Updated as of: 24/05/2018
365 Data Science Ltd.
Any information stored on 365 Data Science’s platform is treated as confidential. All information is stored securely and is accessed by authorized personnel only. Our team implements and maintains appropriate technical, security and organisational measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.
2. Collection and use of information
The following sections cover the specifics of each of the two groups from which data is collected: website visitors and course subscribers.
2.2. What personal information do we collect from the people that visit our website?
When subscribing to our newsletter, you may be asked to enter your name and email address.
2.3. When do we collect information?
We collect information from you when you visit our website or subscribe to our newsletter.
2.4 Website Visitors
If you are a Visitor to our website only, and not a person taking our courses on Teachable (https://teachable.com), then this section is relevant for you.
By visiting this website, you consent to the collection and use of your Personal Data as described herein. If you do not agree with the terms set out herein, please do not visit this website. If required by applicable law, we will seek your explicit consent to process Personal Data collected on this website or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your Personal Data, the use of this website may not be possible.
Such Personal Data may comprise your IP address, first and last name, your postal and email address, your telephone number, your job title, data for social networks, your areas of interest, interest in 365 Data Science products, and certain information about the company you are working for (company name and address), as well as information as to the type of relationship that exists between 365 Data Science and yourself.
365 Data Science gathers data about visits to the website, including but not restricted to numbers of Visitors and visits, Geo-location data, length of time spent on the site, pages clicked on or where Visitors have come.
Thank you for choosing to learn with our site (www.365datascience.com). Your personal information is important to us, and we are committed to keeping it safe and disclosing transparently everything we do with it.
2.4.1 Purpose of processing personal data
365 Data Science uses the collected data to communicate with Visitors, to customize content for Visitors, to show ads on other websites to Visitors, to follow-up after correspondence (live chat and email), and to improve its website by analyzing how Visitors navigate its website.
2.4.2 Sharing personal data
365 Data Science does not share your personal information with anyone else.
2.4.4 Links to other sites
2.5 Course subscribers
Currently, 365 Data Science’s courses are hosted on Teachable (Teachable Inc.), which is one of the largest MOOC platforms enabling authors to create and sell online courses. As constructed, 365 Data Science’s website (365datascience.com) has direct links to Teachable’s (teachable.com) gateway for registration and payment processing. The product 365 Data Science provides to its course subscribers has been created by the 365 Data Science team. Teachable is the environment where course subscribers can access our paid content. The links from our website will direct you to Teachable’s gateway. All of the information and potential payments collected after you leave our website are processed through Teachable.
2.6 Compliance with the GDPR
For Users with accounts located in 365 Data Science’s European Data Region, all processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and 365 Data Science’s processing will take place in accordance with the GDPR.
2.7 Data processing in the EEA
365 Data Science processes Personal Data as a Processor, as defined in the Directive and the GDPR. All user data collected by 365 Data Science will be stored through third party entities compliant with the GDPR and certified with a Privacy Shield. 365 Data Science has chosen the services of entities who have ensured compliance with the Directive. All hosting is performed in accordance with the highest security regulations. All transfers of data internally in the EEA is done in accordance with this data processing agreement.
2.8. How do we protect your information?
We do not use vulnerability scanning and/or scanning to PCI and GDPR standards. An external PCI compliant payment gateway handles all CC transactions. We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
2.9 Physical storage of data
We do not keep physical records of users’ Personal Information in any form.
2.10. California Online Privacy Protection Act
2.10.1. According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
- By receiving an email
You can change your personal information by emailing us.
2.11. How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
2.12. Does our site allow third-party behavioral tracking?
It’s also important to note that we allow third-party behavioral tracking.
2.13. COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Do we let third-parties, including ad networks or plug-ins collect PII from children under 13?
2.14. Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email within 7 business days.
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
3. Retention and deletion
365 Data Science will not retain data longer than is necessary to fulfil the purposes for which it was collected or as required by applicable laws or regulations. When a user’s account is terminated or expired, all Personal Data collected through the platform will be deleted, as required by applicable law.
All of 365 Data Science’s e-mail subscribers have the option to unsubscribe from our services through an “unsubscribe” button.
4. Your rights
You may request from us confirmation as to whether or not your personal data is being processed by us, a copy of your personal data and/or to correct it. In certain circumstances, you have the right to require us to erase your personal data or, based on the right to portability, to ask us to transfer some of your personal data to you or to other entities. You also have rights to object to some processing of your personal data (for example, to the use of processing for direct marketing purposes or to certain decisions made solely by automated processing (including profiling). Where we have asked for your consent to process your personal data, you have the right to withdraw this consent without having negative impacts on you. Where we process your personal data because we have a legitimate interest in doing so (as explained above), you also have a right to object to this. You also have the right to restrict processing of your personal data in certain circumstances.
Please note that your rights described above may be limited in some situations and are subject to applicable data protection laws and regulations; for example, your right to object to the processing of your personal data may be limited where we can demonstrate that we have compelling legitimate grounds to process your personal data that may override your interests. You will need to verify your identity and provide us with other details to help us to respond to your request. We will not charge a fee in responding to your request unless permitted by law, and, where such fee is charged, it will be reasonable and proportionate to your request. If you wish to exercise these rights, please contact us via the contacts mentioned below. We hope that we can satisfy any queries that you may have about the way we process your personal data. However, you also have the right to complain to the relevant data protection authorities. You can bring the complaint in the Member State where you reside, where you work or where the alleged infringement of data protection law occurred.
Article 13 Information to be provided where personal data are collected from the data subject
4.1. Where personal data relating to a data subject are collected from the data subject, the controller shall, at the time when personal data are obtained, provide the data subject with all of the following information:
(a) the identity and the contact details of the controller and, where applicable, of the controller’s representative;
(b) the contact details of the data protection officer, where applicable;
(c) the purposes of the processing for which the personal data are intended as well as the legal basis for the processing;
(d) where the processing is based on point (f) of Article 6(1), the legitimate interests pursued by the controller or by a third party;
(e) the recipients or categories of recipients of the personal data, if any;
(f) where applicable, the fact that the controller intends to transfer personal data to a third country or international organisation and the existence or absence of an adequacy decision by the Commission, or in the case of transfers referred to in Article 46 or 47, or the second subparagraph of Article 49(1), reference to the appropriate or suitable safeguards and the means by which to obtain a copy of them or where they have been made available.
4.2. In addition to the information referred to in paragraph 1, the controller shall, at the time when personal data are obtained, provide the data subject with the following further information necessary to ensure fair and transparent processing:
(a) the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
(b) the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability;
(c) where the processing is based on point (a) of Article 6(1) or point (a) of Article 9(2), the existence of the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
(d) the right to lodge a complaint with a supervisory authority;
(e) whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible consequences of failure to provide such data;
(f) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
4.3. Where the controller intends to further process the personal data for a purpose other than that for which the personal data were collected, the controller shall provide the data subject prior to that further processing with information on that other purpose and with any relevant further information as referred to in paragraph 2.
4.4. Paragraphs 1, 2 and 3 shall not apply where and insofar as the data subject already has the information.
5. Acceptance of these Conditions
6. 365 Data Science’s Data Protection Officer
365 Data Science has a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address:
365 Data Science
Attn: Data Protection Officer
Hristo Belchev 1