Privacy Policy

Last updated: September 25, 2025

Our Contact Information

Annankatu 25, 00100 Helsinki, Finland

+358 50 7934 8625

Introduction

At WebCraft, we take your privacy seriously and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. We believe in transparency and want you to understand exactly how your data is handled when you interact with our services.

Data We Collect

We collect different types of information depending on how you interact with our website and services:

Information You Provide Directly

When you fill out contact forms, register for courses, or communicate with us, we collect:

  • Full name and contact details (email address, phone number)
  • Course preferences and educational background information
  • Payment information for course enrollment (processed securely through third-party payment processors)
  • Any messages or inquiries you send through our contact forms

Automatically Collected Information

When you visit our website, we automatically collect certain technical information:

  • Device information including browser type, operating system, and device identifiers
  • Usage data such as pages visited, time spent on pages, and navigation patterns
  • IP address and approximate geographic location
  • Referral sources and search terms used to find our website
  • Cookie data as detailed in our Cookie Policy

How We Use Your Data

We process your personal data for the following purposes, based on legitimate legal grounds:

Course Administration and Communication

  • Processing course registrations and managing enrollments
  • Communicating with you about courses, schedules, and updates
  • Providing customer support and responding to inquiries
  • Sending important notifications about our services

Website Improvement and Analytics

  • Analyzing website usage patterns to improve user experience
  • Understanding which content and features are most valuable to visitors
  • Identifying and fixing technical issues
  • Optimizing website performance and loading speeds

Marketing and Personalization

  • Sending promotional communications about new courses and special offers (with your consent)
  • Personalizing content based on your interests and preferences
  • Conducting market research to better understand our audience

Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds:

  • Consent: When you provide explicit permission for specific data processing activities
  • Contract: When processing is necessary to fulfill our contractual obligations to you
  • Legal Obligation: When we must process data to comply with legal requirements
  • Legitimate Interests: When processing serves our legitimate business interests while respecting your rights

Data Sharing and Third Parties

We do not sell your personal data to third parties. We only share your information in the following circumstances:

  • Service Providers: Trusted third-party vendors who assist with website hosting, payment processing, email communications, and analytics
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with mergers, acquisitions, or asset sales (with notice to affected users)

All third-party service providers are contractually obligated to protect your data and use it only for specified purposes.

Data Security and Protection

We implement comprehensive security measures to protect your personal data:

  • Industry-standard encryption for data transmission and storage
  • Secure servers with regular security updates and monitoring
  • Access controls limiting data access to authorized personnel only
  • Regular security audits and vulnerability assessments
  • Staff training on data protection and privacy best practices

While we strive to protect your data, no method of transmission over the internet is completely secure. We cannot guarantee absolute security but commit to promptly addressing any security incidents.

Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law. Contact form submissions are typically retained for 12 months. Course enrollment records are kept for 5 years for educational compliance purposes. Website analytics data is anonymized after 26 months. When data is no longer needed, we securely delete or anonymize it.

Your Rights and Opt-Out Instructions

Under GDPR and applicable privacy laws, you have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Restrict Processing: Request limitation of data processing in specific situations
  • Right to Withdraw Consent: Withdraw previously given consent at any time

You Are Not Required to Provide Personal Information

You are not required to provide any personal information when using this website. If you prefer not to share your data, you may:

  • Avoid filling out contact forms, account registrations, or any data-submitting features
  • Disable cookies through your browser settings (see our Cookie Policy for more details)
  • Contact us directly to request the deletion of any previously shared personal data

We respect your privacy choices. If you would like us to delete your data, please reach out to us at the contact details provided above. We will process your request promptly.

Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us immediately so we can delete the data.

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area. When such transfers occur, we ensure appropriate safeguards are in place, including standard contractual clauses approved by the European Commission, to protect your data in accordance with EU data protection standards.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we will notify you by posting a prominent notice on our website or sending you an email. We encourage you to review this policy regularly to stay informed about how we protect your data.

Contact Us About Privacy

If you have questions about this Privacy Policy, wish to exercise your rights, or have concerns about how your data is handled, please contact us using the information provided at the top of this page. We are committed to addressing your inquiries promptly and transparently.