Back to catalog

Privacy Policy

Effective Date: February 27, 2026

Last Updated: February 27, 2026

This Privacy Policy explains how Academia ("we", "us", "our") collects, uses, stores, and shares personal data when you use our website, courses, and related services (the "Platform").

1. Data We Collect

We may collect:

  1. Account data: email, password hash, role, verification status, last login.
  2. Profile data: country/location, language, and settings you provide.
  3. Learning data: enrolled courses, purchases, progress, module/page history, quiz results.
  4. Technical data: device/browser info, IP-derived analytics signals, session and event logs.
  5. Payment data: payment metadata from Stripe (we do not store full card numbers).

2. How We Use Data

We use data to:

  1. Create and secure your account.
  2. Provide access to courses and track your progress.
  3. Process purchases and entitlements.
  4. Send required emails (verification, password reset, receipts, security alerts).
  5. Improve product quality, content, and user experience.
  6. Detect fraud, abuse, and policy violations.

3. Analytics (Google Analytics)

We use Google Analytics to understand usage patterns and improve the Platform. Google Analytics may collect information such as page visits, interactions, browser type, and approximate location based on IP.

Where applicable, analytics operates based on your consent preferences (for example through our cookie/privacy banner). You can also limit tracking by using browser privacy controls, blocking cookies, or Google opt-out tools.

4. Cookies and Local Storage

We use cookies and local storage for authentication, settings, learning continuity, and analytics preferences. Some storage is required for core functionality and security.

Name Type Purpose Duration Required
academia_auth Cookie (httpOnly, Secure) Authentication session — keeps you signed in between page loads. Set on login, cleared on sign-out. 7 days Yes
academia_privacy_consent localStorage Stores your cookie/analytics consent choices so we do not ask again on every visit. Persistent (until cleared) No
_ga Cookie (Google Analytics 4) Distinguishes unique visitors for aggregate traffic analysis. Only set when analytics consent is granted. 2 years No (consent required)
_gid Cookie (Google Analytics 4) Distinguishes users for daily session counting. Only set when analytics consent is granted. 24 hours No (consent required)
Plausible No cookies Privacy-friendly, cookieless analytics for anonymous visitor counts and funnel measurement. No personal data stored. n/a No

5. Legal Basis

Depending on your jurisdiction, we process data based on one or more of the following:

  1. Performance of a contract (providing the Platform).
  2. Legitimate interests (security, quality, fraud prevention).
  3. Consent (analytics/preferences where required).
  4. Compliance with legal obligations.

6. How We Share Data

We may share data with service providers that support the Platform, including:

  1. Payment processing — Stripe, Inc. (United States). Stripe processes payment card data and purchase records on our behalf. See Stripe's Privacy Policy and Data Processing Agreement.
  2. Email delivery — transactional emails (verification codes, password resets) are sent via an SMTP provider. No marketing lists are shared.
  3. Analytics — Google Analytics 4 (Google LLC, United States), loaded only when you grant analytics consent. See Google's Privacy Policy and Data Processing Terms. We also use Plausible Analytics (cookieless, no personal data stored).
  4. Infrastructure and hosting providers.

We do not sell personal data.

7. Data Retention

We keep personal data only as long as needed for service delivery, legal compliance, dispute resolution, and enforcement of agreements. Retention periods may vary by data type and legal requirements.

8. Security

We use reasonable technical and organizational measures to protect data, including encrypted transport (HTTPS), access controls, and secure password handling. No method of transmission or storage is fully risk-free.

9. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to processing of your personal data, and to request portability where applicable.

To exercise rights, contact us using the details below.

10. Children

The Platform is not intended for children under 13. If we learn we collected data from a child under 13 without proper authorization, we will take steps to delete it.

11. International Transfers

Your data may be processed in countries other than your own. Where required, we use appropriate safeguards for cross-border transfers.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will be posted on this page with an updated "Last Updated" date.

13. Contact

Email: contact@core-dynamics.io

Company: CoreDynamics

Address: Dubai PO: 9581