This Privacy Policy explains how eAttestatsiya LLC (“eAttestatsiya”, “we”, “us”, or “our”) collects, uses, and protects your information when you use
https://example.com, our services, and related applications (collectively, the “Service”).
Please also review our
Terms & Conditions, which govern your use of the Service.
1) Information We Collect
We collect information to operate the Service, provide subscriptions, and improve user experience.
Content & Activity: tests you start/complete, categories selected, progress, scores, feedback, and support requests.
Technical Data: IP address, device/browser info, language, time zone, pages viewed, referral URL, session IDs, and server logs (for security and debugging).
Payment Top‑Ups: we may store top‑up requests and moderation status; if external processors are used, they may collect billing details directly (we do not store full card data on our servers).
Cookies/Local Storage: session management, preferences (e.g., theme, language), and analytics (see “Cookies & Analytics”).
2) How We Use Information
Provide and maintain the Service, including tests, wallet, and subscription management.
Process subscription purchases from your wallet balance and record payments for audit/compliance.
Authenticate users, prevent fraud/abuse, and ensure platform security and integrity.
Improve features, UX, and performance; conduct analytics and troubleshooting.
Communicate important notices (e.g., subscription expiry, policy updates, security alerts).
Comply with legal obligations and enforce our Terms and policies.
3) Legal Bases for Processing (GDPR)
Contract: to create your account, run tests, and administer subscriptions/wallet.
Legitimate Interests: to secure our Service, prevent misuse, and improve features.
Consent: for optional cookies/analytics, marketing updates, and certain top‑ups (where required). You can withdraw consent at any time.
Legal Obligation: to meet record‑keeping, tax, and compliance requirements.
4) Cookies & Analytics
We use cookies and similar technologies to remember your session, preferences (language/theme), and measure usage.
Strictly Necessary: session/auth cookies to keep you signed in and secure.
Preferences: language and UI settings saved in cookies/localStorage.
Analytics: aggregated usage metrics (pages, events, device). Where required by law, analytics runs only with your consent.
Do Not Track: Our Service does not currently respond to browser “DNT” signals.
5) Sharing & Processors
We do not sell your personal information. We may share limited data with:
Service Providers/Processors: hosting, security, analytics, email delivery, and payment gateway partners—only as needed to provide the Service under data processing agreements.
Admins/Moderators: where required to verify top‑ups, manage content, or provide support (access is role‑based and logged).
Legal/Compliance: when necessary to comply with law or protect rights, safety, and property.
Business Transfers: in a merger, acquisition, or asset sale, subject to continued protection of your data.
Category
Purpose
Data Types
Region
Hosting/DB
Run the app and store data
Account, subscriptions, logs
May vary (see provider’s policy)
Analytics
Measure usage & performance
Aggregated events, device data
May vary
Email/SMS/Telegram
Send notices & codes
Email/phone, message meta
May vary
Payments
Top‑ups and receipts
Transaction meta (no full card data)
May vary
6) Data Retention
We keep data only as long as necessary for the purposes set out in this policy, including legal, tax, and accounting requirements.
Account, wallet, and subscription/payment records: retained for the duration of your account and for a reasonable period thereafter for compliance and dispute resolution.
Logs and analytics: retained for shorter periods unless needed for security or legal reasons.
7) Security
We implement technical and organizational measures to protect your data (e.g., encryption in transit, role‑based access, audit logs, input validation, rate limiting). However, no system is 100% secure.
8) Your Privacy Choices & Rights
Access/Portability: request a copy of your data.
Rectification: correct inaccurate or incomplete information.
Deletion: request deletion of eligible data (subject to legal retention).
Restriction/Objection: limit or object to certain processing.
Consent: withdraw analytics/marketing consent at any time.
CCPA/CPRA (California): You may have rights to know, delete, correct, and limit use/disclosure of sensitive information. We do not “sell” personal information as defined by CCPA. To submit a request, use the contact methods above.
9) International Data Transfers
Your information may be processed outside your country. Where required, we use appropriate safeguards (e.g., contractual clauses) to protect your data.
10) Children’s Privacy
The Service is intended for users who meet the applicable minimum age for educational platforms in their jurisdiction. We do not knowingly collect personal data from children below that threshold. If you believe a child provided personal data, contact us to remove it.
11) Changes to This Policy
We may update this Privacy Policy from time to time. We will post the updated version with a new “Effective date” and, when appropriate, notify you via the Service or email.