Privacy Policy

1. Purpose and Scope

This Privacy Policy applies to:

• Visitors to our website and mobile applications
• Registered learners, course creators, and institutional users
• Customers who use our paid/free products or services
• Third-party integrations and affiliates associated with Goacad

It outlines how Goacad collects, uses, stores, and protects your data to provide a secure and personalized learning experience.

2. Information We Collect

3. Legal Basis for Processing

Depending on your location, we process your data under one or more of the following legal bases:

• Consent: When you give explicit permission (e.g., subscribing to newsletters).
• Contract necessity: To provide services you request (e.g., course access).
• Legal obligation: To comply with applicable laws.
• Legitimate interests: To improve our services and maintain platform security.

You can withdraw your consent at any time by contacting us (see section 14).

4. How We Use Your Information

We use collected data to:

• Create and manage user accounts
• Deliver courses and educational content
• Provide technical support and respond to inquiries
• Personalize learning experiences
• Send important updates and promotional offers (with consent)
• Prevent fraud, ensure security, and comply with legal obligations
• Analyze site usage and improve services

5. Data Sharing and Disclosure

We may share data with:

• Service Providers: Hosting, analytics, payment gateways, and email providers
• Partners and Affiliates: To host or distribute courses on Goacad
• Legal Authorities: If required by law or to protect our legal rights
• International Transfers: Data may be processed in other countries (including the USA). We ensure appropriate safeguards, such as EU Standard Contractual Clauses (SCCs), for cross-border transfers.

6. Data Retention

We retain personal information only for as long as necessary:

• Account data: while your account is active or required for services
• Transaction data: retained as per legal and accounting requirements
• Analytics and cookie data: retained for a limited duration to improve functionality

When no longer needed, data is securely deleted or anonymized.

7. Cookies and Tracking Technologies

8. Security of Your Data

We use technical, administrative, and physical safeguards to protect your information, including:

• Encryption of data in transit and at rest
• Secure access controls
• Regular system audits and vulnerability assessments

While we strive to ensure maximum security, no system is 100% secure.

9. User Rights and Controls

Depending on your region, you may have the right to:

• Access and obtain a copy of your personal data
• Correct or update inaccurate information
• Request deletion ("right to be forgotten")
• Restrict or object to processing
• Withdraw consent at any time
• Request data portability

To exercise these rights, contact us at privacy@goacad.com with proof of identity.

10. Marketing Preferences

You may opt in or out of receiving marketing communications anytime.

• Each promotional email includes an unsubscribe link.
• Transactional or essential service messages cannot be unsubscribed from.

11. Children's Privacy

Goacad provides educational content for all age groups, including minors, but children under 13 (or the legal age in your region) must have verifiable parental or guardian consent before creating an account or enrolling in a course.

12. Cross-Border Data Transfers

Data collected may be stored or processed on servers located in Nepal, the USA, or other regions. We implement strict contractual and technical safeguards to protect data transferred outside your country.

13. Automated Decision-Making and Profiling

Goacad may use limited automated analytics (e.g., course recommendations) but does not make decisions with legal or significant effects on users without human review.

14. Data Protection Contact

For privacy-related questions, concerns, or complaints:

15. Changes to This Policy

We may update this Privacy Policy to reflect operational, legal, or regulatory changes. Updates will be posted here with a new "Effective Date." Significant changes will be notified by email or platform notice.

16. Complaints and Supervisory Authority

If you believe your privacy rights have been violated, you may contact your local data protection authority. We encourage users to contact us first for prompt resolution.

17. Third-Party Links and Services

Our platform may contain links to external websites or partner platforms. We are not responsible for their privacy practices or content. Please review their policies separately.

18. Data Breach Notification

In the event of a data security incident affecting your information, Goacad will notify affected users and relevant authorities as required by applicable laws.