General Data Protection Regulation (GDPR) Compliance

Last Updated: February 20, 2025

Nipaxer is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This document explains how we collect, use, store, and protect your personal information.

1. Data Controller

Nipaxer operates as the data controller for personal data collected through our platform. You can contact us at:

• Email: contact@nipaxer.com
• Phone: +380661770807
• Address: Holovna St, 246, Chernivtsi, Chernivtsi Oblast, Ukraine, 58000

2. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: You have given clear consent for us to process your personal data for specific purposes
• Contractual necessity: Processing is necessary to fulfill our service agreement with you
• Legal obligation: Processing is required to comply with applicable laws
• Legitimate interests: Processing is necessary for our legitimate business interests, provided these do not override your rights

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information You Provide

• Name and contact details (email address, phone number)
• Account credentials (username, password)
• Profile information and preferences
• Payment and billing information
• Communications and correspondence with us
• Learning progress and course completion data

3.2 Information Automatically Collected

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, time spent, interactions)
• Cookies and similar tracking technologies
• Log files and technical data

4. How We Use Your Personal Data

We process your personal data for the following purposes:

• Providing and managing access to our educational platform
• Processing registrations and maintaining your account
• Delivering course content and tracking learning progress
• Processing payments and managing billing
• Communicating with you about our services
• Improving and personalizing user experience
• Ensuring platform security and preventing fraud
• Complying with legal obligations and resolving disputes
• Analyzing usage patterns to enhance our services
• Sending marketing communications (with your consent)

5. Data Sharing and Disclosure

We may share your personal data with:

5.1 Service Providers

Third-party vendors who perform services on our behalf, including hosting, payment processing, analytics, and customer support. These providers are contractually obligated to protect your data.

5.2 Legal Requirements

Authorities and organizations when required by law, regulation, legal process, or governmental request.

5.3 Business Transfers

Potential buyers or investors in the event of a merger, acquisition, or sale of assets. Your data would remain subject to existing privacy commitments.

We do not sell your personal data to third parties.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions recognizing equivalent data protection
• Other legally approved transfer mechanisms

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this document, unless a longer retention period is required by law. Retention periods vary based on:

• The nature of the data collected
• The purpose for which it was collected
• Legal, accounting, or regulatory requirements
• Whether an ongoing relationship exists

When data is no longer needed, we securely delete or anonymize it.

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

8.1 Right of Access

You can request confirmation of whether we process your personal data and obtain a copy of that data.

8.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

8.3 Right to Erasure

You can request deletion of your personal data when it is no longer necessary for the purposes collected, when you withdraw consent, or when you object to processing.

8.4 Right to Restriction

You can request limitation of processing in certain circumstances, such as when contesting accuracy or objecting to processing.

8.5 Right to Data Portability

You can receive your personal data in a structured, commonly used format and transmit it to another controller.

8.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

8.7 Right to Withdraw Consent

When processing is based on consent, you can withdraw that consent at any time.

8.8 Right to Lodge a Complaint

You can file a complaint with your local data protection authority if you believe your rights have been violated.

9. Exercising Your Rights

To exercise any of your rights, contact us at contact@nipaxer.com. We will respond to your request within one month, though complex requests may require up to three months. We may request additional information to verify your identity before processing your request.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication mechanisms
• Employee training on data protection
• Incident response procedures

While we strive to protect your data, no method of transmission or storage is completely secure. We cannot guarantee absolute security.

11. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.

12. Automated Decision-Making

We may use automated processing to personalize learning experiences and recommend content. You have the right to object to automated decision-making and request human intervention in decisions that significantly affect you.

13. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance functionality, analyze usage, and personalize content. You can control cookie settings through your browser. For detailed information, please refer to our Cookie Policy.

14. Third-Party Links

Our platform may contain links to external websites not operated by us. We are not responsible for the privacy practices of third-party sites. We encourage you to review their privacy policies.

15. Changes to This Document

We may update this GDPR compliance document periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated document on our website and updating the effective date. Continued use of our services after changes constitutes acceptance of the revised terms.

16. Data Protection Officer

For questions or concerns about how we handle your personal data, you may contact our data protection team at contact@nipaxer.com.

17. Contact Information

If you have questions, concerns, or requests regarding this GDPR compliance document or our data practices, please contact us:

• Email: contact@nipaxer.com
• Phone: +380661770807
• Postal Address: Nipaxer, Holovna St, 246, Chernivtsi, Chernivtsi Oblast, Ukraine, 58000