Privacy Policy

Last updated: February 28, 2026

1. Introduction and Our Commitment to Privacy

TakeAICourse.com(the “Platform,” “we,” “us,” or “our”) is an online school offering courses focused on Artificial Intelligence. We respect your privacy and are committed to protecting your personal data in accordance with applicable data protection and privacy laws.

This Privacy Policy explains what personal data we collect, how we use it, who we share it with, how we protect it, and what rights you have over your data. By using our services, you confirm that you have read and understood this policy.


2. Data Controller

The data controller responsible for processing your personal data is:

The data controller is responsible for the decisions regarding how personal data is processed on this Platform.


3. Personal Data We Collect

We collect different categories of personal data, depending on the purpose of the processing:

3.1 Data you provide directly

  • Identification data: your full name and email address, provided when you create an account or fill out a form.
  • Payment data: credit card information, billing details, and transaction history. This data is processed directly by our payments partner (Stripe) and is not stored on our servers.
  • Communication data: messages you send through contact forms, email, or other support channels.

3.2 Data collected automatically

  • Browsing data: IP address, browser type, operating system, pages visited, time spent on the site, referring URL, and click data.
  • Device data: device type, screen resolution, and unique device identifiers.
  • Cookies and similar technologies: session identifiers, browsing preferences, and analytics data (details in Section 10).

3.3 Sensitive data

We do not collect sensitive personal data (such as racial or ethnic origin, religious beliefs, health information, biometric data, and the like).


4. Purposes of Processing

We process your personal data for the following specific purposes:

  • Service delivery: creating and managing your account, providing access to courses, issuing certificates, and providing student support.
  • Payment processing: charging for subscriptions and one-time purchases, issuing receipts, and preventing fraud.
  • Communication: sending transactional emails (purchase confirmations, password resets, course updates), newsletters, and marketing communications (where you have opted in).
  • Improving the Platform: analyzing usage, personalizing content, optimizing performance, and developing new features.
  • Security: preventing fraud, detecting suspicious activity, and protecting the integrity of the Platform.
  • Legal compliance: meeting legal, regulatory, tax, and accounting requirements.

5. Legal Basis for Processing

We rely on the following legal bases to process your personal data:

PurposeLegal Basis
Delivering the services under our agreementPerformance of a contract or pre-contractual steps
Payment processingPerformance of a contract
Sending transactional communicationsPerformance of a contract
Sending marketing emails and newslettersYour consent
Analytics and service improvementOur legitimate interests
Security and fraud preventionOur legitimate interests
Legal and tax complianceCompliance with a legal or regulatory obligation

Where the legal basis is consent, you may withdraw it at any time without affecting the lawfulness of processing carried out beforehand, by contacting us at [email protected].


6. Data Sharing

Your personal data may be shared with third parties solely to enable the purposes described in this policy. We do not sell your personal data to third parties under any circumstances.

The third parties we share data with are:

PartnerPurposeData shared
Stripe (Stripe, Inc.)Payment processingName, email, credit card data, billing address
Mailcow (self-hosted infrastructure)Sending transactional and marketing emailsName and email address
Google Analytics (Google LLC)Traffic and browsing behavior analysisAnonymized browsing data (anonymized IP, pages visited, session duration)
Cloudflare (Cloudflare, Inc.)CDN, security, and DDoS attack protectionIP address and HTTP request data
Hetzner (Hetzner Online GmbH)Server hostingData stored on the infrastructure (encrypted)

All partners listed above are contractually required to protect your data and to use it solely for the specified purposes.


7. International Data Transfers

Because of the nature of the services we use, your personal data may be transferred to and processed in the following countries and regions:

  • European Union / Germany: Hetzner Online GmbH (server hosting). The EU is recognized internationally as providing an adequate level of data protection (GDPR).
  • United States: Stripe, Inc. (payments), Google LLC (analytics), and Cloudflare, Inc. (CDN/security). These companies use Standard Contractual Clauses (SCCs) and recognized security certifications.
  • European Union / Germany: Mailcow (email, hosted on the same Hetzner infrastructure). Subject to the GDPR.

International transfers of your data are made only to countries that provide an adequate level of protection or under appropriate contractual safeguards, such as Standard Contractual Clauses.


8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, based on the following criteria:

Data typeRetention period
Account data (name, email)While the account is active, or up to 5 years after it becomes inactive
Payment and billing data5 years after the transaction (to meet tax obligations)
Browsing and analytics data26 months (Google Analytics default setting)
Access logs6 months
Communication data (messages)2 years after the last contact
Marketing consentUntil you withdraw it

Once the retention period ends, your data is permanently deleted or irreversibly anonymized, unless we are legally required to keep it longer.


9. Your Privacy Rights

As the person whose data we hold, you have the following rights, which you may exercise at any time:

  • Right to confirmation of processing: the right to know whether we are processing any of your personal data.
  • Right of access: the right to obtain a copy of the personal data we hold about you.
  • Right to correction: the right to request the update or correction of incomplete, inaccurate, or outdated data.
  • Right to anonymization, restriction, or deletion of unnecessary or excessive data: the right to request appropriate handling of any data collected beyond what is necessary.
  • Right to data portability: the right to receive your data in a structured format so it can be transferred to another service provider.
  • Right to deletion: the right to request the deletion of personal data processed on the basis of consent, except where we are required to retain it.
  • Right to information about sharing: the right to know which public and private entities your data is shared with.
  • Right to information about declining consent: the right to be informed of the consequences of not providing consent.
  • Right to withdraw consent: the right to withdraw consent previously given for the processing of your data, easily and directly.

How to exercise your rights

To exercise any of the rights above, please send a request to:

  • Email: [email protected]
  • Suggested subject line:“Privacy Rights Request — [your name]”

We will respond to your request within 15 business days. We may ask for additional information to verify your identity before processing the request.


10. Cookies and Tracking Technologies

We use cookies and similar technologies to improve your experience on the Platform. Cookies are small text files stored in your browser that allow us to recognize your preferences and analyze how the site is used.

10.1 Types of cookies we use

TypePurposeDuration
Essential cookiesRequired for the basic operation of the Platform (authentication, user sessions, security)Session or up to 30 days
Performance cookiesCollect anonymous information about how visitors use the Platform (Google Analytics)Up to 26 months
Functionality cookiesRemember your preferences (language, theme) for a personalized experienceUp to 12 months

10.2 Google Analytics (GA4)

We use Google Analytics 4 to analyze traffic and browsing behavior. Google Analytics collects anonymized data, including an anonymized IP address, and processes it on Google’s servers. For more information, please see the Google Privacy Policy.

10.3 How to manage cookies

You can control and/or delete cookies as you wish. Most browsers allow you to:

  • View which cookies are stored and delete them individually.
  • Block third-party cookies.
  • Block all cookies from all sites.
  • Delete all cookies when you close the browser.

Please note that disabling essential cookies may impair the functioning of the Platform, including access to your account and courses.


11. Data Security

We implement appropriate technical and administrative measures to protect your personal data against unauthorized access, destruction, loss, alteration, or any form of improper or unlawful processing, including:

  • Encryption in transit: all communications between your browser and our servers are protected with TLS/SSL (HTTPS).
  • Encryption at rest: sensitive data stored in our database is encrypted.
  • Access control: access to personal data is limited to authorized staff on a least-privilege basis.
  • Infrastructure protection: we use Cloudflare for DDoS attack protection and a web application firewall (WAF).
  • Secure payments: credit card data is processed directly by Stripe, which is PCI DSS Level 1 certified, and never passes through our servers.
  • Monitoring: continuous monitoring of logs and suspicious activity to detect security incidents.
  • Backups: regular, encrypted backups to ensure data can be recovered in the event of an incident.

In the event of a security incident that could pose a significant risk or harm to the individuals affected, we will notify the relevant data protection authority and the affected individuals within a reasonable timeframe.


12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices or in legal requirements. If we make material changes, we will notify you through:

  • A prominent notice on the Platform.
  • An email sent to the address registered to your account (where applicable).

The “Last updated” date at the top of this page will always be revised accordingly. We encourage you to review this policy periodically.


13. Contact Channel / Data Protection Officer (DPO)

We have designated a Data Protection Officer (DPO) who serves as the point of contact between us, the individuals whose data we hold, and the relevant authorities.

Through this channel, you can:

  • Exercise the rights described in Section 9 of this policy.
  • Get answers to questions about how we process your personal data.
  • File complaints relating to privacy and data protection.
  • Request information about the security practices we have in place.

We are committed to responding to all requests within 15 business days.


14. Filing a Complaint with a Supervisory Authority

If you believe that our processing of your personal data violates applicable privacy law, you have the right to lodge a complaint with the relevant data protection or consumer protection authority in your jurisdiction.

Before contacting a supervisory authority, we encourage you to reach out to us through the channel listed in Section 13 so that we can resolve your request as quickly as possible.


15. Governing Law

TakeAICourse.com is operated by CodeAustral LLC, a company organized under the laws of the State of Delaware, United States. This Privacy Policy is governed by the laws of the State of Delaware and the applicable federal laws of the United States, without regard to its conflict-of-law principles.

Where you reside in a jurisdiction with mandatory data protection or consumer protection laws, this policy is intended to be read consistently with the rights those laws afford you.

Any disputes arising out of or relating to this Privacy Policy will be resolved in the courts located in the State of Delaware, unless applicable law requires otherwise.