Privacy Policy

At Rumi University, we are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our online course platform (the “Service”).

We understand the sensitive nature of the topics we cover—mental health, decision-making, leadership, and life transitions. Your trust is paramount, and we take extra care to protect your personal data and maintain the confidentiality of your learning activities.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, please do not use the Service.

This Privacy Policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Personal Information You Provide

When you register for an account or use the Service, we collect:

• Account Information: Name, email address, password (encrypted)
• Profile Information: Optional profile details you choose to provide
• Payment Information: Billing details (processed securely through third-party payment processors)
• Course Progress: Lessons completed, quiz scores, certificates earned
• Communications: Messages you send to our support team or through contact forms

Information Automatically Collected

When you access the Service, we automatically collect:

• Device Information: IP address, browser type, operating system
• Usage Data: Pages visited, time spent on pages, courses accessed
• Log Data: Server logs including access times and error reports
• Cookies and Tracking: See Section 6 for detailed information

Sensitive Information

We do not intentionally collect sensitive personal information such as health data, racial or ethnic origin, political opinions, or religious beliefs. While our courses cover mental health topics, we do not require you to disclose your personal mental health status or history.

We use the information we collect to:

Provide and Improve the Service

• Create and manage your account
• Process course enrollments and payments
• Track your learning progress and issue certificates
• Deliver course content and educational materials
• Provide customer support and respond to inquiries
• Improve our courses and platform functionality

Communication

• Send important service announcements and updates
• Provide course recommendations based on your interests
• Send educational content and learning tips (with your consent)
• Respond to your questions and support requests

Security and Legal Compliance

• Detect and prevent fraud, abuse, and security threats
• Comply with legal obligations and enforce our Terms of Service
• Protect the rights and safety of our users and the platform

Analytics and Research

• Analyze usage patterns to improve educational outcomes
• Conduct research on learning effectiveness (anonymized data only)
• Generate aggregated, non-identifiable statistics

We Do Not Sell Your Personal Information

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Limited Sharing with Service Providers

We may share your information with trusted third-party service providers who assist us with:

• Payment Processing: Secure payment gateways to process transactions
• Email Services: Email delivery platforms for course communications
• Cloud Hosting: Secure servers to host the platform and store data
• Analytics: Tools to understand platform usage and improve services

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

Legal Requirements

We may disclose your information if required to:

• Comply with legal obligations, court orders, or government requests
• Enforce our Terms of Service or protect our legal rights
• Prevent fraud, security threats, or illegal activity
• Protect the safety and rights of our users and the public

Business Transfers

If Rumi University is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change and provide you with choices regarding your information.

Anonymized Data

We may share aggregated, anonymized data that cannot identify you personally for research, analytics, or educational purposes.

Security Measures

We implement industry-standard security measures to protect your personal information, including:

• Encryption of data in transit using SSL/TLS protocols
• Secure password hashing and storage
• Regular security audits and vulnerability assessments
• Access controls limiting employee access to personal data
• Secure backup systems to prevent data loss

Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy. Specifically:

• Account Data: Retained while your account is active
• Course Progress: Retained to maintain your learning history and certificates
• Communications: Retained for customer support and legal purposes
• Payment Records: Retained as required by law for tax and financial compliance

When you delete your account, we will delete or anonymize your personal information within 90 days, except where we must retain it for legal obligations.

No Absolute Security

While we strive to protect your personal information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your data using reasonable and appropriate measures.

What Are Cookies?

Cookies are small text files stored on your device that help us provide and improve the Service. We use cookies and similar tracking technologies to remember your preferences, analyze usage, and enhance your learning experience.

Types of Cookies We Use

• Essential Cookies: Required for the Service to function (e.g., authentication, security)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how you use the platform to improve it
• Performance Cookies: Monitor platform performance and loading times

Managing Cookies

You can control and manage cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service. Most browsers allow you to:

• View and delete cookies
• Block third-party cookies
• Block all cookies (may impact functionality)
• Clear cookies when you close your browser

Third-Party Analytics

We may use third-party analytics services to help us understand platform usage. These services may use cookies to collect information about your use of the Service. We ensure these providers are contractually obligated to protect your privacy.

You have certain rights regarding your personal information. Depending on your location, these rights may include:

Access and Portability

• Right to Access: Request a copy of the personal information we hold about you
• Data Portability: Receive your data in a structured, machine-readable format

Correction and Deletion

• Right to Rectification: Correct inaccurate or incomplete personal information
• Right to Erasure: Request deletion of your personal information (subject to legal exceptions)

Control and Objection

• Right to Object: Object to certain processing of your personal information
• Right to Restrict: Request restriction of processing in certain circumstances
• Withdraw Consent: Withdraw consent for marketing communications at any time

California Residents (CCPA Rights)

If you are a California resident, you have additional rights including:

• Right to know what personal information we collect and how it's used
• Right to delete personal information (subject to exceptions)
• Right to opt-out of the sale of personal information (we do not sell your data)
• Right to non-discrimination for exercising your privacy rights

European Residents (GDPR Rights)

If you are in the European Economic Area, you have rights under GDPR including those listed above, plus:

• Right to lodge a complaint with a supervisory authority
• Right to restrict automated decision-making and profiling

Exercising Your Rights

To exercise any of these rights, please contact us at privacy@rsoleducation.com. We will respond to your request within 30 days (or as required by applicable law).

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18.

If we become aware that we have collected personal information from a child under 18 without verification of parental consent, we will take steps to delete that information as quickly as possible.

If you believe we have collected information from a child under 18, please contact us immediately at privacy@rsoleducation.com.

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those of your country.

We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy when transferred internationally. These safeguards include:

• Using Standard Contractual Clauses approved by the European Commission
• Ensuring third-party service providers meet adequate data protection standards
• Implementing technical and organizational security measures

By using the Service, you consent to the transfer of your information to countries outside your country of residence, including countries that may not provide the same level of data protection.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes to this Privacy Policy, we will:

• Update the “Last updated” date at the top of this page
• Notify you via email or through a prominent notice on the Service
• Provide you with an opportunity to review the changes

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the revised policy. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at dpo@rsoleducation.com.