Privacy Policy

Last updated: April 2, 2026

This Privacy Policy explains how GDSchool (“we”, “us”, “our”) collects, uses, shares, and protects personal information when you visit or use our website and services. By using the service, you agree to the practices described in this policy.

1) Data we collect

We collect only the information reasonably necessary to provide the service, keep it secure, and meet legal obligations. Depending on how you interact with us, we may collect:

• Account and profile data (e.g., name, email address, password hash, authentication tokens).
• Course and usage data (e.g., course enrollments, progress, completion status, quiz results, timestamps, device/browser details for compatibility and security).
• Billing and transaction data (e.g., plan selection, payment status, invoices/receipts). Payment card details are processed by our payment providers; we do not store full card numbers.
• Support communications (e.g., messages you send to support, attachments you provide, and the context needed to resolve your issue).
• Technical logs (e.g., IP address, error logs, security events) to protect against abuse and diagnose issues.

2) How we use your data

We use your information to:

• Provide and operate the service (create accounts, deliver courses, sync progress, enable purchases).
• Maintain safety and integrity (fraud prevention, abuse detection, rate limiting, account protection).
• Communicate with you (service notices, password resets, support replies).
• Improve reliability and performance (debugging, availability monitoring, aggregated product insights).
• Comply with legal obligations (tax records, lawful requests, accounting).

We do not sell personal data. We use privacy-first measurement practices focused on aggregated insights and do not use cross-site tracking as a business model.

3) Legal bases (where applicable)

Depending on your location, we process personal data under one or more of the following bases:

• Contract (to provide the service you request).
• Legitimate interests (security, fraud prevention, product improvement, customer support), balanced against your rights.
• Consent (for non-essential cookies or optional communications where required).
• Legal obligation (tax, accounting, compliance, responding to lawful requests).

4) Data retention

We retain personal data only as long as necessary for the purposes described in this policy:

• Account data is retained while your account is active and for a limited period after deletion to handle disputes, security, and compliance.
• Transaction records may be retained longer to meet accounting and tax requirements.
• Security logs are retained for a limited period appropriate to detect and investigate abuse.

When data is no longer needed, we delete or anonymize it using reasonable measures.

5) Sharing and third parties

We share information only as needed to deliver the service, comply with the law, and keep the platform secure. This may include:

• Service providers (e.g., hosting, email delivery, payment processing, customer support tools) acting on our instructions.
• Legal and compliance when required to comply with applicable law, regulation, or lawful request.
• Business transfers if we undergo a merger, acquisition, financing, or sale of assets (with appropriate safeguards).

We require service providers to handle data securely and only for the contracted purposes.

6) Cookies and similar technologies

Cookies are small text files stored on your device. We use:

• Essential cookies needed for core features like authentication, session management, and security.
• Preferences cookies used to remember your settings (e.g., language or theme).
• Analytics cookies (if enabled) to understand site performance and improve user experience.

Essential cookies are required for the service to function. You can manage non-essential preferences via the footer banner or your browser settings. Blocking essential cookies may affect the site’s functionality.

7) Your rights

Depending on your jurisdiction, you may have rights over your personal information, including:

• Access and obtain a copy of your data.
• Request corrections to inaccurate or incomplete data.
• Request deletion (where applicable).
• Object to or restrict certain processing.
• Data portability (where applicable).
• Opt out of non-essential cookies where required by law.

To exercise your rights, contact us using the details below. We may need to verify your identity before fulfilling requests.

8) Children’s privacy

Our services are not intended for children under 13 (or the minimum age required in your jurisdiction). If you believe a child has provided personal information, contact us and we will take appropriate steps to delete it.

9) Security

We implement reasonable technical and organizational measures to protect personal data from unauthorized access, loss, misuse, alteration, or disclosure. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

10) International transfers

If you access the service from outside the country where our systems or providers are located, your data may be transferred and processed across borders. We take steps to protect your data consistent with this policy and applicable law.

11) Changes to this policy

We may update this policy from time to time to reflect changes in our practices or legal requirements. We will update the “Last updated” date at the top of this page. Material changes may be communicated through the service.

12) Contact

If you have questions, requests, or concerns about this Privacy Policy or our data practices, contact us:

• Email: [email protected]
• Phone: +1 (415) 555-0192