Privacy Policy

When you interact with Lasterina, we collect several types of information to make your learning experience work properly. Some of this you provide directly—like when filling out forms—while other data gets collected automatically as you navigate through courses and features.

• Communication Records: We keep copies of messages you send through our support system, feedback forms, or email correspondence. This helps us resolve issues efficiently and improve our services based on user input.
• Social Media Information: If you connect your social media accounts or sign in through third-party authentication services, we receive basic profile information that those platforms share with us according to your settings there.
• Preferences and Settings: Your customization choices—like notification preferences, language settings, accessibility options, and content filters—are stored to maintain your personalized experience across sessions.
• Cookies and Similar Technologies: We use cookies, web beacons, and local storage to remember your login status, track your preferences, and analyze how you use our platform. You can control cookie settings through your browser, though some features might not work properly without them.

Every piece of information we collect serves specific purposes that ultimately benefit your learning experience. We're not in the business of hoarding data—we use what we need to run an effective educational platform and nothing more.

The primary reason we collect your data is to provide and deliver the educational services you signed up for. This means granting you access to courses, tracking your progress, issuing certificates upon completion, and enabling communication with instructors and fellow learners. Without this foundational data, the platform simply couldn't function as an interactive learning environment.

Platform improvement is another major use case. By analyzing aggregate usage patterns, we can identify which course features work well and which need refinement. If students consistently struggle with a particular lesson format, that's valuable feedback for our content creators. Your data helps us make evidence-based decisions rather than guessing what learners need.

• Communication and Support: We use your contact information to send important updates about your courses, respond to support inquiries, and notify you about platform changes. Promotional communications happen too, but you can always opt out of marketing messages while still receiving essential service notifications.
• Security and Fraud Prevention: Your IP address and device information help us detect suspicious login attempts or unauthorized account access. We analyze usage patterns to identify potential security threats or fraudulent activities before they affect your account or other users.
• Legal Compliance and Protection: Sometimes we're legally required to retain certain data or provide it to authorities under valid legal process. We also use information to enforce our terms of service, protect intellectual property rights, and resolve disputes that may arise.
• Research and Development: Aggregated, anonymized data helps us understand learning trends and develop new features. For example, if we notice students generally prefer video content over text lessons, that informs future course development priorities.

Running a modern educational platform means working with specialized service providers who help us deliver better experiences. These third parties have their own privacy practices, and while we choose partners carefully, you should be aware of how external tools fit into the picture.

Analytics services help us understand how users navigate our platform and where they encounter difficulties. These tools collect information about page views, click patterns, session duration, and user flows. We use this data to improve navigation, optimize page load times, and make the platform more intuitive. The analytics providers we work with typically anonymize and aggregate this data, though some tracking cookies may be involved.

• Email Service Providers: Our email communications go through specialized email platforms that handle delivery, track open rates, and manage subscription preferences. These providers process your email address and engagement metrics to help us send relevant, timely messages.
• Customer Support Tools: When you contact support, we use ticketing systems and live chat platforms that may store conversation history and contact details. These tools help our support team provide faster, more informed assistance.
• Cloud Infrastructure Providers: Our platform runs on cloud servers managed by major infrastructure providers. These companies process and store your data as part of providing hosting services, though they're contractually bound to protect it and can't use it for their own purposes.

We maintain agreements with all third-party service providers that require them to protect your data and use it only for the purposes we've specified. That said, once data leaves our direct control, those providers' own security practices and policies apply. We regularly review our vendor relationships to make sure they maintain appropriate safeguards.

Protecting your information isn't just about having good intentions—it requires concrete technical measures and ongoing vigilance. We've built multiple layers of security into our platform because a single approach is never enough.

All data transmitted between your device and our servers travels through encrypted connections using industry-standard TLS protocols. This means anyone trying to intercept your data would see only meaningless encrypted strings. At rest, sensitive information like passwords gets encrypted using strong cryptographic algorithms before storage. We never store passwords in plain text, period.

• Regular Security Assessments: We conduct periodic security audits and vulnerability testing to identify potential weaknesses before they can be exploited. Our development team follows secure coding practices and reviews code for security issues before deployment. Third-party security experts periodically assess our defenses from an outside perspective.
• Data Minimization Practices: We collect only the information actually needed to provide our services. If we don't need it, we don't ask for it. We also regularly review stored data and delete information that's no longer necessary for operational or legal purposes. This reduces both your exposure and our liability.
• Incident Response Procedures: Despite our best efforts, no system is completely immune to security incidents. We maintain detailed response plans for potential data breaches, including procedures for containing the incident, assessing impact, and notifying affected users promptly if required by law.
• Employee Training and Awareness: Our team receives regular training on data protection best practices, privacy regulations, and social engineering threats. Many breaches result from human error, so keeping our people informed is as important as technical safeguards.

We also recognize that data protection isn't purely technical. Our organizational policies emphasize privacy by design, meaning we consider data protection implications when developing new features rather than bolting on security as an afterthought. It's easier to build privacy in from the start than to retrofit it later.

Data protection laws vary across jurisdictions, and we work to comply with applicable regulations wherever we operate. Depending on your location, you may have specific rights regarding your personal information that we're legally obligated to honor.

We respect your rights to access, correct, delete, or restrict processing of your personal data where such rights apply. You can typically manage much of your information directly through account settings. For requests requiring manual intervention, we've established processes to respond within legally mandated timeframes. However, some limitations apply—we can't delete information we're legally required to retain, and certain deletions might affect your ability to use platform features.

• Cross-Border Data Transfers: As an online platform, we may transfer your information across international borders to our servers and service providers. When we do, we ensure appropriate safeguards are in place through standard contractual clauses, adequacy decisions, or other approved transfer mechanisms.
• Children's Privacy: Our services are generally intended for users above the age of consent in their jurisdiction. If we become aware that we've collected information from a child without appropriate parental consent, we take steps to delete that information promptly.
• Data Retention Periods: We retain your personal information only as long as necessary for the purposes outlined in this policy, or as required by law. Account information is typically retained while your account remains active. After account deletion, some information may be retained in backup systems for a limited period before permanent removal.

Certain features or services within Lasterina may involve additional privacy considerations beyond what's covered in this general policy. When you access these specialized features, we'll provide supplementary information about any additional data practices that apply.

For example, instructors who create courses have access to aggregate analytics about their students' performance, though we anonymize individual student data in most reporting. Corporate or institutional accounts may have different data processing arrangements based on their specific contracts. Beta features or experimental tools might collect additional feedback data to help us refine them before full release.

We may also establish specific guidelines for community features like forums or user-generated content areas. These spaces often require additional moderation and may have different data retention practices to address legal concerns like defamation or copyright infringement. Always review the specific terms associated with particular features you choose to use.

If you have questions about this Privacy Policy or concerns about how we handle your data, our support team is available to help. You'll find contact options and submission forms throughout our website where you can reach out with privacy-specific inquiries. We aim to respond to all privacy questions promptly and thoroughly.

For formal data subject requests—such as access requests, deletion requests, or complaints about our data practices—please use the designated channels described in our help center. Providing detailed information about your request helps us respond more quickly and accurately.