List of active policies
| Name | Type | User consent |
|---|---|---|
| Privacy Policy and Data Processing Information | Privacy policy | All users |
Summary
This policy explains how we handle your personal data. Key points include:
Purpose: We process data to provide educational services and manage your account.
Retention: Data is kept only as long as necessary (usually for the duration of your studies plus legal record-keeping periods).
Location: Your data is securely stored on servers located in Brazil.
Your Rights: You have the right to access, correct, or delete your data at any time.
Full policy
1. Legal Basis and Purpose of Processing
We process your personal data based on the following legal grounds:
Performance of a Contract: Necessary to provide access to the learning platform, manage course enrollments, and track academic progress.
Legal Obligation: To comply with tax, accounting, and educational regulatory requirements.
Legitimate Interest: To ensure the security and integrity of the platform, troubleshoot technical issues, and improve our services.
Consent: For specific additional activities (e.g., newsletters) where you have provided explicit permission.
2. Data Retention Period
We adhere to industry-standard retention periods for IT and educational services:
Active Account Data: Stored for the duration of your active registration.
Inactive Accounts: Accounts with no login activity for more than 2 years will be automatically deactivated and deleted or anonymized.
System and Security Logs: Technical logs (IP addresses, activity logs) are retained for 12 months for security auditing and protection.
Backup Data: System backups are kept for a maximum of 90 days for disaster recovery purposes.
Educational Records: Records of course completions and certificates are retained for 10 years for future verification.
Financial Records: Invoices and payment data are stored for 10 years as required by law.
3. International Data Transfers (Storage in Brazil)
Your personal data is processed and stored on secure servers managed by our technology partner, Adapta Soluções Tecnológicas, an official Moodle Certified Partner based in Brazil.
Since the servers are located outside the European Economic Area (EEA), we have implemented strict measures to ensure that your data receives a level of protection equivalent to that within the EU:
Standard Contractual Clauses (SCCs): We have entered into a formal agreement with Adapta that incorporates the Standard Contractual Clauses approved by the European Commission. These clauses legally obligate the provider to maintain data protection standards equivalent to the GDPR.
Technical Security: Adapta’s infrastructure employs advanced data encryption and undergoes regular security audits in accordance with global standards for e-learning platforms.
Regulatory Compliance: In addition to our contractual requirements, the provider is bound by the Brazilian Federal Law LGPD (Lei Geral de Proteção de Dados), which provides a robust legal framework for privacy and personal data protection, closely aligned with European standards.
4. Your Rights as a Data Subject
Under the GDPR, you have the following rights regarding your data:
Right of Access: To request a copy of the personal data we hold about you.
Right to Rectification: To have inaccurate or incomplete data corrected.
Right to Erasure ("Right to be Forgotten"): To request deletion of your data when it is no longer needed.
Right to Restriction: To limit how we use your data in certain circumstances.
Right to Data Portability: To receive your data in a structured, machine-readable format.
Right to Object: To object to processing based on legitimate interests.
To exercise any of these rights, please contact our YOUniversity representative at youniversity@nidec-ga.com