Privacy Policy

Serplora Academy

Effective Date: December 1, 2024 | Last Updated: April 1, 2026 | Website: https://serplora.com

Operating Jurisdiction: California, USA

Serplora Academy ("Serplora Academy", "we", "our", or "us") operates the website available at https://serplora.com. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our platform. By using Serplora Academy, you agree to the practices described in this policy.

If you do not agree with this policy, please discontinue use of the platform.

1. Information We Collect

a. Personal Information

When you create an account, we may collect:

Full name
Email address
Country of residence
Username or display name
Password (stored in hashed/encrypted form — never in plaintext)
OAuth profile data if you register via a third-party login (e.g., Google, GitHub)

b. User-Generated Content

We may store content you create while using the platform, including:

Code written in our compilers or editors
Shared code snippets or public links
Learning progress, quiz results, and activity history
Comments, forum posts, or other community contributions

c. Usage and Technical Data

We automatically collect certain technical information when you access the platform, such as:

IP address and approximate geolocation (country/region level)
Browser type, version, and language
Device type, operating system, and screen resolution
Pages visited, features used, and time spent on the platform
Referring URLs and exit pages
Error logs and crash reports

d. Communications Data

If you contact us directly or subscribe to our newsletter, we may collect:

Your name and email address
The content of your messages
Correspondence history

This section applies to users in the European Economic Area (EEA), United Kingdom, and Switzerland.

We process your personal data under one or more of the following lawful bases:

Contractual necessity — to provide you with account access and platform features you have requested
Legitimate interests — to improve the platform, prevent fraud, and ensure security (where not overridden by your rights)
Consent — for optional activities such as marketing emails, non-essential cookies, and advertising (which you may withdraw at any time)
Legal obligation — where we are required to process data to comply with applicable laws

3. How We Use Your Information

We use the data we collect for the following purposes:

Providing, operating, and maintaining the platform and its features
Creating and managing your user account
Tracking and displaying your learning progress
Responding to your support requests, questions, or feedback
Sending transactional emails (e.g., account confirmation, password reset)
Sending newsletters, platform updates, and promotional content (with your consent; you may opt out at any time)
Analyzing usage patterns to improve content, performance, and user experience
Detecting, investigating, and preventing fraudulent or abusive activity
Complying with legal obligations and enforcing our Terms of Service

4. Cookies and Tracking Technologies

We use cookies, local storage, and similar technologies. Cookies are small text files placed on your device to help us operate the platform effectively.

Types of Cookies We Use

Strictly Necessary Cookies — Required for the platform to function (e.g., session management, authentication). These cannot be disabled.
Functional Cookies — Remember your preferences and settings (e.g., language, theme).
Analytics Cookies — Help us understand how users interact with the platform (e.g., pages visited, time spent). Requires your consent in applicable regions.
Advertising Cookies — Used to serve relevant ads based on your interests. Requires your consent in applicable regions.

Users in the EEA and other applicable regions will be presented with a cookie consent banner when visiting the platform. You can update your preferences at any time by:

Accessing the Cookie Settings panel in the platform footer
Adjusting your browser settings to block or delete cookies

Please note that disabling certain cookies may affect platform functionality.

5. Analytics and Advertising

We use third-party tools to understand user behavior and serve relevant advertisements. These services operate under their own privacy policies and may independently collect data:

Google Analytics 4 — Website analytics. You may opt out via the Google Analytics Opt-out Browser Add-on.
Microsoft Clarity — Session recording and heatmaps for UX improvement.
Google Tag Manager — Tag management for analytics and marketing scripts.
Google AdSense — Advertising network. You may manage ad personalization at adssettings.google.com.

We have enabled IP anonymization where supported by these tools to minimize data exposure.

We do not sell your personal data to third parties for monetary value. We may share your information only in the following limited circumstances:

Service Providers — Trusted vendors who help us operate the platform, such as cloud hosting (Cloudflare), email delivery, and analytics providers. These parties are contractually obligated to handle your data only as instructed by us.
Advertising Partners — Analytics and ad networks (listed in Section 5) that process data under their own policies to provide targeted advertising.
Legal Compliance — When required by law, court order, or governmental authority, or when necessary to protect our rights, prevent fraud, or ensure user safety.
Business Transfers — In connection with a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your data becomes subject to a materially different privacy policy.

7. Data Retention

We retain your personal data for as long as your account remains active, or as necessary to fulfill the purposes described in this policy.

Account data is retained until you request deletion (see Section 8).
Usage and analytics data may be retained in aggregated, anonymized form indefinitely.
User-generated content may remain stored unless you explicitly request removal.
Backup copies may persist for up to 90 days after deletion for disaster recovery purposes.
We may retain certain data longer if required by applicable law or to resolve disputes.

8. Account Deletion

To request the deletion of your account and associated personal data, please contact us:

Email: privacy@serplora.com
Subject line: Delete My Account
Please include your registered email address to expedite processing.

We will process account deletion requests within 30 days. After deletion, your personal data will be removed from our active systems, subject to any legal retention obligations.

