Privacy Policy

What Information We Collect

When you sign up for our courses or reach out to us, we gather a few types of information:

Information You Give Us Directly

• Your name and email address when you register
• Phone number if you choose to provide it
• Payment details (processed through secure third-party services)
• Portfolio work you submit for course projects
• Messages you send through our contact forms

Technical Information

Like most websites, we automatically collect some technical data:

• IP address and general location information
• Browser type and device information
• Pages you visit and how long you stay
• Links you click on our site

How We Use Your Data

We're pretty straightforward about this. Here's what happens with your information:

We won't suddenly start sending you unrelated marketing emails. If we have something genuinely useful to share about 3D level design education, we'll let you know – but you can opt out anytime.

Who We Share Data With

We keep your information within our organization as much as possible. But running an education platform means working with some trusted partners:

Essential Service Providers

• Payment processors: We use established payment services that comply with PCI DSS standards. They handle your card details – we never see or store them.
• Email service: Our email platform helps us send course materials and respond to your messages securely.
• Hosting provider: Our website and course content live on servers maintained by reputable hosting companies.
• Analytics tools: We use basic analytics to understand site performance. No selling of data to advertisers.

Legal Requirements

Romanian law sometimes requires us to share information with authorities. This happens in specific situations like tax audits or if there's a valid legal request. We'll only share what's legally required.

Your Rights Under GDPR and Romanian Law

Since we operate in Romania and serve students here, you have substantial rights over your personal data:

Access and Portability

You can request a copy of all the data we hold about you. We'll provide it in a common format like PDF or CSV within 30 days. This includes your registration details, course progress, and any communications we've had.

Correction and Updates

If something's wrong or outdated, let us know. You can update most information yourself through your student dashboard, or email us for help with the rest.

Deletion (Right to be Forgotten)

Want us to delete your data? We'll do it, with a couple of exceptions: we need to keep financial records for Romanian tax purposes (currently seven years), and we may retain anonymized data for statistical purposes. Everything else goes.

Restriction and Objection

You can ask us to stop processing your data in certain ways. For example, if you're questioning whether we're handling something correctly, we can pause that processing while we work it out.

Withdraw Consent

Wherever we asked for your consent, you can take it back. This won't affect anything we did before you withdrew consent, but we'll stop from that point forward.

To exercise any of these rights, email us at support@spicastynthyion.com. We'll verify your identity (to protect your data from unauthorized requests) and respond within 30 days.

How We Protect Your Information

Security isn't just a checkbox for us. Here's what we do:

• Encryption: All data transmitted to and from our site uses SSL/TLS encryption. Look for the padlock in your browser.
• Access controls: Only staff members who need access to perform their jobs can view student data. We use strong authentication and regular access reviews.
• Regular backups: We maintain encrypted backups stored separately from our main servers.
• Security updates: Our systems receive regular security patches and updates.
• Staff training: Everyone on our team understands data protection principles and their responsibilities.

No system is perfectly secure – that's just reality. But we take reasonable precautions and stay current with security best practices. If we ever experience a data breach affecting your information, we'll notify you and the Romanian supervisory authority as required by law.

Data Retention

We don't keep your data forever. Here's our approach:

Active Student Data

While you're enrolled in courses, we maintain your account and learning materials. Your portfolio projects and progress stay accessible as long as your account is active.

After Course Completion

When you finish a program, we keep your certification records and basic account information for three years. This helps if you need proof of completion or want to access reference materials.

Financial Records

Romanian tax law requires us to keep invoices and payment records for seven years. After that, they're securely deleted.

Marketing Data

If you've only signed up for our newsletter without enrolling, we'll keep your email for two years from your last interaction. After that, we'll remove it unless you're still actively engaging with our content.

You can always request earlier deletion by contacting us – just remember the legal requirements mentioned above.

Cookies and Tracking

We use a few cookies to make the site work properly:

Essential Cookies

These keep you logged in and remember your preferences. They're necessary for the platform to function, so they're not optional.

Analytics Cookies

We use basic analytics to understand which course pages are most helpful and where students might be struggling. This data is anonymized – we're looking at patterns, not tracking individuals.

No Advertising Cookies

We don't use advertising cookies or share data with ad networks. You won't see our ads following you around the internet.

Your browser settings can control most cookies, though blocking essential ones might affect site functionality.

International Data Transfers

We're based in Romania, but some of our service providers operate servers in other countries. When data leaves the EU/EEA, we make sure it's protected through:

• Standard contractual clauses approved by the European Commission
• Working only with providers who maintain GDPR-equivalent protections
• Regular reviews of our providers' security practices

Most of our infrastructure stays within the EU, which simplifies things. When it doesn't, we're careful about who we work with.

Children's Privacy

Our courses are designed for adults. We don't knowingly collect data from anyone under 16 without parental consent, as required by Romanian implementation of GDPR.

If you're under 16 and interested in our programs, please have a parent or guardian contact us. We'll work with them to ensure proper consent and protection of your information.

If we discover we've inadvertently collected data from someone under 16 without proper consent, we'll delete it promptly.

Changes to This Policy

We update this policy occasionally as our practices evolve or laws change. When we make significant changes, we'll email active students and post a notice on our website.

The "Last updated" date at the top shows when we last revised this document. We recommend checking back periodically if you're curious about any updates.

Major changes will come with more prominent notifications and, where required, requests for renewed consent.

Supervisory Authority

While we hope to resolve any privacy concerns directly with you, you have the right to lodge a complaint with Romania's data protection authority:

We take complaints seriously and will cooperate fully with the supervisory authority on any investigations.