as long as the client is registered to use our learning platforms. After the 30-day Free Trial if the user does not upgrade to a paid plan, their registration is terminated and we delete their data.
Personal data gathered through the website is stored until the user decides that they don't want to receive updates from us anymore. We use email marketing to communicate with these contacts and there is an "Unsubscribe" option available in each email. If a person does not interact with us for a period longer than one year, we will delete the contact information from our database.
Where do we store data?
Data is stored on AWS on secure AMAZON servers located in Ireland.
Contracted sub-services (data processors) in the background of our service:
-
AMAZON AWS (Server and database and file storage),
-
GOOGLE (web analytics, company mail hosting services),
-
STRIPE (Billing and subscription data and credit card data).
You can be a user of the CourseGarden system in two different ways:
-
You can be a subscriber, CourseGarden instance owner
-
or You can be an invited collaborator in one or more scenes of a CourseGarden instance
There are two main types of data regarding its source:
-
Provided data: information provided by the user and,
-
inferred data: generated by a system and not explicitly provided by the user.
Provided data:
Information such as your name, company name, email address, postal address and any other contact details, and any other content that you provide, type, upload and submit by completing forms on the Site or using the Service (including information about you if you register as a user or subscribe to a Service).
Inferred data:
We may automatically collect certain information about the computer or other devices that you use to access the Site or use the Services, including mobile devices, through commonly-used information-gathering tools, such as cookies and web beacons (see our Cookies section).
We may also collect information when you access our service: unique device identifiers and other information about your mobile phone or other mobile devices such as your Internet Protocol ("IP") address, browser types, browser language, operating system, the state or country from which you accessed the Services;
We may also collect information related to the ways in which you interact with the Services, such as referring and exit pages and URLs, platform type, the number of clicks, loaded and viewed pages, accessing and using functions, the amount of time spent on particular pages, the date and time you used the Services, error logs, and other similar information.
Security
Security mechanisms followed by CourseGarden. All communications are over HTTPS, all personal passwords are hashed. Our servers on servers are hosted in Amazon AWS on their own secure virtual environment.
Our system is designed to keep tight rules. Users only access data just in the appropriate scope. You as subscriber, CourseGarden instance owner can easily prevent selected users from logging in, revoke their access rights, or delete them entirely if necessary. You can fine tune your CourseGarden site security by specifying which operations can be performed by specific roles and users.
CourseGarden supports CourseGarden instance owner to supplement this Privacy Policy with instance specific declarations for the invited clients. This feature gives clients the possibility to require invited users to accept the supplemented privacy policy.
How do we use shared data to access cloud storage (eg. Google Drive and DropBox)?
We use the authentication information provided by users for only accessing the files in cloud storage. Google Drive or DropBox cloud of the user if they use this integration in our platform. We don't alter in any way the user data in the cloud storages, and we only store and read data if the user wants this. We do not use cloud storage authentication data in any other way.
GDPR
For the purposes of the EU General Data Protection Regulation ("GDPR"), in the cases where we gather data through our websites, we are the "data controller". In the case of the subscriber users, CourseGarden instance owner use our service as a tool for their purposes, we are the "data processor".
Statements:
Remember, when you share information with others, your content may become accessible through the system. The information you provide as part of the functional collaboration with other users, means you disclose this information for them and it is not private any more. The regulation of this kind of information is based on the CourseGarden instance level supplementary privacy policy agreement of the collaboration group. That is why it is essential to read, know and accept the instance level collaboration agreement provided by the instance owner.
CourseGarden Inc. as data controller
-
We as data controller described above on a legal basis by performance of an agreed user contract came into force by accepting the terms of service.
-
The users may ask to be forgotten explicitly by activating the appropriate function on the website, or it automatically happens according to our Privacy Policy.
Removing & deleting your information
If you are an invited collaborator and your participation and data handling were based on your prior consent, then you can revoke your consent and all the personal data will be anonymized. You can only delete data that hasn't been restricted or publicly published earlier.
Children
Our Services do not target and are not intended to attract children under the age of 16. If you are under 16 in your country of residence, please ask your parent or guardian to help to find a way of legal use. Based on responsibilities of and agreements with your data controller of CourdseGarden instance owner joining may be legal.
Cookies
Our Site uses cookies and/or other similar technologies to enhance & customize your user experience. Cookies are small text files placed on your device that enable us to remember your device, and which can be used to manage a range of features and content as well as storing searches and presenting personalized content. We use this information to ensure the proper functioning and security of our Site and Services and to optimize our Site or Services.
What kind of Cookies do we use?
Session and persistent cookies. We use both session cookies and persistent cookies. A session cookie is used to identify a particular visit to our site. These cookies expire after a short time, or when you close your web browser after using our Services. We use these cookies to identify you during a single browsing session. A persistent cookie will remain on your devices for a set period of time specified in the cookie. We use these cookies where we need to identify you over a longer period of time. For example, we would use a persistent cookie if you asked that we keep you signed in.
Business Transfers
We reserve the right to disclose and transfer all of your information, to a successor (or potential successor) the company in connection with a merger, acquisition, or sale of all, or components, of our business, or in connection with due diligence associated with any such transaction. Data processing for this purpose is a legitimate business interest.
Changes
Coursegarden Inc. reserves the right to change this Policy from time to time. Please check this page periodically for changes. If we make any material changes to this Policy we will notify you before they take effect either through the Site or by sending you a notification. Any such material changes will only apply to personal information collected after the revised Policy took effect.
Contact us:
If you have any questions, comments, or concerns regarding this Policy or CourseGarden Inc. privacy practices, they may be submitted via email to info@coursegarden.com, or in writing by addressing your inquiries to:
Personal data protection you can contact directly to our DPO (Data Protection Officer): dpo@coursegarden.com
CourseGarden Inc.
2035 Sunset Lake Rd Suite B-2.
Newark, DE 19702
info@coursegarden.com
CourseGarden
coursegarden.com