9. Data Security

We implement reasonable and industry-standard security measures to protect your data from unauthorized access, disclosure, alteration, or destruction, including:

HTTPS/TLS encryption for all data transmitted between your browser and our servers
Hashed and salted password storage (passwords are never stored in plaintext)
Access controls and authentication protections for internal systems
Regular security reviews and vulnerability assessments
Minimization of data access to only staff who require it for their role

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

Notify affected users without undue delay (and within 72 hours to relevant supervisory authorities where required by applicable law)
Communicate the nature of the breach, categories of data affected, and steps we are taking

No system is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

10. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data.

Right of Access — Request a copy of the personal data we hold about you.
Right to Rectification — Request correction of inaccurate or incomplete data.
Right to Erasure — Request deletion of your personal data ("right to be forgotten"), subject to certain exceptions.
Right to Restriction — Request that we limit the processing of your data in certain circumstances.
Right to Data Portability — Receive your data in a structured, machine-readable format and have it transferred to another service where technically feasible.
Right to Object — Object to processing based on legitimate interests, including profiling and direct marketing.
Right to Withdraw Consent — Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
Right to Lodge a Complaint — You have the right to file a complaint with your local data protection supervisory authority.

Rights for California Residents (CCPA / CPRA)

Right to Know — Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, the purposes, and the categories of third parties with whom we share it.
Right to Delete — Request deletion of your personal information, subject to certain exceptions.
Right to Correct — Request correction of inaccurate personal information.
Right to Opt Out of Sale/Sharing — We do not sell your personal information for monetary value. However, because we use third-party advertising networks (like Google AdSense), we may "share" your personal information for cross-context behavioral advertising under the CCPA/CPRA. You have the right to opt out of this sharing by adjusting your cookie preferences or contacting us.
Right to Non-Discrimination — We will not discriminate against you for exercising any of your privacy rights.

Global Users and Other Jurisdictions

While our core operations are governed by the laws of California, USA, and we formally ensure compliance with European frameworks (GDPR), Serplora Academy serves a global audience. We do not formally guarantee compliance with or honor every localized privacy framework globally. However, as a courtesy to all users worldwide, we voluntarily extend the core rights to access, correct, and request deletion of your personal data regardless of your location.

How to Exercise Your Rights

To exercise any of the rights above, email us at privacy@serplora.com with the subject line "Privacy Rights Request". We may need to verify your identity before fulfilling any request.

11. Marketing Communications & Opt-Out

If you have subscribed to our newsletter or marketing communications, you can opt out at any time by:

Clicking the "Unsubscribe" link in any marketing email we send
Contacting us at privacy@serplora.com with the subject line "Unsubscribe"

Please note that even after opting out of marketing emails, you may still receive transactional or service-related messages (e.g., password reset, security alerts). We comply with the CAN-SPAM Act and do not send unsolicited commercial email.

12. Children's Privacy

Serplora Academy is intended for a general audience. Our platform is not directed at children under the age of 13 (or 16 in the EEA, where applicable under GDPR), and we do not knowingly collect personal data from such children. Furthermore, if your specific country or local jurisdiction requires a higher age of digital consent to use online platforms, you must meet that local age requirement to use Serplora Academy.

If we become aware that we have inadvertently collected personal information from a child below the applicable age threshold, we will take prompt steps to delete it. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@serplora.com.

13. Third-Party Links and Services

Our platform may contain links to third-party websites, tools, or services (e.g., external documentation, partner resources, or embedded content). This Privacy Policy does not apply to those third-party sites.

We encourage you to review the privacy policies of any third-party services you visit. We are not responsible for the privacy practices or content of external sites.

14. Automated Decision-Making and Profiling

We do not use your personal data for solely automated decision-making that produces legal or similarly significant effects on you, as defined under GDPR Article 22.

We may use automated tools (such as analytics and recommendation systems) to personalize your learning experience; however, these are designed to assist rather than replace human judgment.

15. Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals to websites. Because there is no universally accepted standard for how websites should respond to these signals, we do not currently alter our data collection practices in response to DNT signals. You may, however, manage tracking preferences through our cookie settings or your browser settings.

16. International Data Transfers & Cross-Border Processing

Serplora Academy's primary operations and infrastructure are located in California, USA. Because we serve a global audience, by accessing and using our platform from outside the United States, you acknowledge that your personal data will be transferred to, stored, and processed in the United States and other regions where our global service providers (such as content delivery networks and cloud hosting) operate.

For users in the EEA or UK, we ensure that any international transfer of personal data is conducted in compliance with applicable data protection laws, using appropriate safeguards such as:

EU Standard Contractual Clauses (SCCs) with data processors
Adequacy decisions by the European Commission where applicable
Other legally recognized transfer mechanisms

17. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or platform features. When we make material changes, we will:

Post the updated policy on this page with a revised effective date
Send an email notification to registered users where the changes are significant
Display a prominent notice on the platform

We encourage you to review this policy regularly. Your continued use of the platform after any changes constitutes your acceptance of the updated policy.

18. Contact Us

If you have any questions, requests, or concerns about this Privacy Policy or how we handle your data, please contact us: