Information We Collect

When you interact with our platform, we gather different types of information depending on what you're doing.

Information You Give Us Directly

This includes anything you type in or upload yourself:

• Your name, email address, and phone number when you sign up or contact us
• Professional background details (education, work experience, career goals)
• Project submissions and assignments if you're enrolled in our programs
• Messages you send through our contact forms or support channels
• Payment information when you purchase courses (though we don't store credit card details directly)

Information We Collect Automatically

Some data gets collected just by you visiting our site. Standard stuff for any website:

• IP address and general location (city level, not your exact address)
• Browser type, device information, and operating system
• Pages you visit and how long you spend on them
• Referring websites (how you found us)
• Time and date of your visits

Information From Third Parties

Occasionally we receive data from other sources. For instance, if you use a social login option, we get basic profile info from that platform. Or if you find us through a partner organization, they might share your contact details with your permission.

How We Use Your Information

We're not in the business of collecting data for fun. Everything we gather serves a specific purpose related to running our educational platform.

We analyze usage patterns to see where students get stuck or drop off. If everyone exits on lesson three, maybe lesson three needs work. That sort of thing.

Sometimes we'll send you emails about new courses or features. You can opt out of marketing emails anytime while still receiving essential service notifications.

Legal Basis for Processing (EU/Swiss Context)

Swiss and EU law require us to have a legitimate reason for processing your data. Here's our reasoning:

Processing Activity	Legal Basis
Providing course access and materials	Contractual necessity - we need this to deliver what you paid for
Sending marketing communications	Your consent - which you can withdraw anytime
Platform analytics and improvements	Legitimate interest - making our service better benefits everyone
Responding to legal requests	Legal obligation - we have to comply with valid legal demands

Who We Share Your Data With

We don't sell your information. Period. But we do work with other companies to run our platform, and some of them need access to certain data.

Service Providers

These are companies that help us operate:

• Email service providers who send course materials and notifications
• Payment processors who handle transactions (they follow strict PCI compliance standards)
• Cloud hosting providers where our platform lives
• Analytics services that help us understand site usage

All these partners sign agreements committing to protect your data. They can only use your information for the specific services they provide to us.

Legal Requirements

If a court order or government agency makes a valid legal request, we might have to share information. We'll notify you when possible unless prohibited by law.

Business Transfers

If machomedesigner gets acquired or merges with another company, your data would transfer to the new owner. We'd notify you beforehand and ensure they commit to similar privacy protections.

International Data Transfers

Our primary servers are located in Switzerland, but some service providers operate in other countries. When your data leaves Switzerland, we ensure adequate protection through:

• Standard Contractual Clauses approved by Swiss and EU authorities
• Selecting providers in countries recognized as having adequate data protection
• Additional security measures when working with providers in countries without adequacy decisions

Switzerland's data protection framework is recognized as equivalent to GDPR, which simplifies transfers within Europe.

How Long We Keep Your Data

We don't keep information longer than necessary. Different types of data have different retention periods:

After these periods, we either delete the data or anonymize it so it can't be traced back to you.

Security Measures

We take data security seriously, though no system is completely bulletproof. Here's what we do:

• All data transmissions use TLS encryption (that's the padlock you see in your browser)
• Passwords are hashed and salted - we literally can't see your actual password
• Regular security audits and vulnerability assessments
• Access controls limiting who on our team can see what data
• Regular backups stored in separate secure locations
• Monitoring systems watching for unusual access patterns

If we ever experience a data breach affecting your information, we'll notify you within 72 hours along with steps to protect yourself.

Your Rights and How to Exercise Them

Under Swiss and EU law, you have several rights regarding your personal data. These aren't just on paper - we actually honor them.

Access Your Data

You can request a copy of all personal information we hold about you. We'll provide it in a readable format within 30 days. First request each year is free; additional requests might incur a small administrative fee.

Correct Inaccurate Information

See something wrong in your profile? You can update most information directly in your account settings. For things you can't change yourself, contact us and we'll fix it promptly.

Delete Your Data

You can request complete deletion of your account and associated data. We'll process this within 30 days, though we might need to keep some information for legal compliance (like financial records).

Restrict Processing

You can ask us to limit how we use your data. For example, keeping your account active but stopping marketing emails, or maintaining records without actively processing them.

Data Portability

Want to take your course progress to another platform? You can request your data in a machine-readable format to transfer elsewhere.

Object to Processing

If we're processing your data based on legitimate interest (like analytics), you can object. We'll stop unless we have compelling reasons that override your interests.

Withdraw Consent

For anything requiring your consent (like marketing emails), you can withdraw that consent anytime. Just hit unsubscribe or contact us.

To exercise any of these rights, email us at support@machomedesigner.com with your request. We'll verify your identity and respond within 30 days.

Cookies and Tracking Technologies

Like most websites, we use cookies. These are small text files stored on your device that remember your preferences and help us understand site usage.

Types of Cookies We Use

Essential cookies: Required for the site to function. Things like keeping you logged in and remembering items in your cart.

Performance cookies: Help us understand how people use the site so we can improve it. These track things like popular pages and error messages.

Functional cookies: Remember your preferences like language settings or video playback position.

You can control cookies through your browser settings, though blocking essential cookies might break some site functionality. Most browsers let you block third-party cookies while allowing first-party ones.

Children's Privacy

Our platform is designed for adults pursuing professional development. We don't knowingly collect information from anyone under 16. If you're a parent and believe your child has provided us with personal information, contact us immediately and we'll delete it.

For users between 16-18 in Switzerland, we recommend discussing enrollment with a parent or guardian, though it's not legally required.

Changes to This Policy

We update this policy occasionally to reflect new practices or legal requirements. When we make significant changes, we'll notify you by email and prominently on our website at least 30 days before the changes take effect.

Minor updates (like fixing typos or clarifying existing practices) happen without notification, but we always update the effective date at the top of this page.

Continuing to use our services after changes take effect means you accept the updated policy. If you disagree with changes, you can close your account before they go into effect.

Automated Decision Making

We don't use automated systems to make significant decisions about you. Course recommendations might be algorithm-generated, but humans review all enrollment decisions, grade appeals, and support requests.

If we ever implement automated decision-making that significantly affects you, we'll inform you and provide a way to request human review.

Your Rights Under Swiss Law

As a Switzerland-based company, we comply with the Swiss Federal Act on Data Protection. This gives you additional protections:

• Right to file a complaint with the Federal Data Protection and Information Commissioner (FDPIC)
• Enhanced protections for sensitive personal data
• Stricter requirements for data processing and transfers
• Right to be informed about data breaches affecting you

If you're unhappy with how we handle your data, you can contact the FDPIC at Feldeggweg 1, 3003 Bern, Switzerland.