Privacy Policy

Last updated:

This Privacy Policy explains how Northmark Soap Academy (“we”, “us”, “our”) collects, uses, and safeguards personal information in connection with our website, training platform, and related services (collectively, the “Services”). By using the Services, you agree to the practices described here.

1. Information We Collect

We collect information you provide directly (e.g., account details, messages) and technical data (e.g., device, usage analytics). No sensitive categories are requested.

1.1 Information you provide

• Account details: name, email address, password (hashed), and optional profile fields you choose to share.
• Communications: messages you send to support or instructors, feedback, reviews, or survey responses.
• Transactions: records of course purchases, enrollment details, and related billing metadata. We do not store full payment card numbers on our servers.

1.2 Information collected automatically

• Usage and device data: IP address, browser type, language, device identifiers, operating system, and referral URLs.
• Activity logs: pages viewed, content interactions, time on page, features used, error logs.
• Approximate location: derived from IP to understand general geographic distribution of users.

1.3 Information from third parties

We may receive limited information from service providers (e.g., payment processors, analytics) as necessary to operate the Services.

2. How We Use Information

To provide courses, personalize content, improve features, and ensure safety. Aggregated insights may be used for product decisions.

2.1 Purposes of processing

• Service delivery: authenticate users, deliver lessons and materials, manage enrollments, and provide customer support.
• Personalization: remember preferences, recommend content, and tailor learning paths.
• Improvement and research: analyze usage to enhance performance, reliability, and user experience.
• Security and integrity: detect, prevent, and respond to fraud, abuse, and technical issues.
• Legal compliance: meet legal obligations, enforce agreements, and resolve disputes.

2.2 Legal bases

Where applicable, processing is based on performance of a contract, legitimate interests (e.g., service improvement, security), consent (e.g., optional communications), and compliance with legal obligations.

3. Cookies and Local Storage

We use strictly necessary cookies and local storage for preferences such as theme, favorites, and cart. You can clear these at any time via your browser.

3.1 Types of cookies

• Essential: required for sign-in, session continuity, and core site functionality.
• Preferences: remember settings such as language and interface mode.
• Performance/analytics: help us understand usage patterns to improve our Services.

3.2 Your choices

• Browser controls: you can block or delete cookies and clear local storage via your browser settings.
• Do Not Track (DNT): our Services respond to browser privacy features where technically feasible.

4. Data Sharing

We do not sell personal information. Limited sharing occurs with service providers performing services on our behalf.

4.1 Service providers

• Hosting, storage, and content delivery networks to run our infrastructure reliably and securely.
• Payment processing for secure transactions; we receive confirmations and limited metadata.
• Analytics to measure and improve performance and user experience.

4.2 Disclosures for legal reasons

We may disclose information where required by law, lawful requests, or to protect rights, safety, and property of our users, the public, or us.

5. Data Retention

We retain data for as long as needed to provide services and comply with legal obligations.

5.1 Typical retention periods

• Account data: retained while your account is active and for a reasonable period thereafter to comply with legal and operational needs.
• Communications: retained as needed to provide support, maintain records, and improve service quality.
• Analytics data: stored in aggregated or de-identified form where feasible.

5.2 Deletion

When data is no longer required, we take steps to delete or de-identify it in a secure and verifiable manner.

6. Your Choices

You can access, correct, or delete certain information. Contact support to exercise rights available to you.

6.1 Access and correction

You may update profile information in your account where available. For other requests, contact support.

6.2 Deletion and portability

Subject to applicable law, you can request deletion of your account or a copy of your data. We may retain certain data as required by law or for legitimate business purposes.

6.3 Communications

You can opt out of non-essential emails by using unsubscribe links. Transactional and service messages may still be sent.

7. Security

We apply administrative, technical, and organizational safeguards to protect information.

7.1 Measures we take

• Encryption in transit using TLS and hardened configurations.
• Access controls, logging, and least-privilege principles for internal systems.
• Regular updates, backups, and monitoring for anomalies.

7.2 Your responsibility

• Use strong, unique passwords and protect your account credentials.
• Keep your devices and browsers up to date.
• Be cautious about sharing personal data in public course areas.

8. Contact

Email: [email protected] — Phone: +1 (415) 915-2048

9. Changes to this policy

We may update this policy from time to time. Material changes will be notified via the Services or by email when appropriate. Continued use of the Services indicates acceptance of the updated policy.