Privacy Policy
This Privacy Policy explains what personal data we collect when you visit this website or buy the course, why we collect it, and what your rights are. We collect the minimum we need to run the business.
1. Who we are
The Online Safety Course for Families ("we", "us", "our") is the data administrator (data controller) for any personal data collected through this website and through the course.
To exercise your data rights or ask any privacy question, email us at info@onlinesafetycourseforfamilies.com.
2. What we collect
When you visit the website
- Standard server logs: IP address, browser type, referrer, pages visited, timestamps.
- Cookies set by analytics tools, where used, to understand how visitors interact with the site.
When you buy the course
- Your name and email address, used to deliver your access link and receipts.
- Billing information, collected and processed by our payment processor. We do not see or store your card details.
- Your purchase history: which products, when, at what price.
When you receive our emails
- Your email address and engagement data (whether emails were opened or clicked), so we can stop sending if you are no longer engaging.
When you contact us
- Whatever you write in your message and the email address you send it from.
3. Why we collect it (and the legal basis)
| Purpose | Legal basis (GDPR) |
|---|---|
| Deliver the course you paid for | Performance of contract |
| Send the included monthly Scam Alert emails for 12 months | Performance of contract (included with purchase) |
| Send transactional emails (receipts, refund confirmations, updates about your purchase) | Performance of contract |
| Provide customer support | Performance of contract / legitimate interest |
| Comply with tax and accounting obligations | Legal obligation |
| Improve the website using analytics | Legitimate interest, with consent where required |
| Send marketing emails beyond the included Scam Alerts | Consent (you can opt in or out any time) |
4. Who we share data with
We share the minimum necessary with trusted service providers:
- Payment processor (currently Lemon Squeezy): processes your purchase, handles billing, manages refunds. They act as an independent data controller for payment data under their own privacy policy.
- Email delivery provider: sends our Scam Alert and transactional emails on our behalf.
- Hosting provider: hosts this website and stores standard access logs.
- Analytics provider, where used: receives anonymized or pseudonymized site usage data.
We do not sell your data. We do not share your data with advertisers. We do not share your data with anyone else for marketing purposes.
5. International data transfers
Some of our service providers are based outside the European Economic Area (EEA) or the United Kingdom. Where personal data is transferred outside the EEA or UK, we rely on Standard Contractual Clauses or other safeguards approved under the GDPR.
6. How long we keep your data
- Purchase records: as long as required by tax and accounting law in our jurisdiction (typically 5 to 7 years).
- Email subscriptions: until you unsubscribe, plus a short period for record-keeping.
- Support correspondence: typically 2 years after the conversation ends.
- Analytics: typically 14 months, in aggregated form.
7. Your rights
If you are in the EEA, the UK, or a similar jurisdiction, you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Delete your data ("right to be forgotten"), subject to our legal retention obligations.
- Restrict or object to processing.
- Receive your data in a portable format.
- Withdraw consent at any time, for processing based on consent.
- Lodge a complaint with your local data protection authority. In Poland this is the President of the Personal Data Protection Office (UODO), uodo.gov.pl.
To exercise any of these rights, email info@onlinesafetycourseforfamilies.com. We respond within 30 days.
If you are in California, you have similar rights under the CCPA and CPRA, including the right to know what we collect, request deletion, and opt out of any sale of personal information. We do not sell your personal information.
8. Cookies
This website may use a small number of cookies:
- Essential cookies: required for the site to function. No consent needed.
- Analytics cookies: help us understand how visitors use the site. We use these only with your consent, where required by law.
You can refuse non-essential cookies through any cookie banner shown on the site, or by configuring your browser to block them.
9. Children
This website and the course are intended for adults. We do not knowingly collect personal data from anyone under 16. If you believe we have collected such data, contact us and we will delete it.
10. Security
We take reasonable technical and organizational measures to protect your data. No system is 100% secure. In the event of a personal data breach affecting your data, we will notify you and the relevant authorities as required by law.
11. Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent version. Material changes will be communicated by email to active customers where appropriate.