Privacy Policy for OpenEDG Python Institute

At OpenEDG Python Institute (“we,” “our,” “us”), accessible from www.pythoninstitute.org, your privacy is a fundamental priority. This Privacy Policy describes the types of personal data we collect, how we use it, the legal bases for processing, and the rights you have in relation to your data. It applies to all visitors, learners, educators, and registered users of our educational services and complies with applicable laws, including the General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), the Family Educational Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA), and other relevant regulations.

Scope

This Privacy Policy applies only to our online services and websites, including courses, certification exams, educational resources, and related digital platforms provided by OpenEDG Python Institute. It does not apply to information collected offline or through third-party websites not operated by us. By using our services, you acknowledge that you have read and understood this Privacy Policy.

Consent

By using our website and services, you consent to the collection and use of your information as described in this Privacy Policy. Where required by law, we will request your explicit consent before processing personal data (e.g., setting non-essential cookies). You may withdraw your consent at any time.

Information We Collect

We may collect personal data in the following categories:

Information you provide directly: name, email address, phone number, organization, mailing address, or other details entered in forms, surveys, account registration, or direct communication.
Account and service data: login credentials, course enrollments, exam registrations, certifications earned, assessment scores, progress records, and learning history.
Educational records (FERPA): data generated during the use of our courses and exams that may be considered student records, such as grades, progress reports, and certifications.
Payment and transaction data: billing details, purchase history, and secure payment processing data, handled through trusted third-party providers.
Automatically collected data: IP address, device type, browser type, operating system, referral pages, session duration, and pages visited, collected through log files, cookies, and analytics.

We do not knowingly collect personal data from children under 13 (COPPA) or the applicable age of consent in their jurisdiction (GDPR requires 13–16). Any such collection is subject to verified parental consent.

How We Use Your Information

We use the personal data collected for the following purposes:

To provide and manage our educational services, courses, and certification exams
To maintain accurate educational records and comply with FERPA
To personalize learning experiences and improve course content
To verify identity and maintain exam security and integrity
To communicate with you regarding account management, service updates, and certification notifications
To respond to inquiries, support requests, or parental access requests
To conduct research and analytics to improve the quality of our educational services
To detect, investigate, and prevent fraudulent or unauthorized activity
To comply with applicable legal obligations

Legal Bases for Processing

We process personal data under the following legal bases:

Consent – when you provide consent, such as for non-essential cookies or communications.
Contractual necessity – when data processing is required to deliver services you request (e.g., course access, exam delivery).
Legal obligation – when we must comply with applicable laws (e.g., FERPA record retention, tax reporting).
Legitimate interests – when processing is necessary for our educational operations, balanced against your rights and freedoms.

Cookies and Similar Technologies

We use cookies to support site functionality, security, personalization, and analytics. Non-essential cookies (such as for analytics or social media) are set only with your consent in regions that require it. Please review our Cookie Policy for more details.

Educational Records (FERPA)

We comply with FERPA in the handling of educational records. Student information such as grades, exam results, and certification status is protected and will not be disclosed without prior written consent, except as permitted by law (e.g., to authorized school officials, accrediting bodies, or legal authorities). Parents and eligible students have the right to inspect and request correction of educational records.

Children’s Privacy (COPPA & GDPR)

We do not knowingly collect personal data from children under 13 (COPPA) or the relevant age of consent under GDPR (13–16 depending on country) without verified parental consent. If we learn that a child under the applicable age has provided personal data without consent, we will promptly delete it. Parents/guardians may request access to or deletion of their child’s information by contacting us at compliance@openedg.org.

Data Sharing and Third Parties

We do not sell your personal data or share it for cross-context behavioral advertising or other commercial gain. We may share certian data only with:

Trusted Service providers, such as hosting providers, testing platforms, payment processors, and analytics services, all of whom are contractually obligated to safeguard your data.
Educational institutions and partners – when required to validate certifications, course completions, or provide integrated services, with appropriate legal safeguards.
Legal authorities – where required by law or to protect the security of our users, services, and infrastructure.

International Data Transfers

If you access our services from outside the United States, your data may be transferred to and processed in the U.S. We use appropriate safeguards (such as Standard Contractual Clauses under GDPR) to ensure that your personal data remains protected.

Data Retention

We retain personal data only as long as necessary for the purposes described in this policy. Educational records may be retained to comply with FERPA, accreditation requirements, or legitimate institutional needs. When data is no longer required, it will be securely deleted or anonymized.

Security

We implement industry-standard technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. While no system can guarantee absolute security, we continuously monitor and improve our safeguards.

Your Privacy Rights

Depending on your location, you may have the following rights:

Access and portability – request a copy of your personal data or transfer it to another organization.
Rectification – request correction of inaccurate or incomplete data.
Erasure – request deletion of your personal data, subject to legal and contractual obligations.
Restriction – request restriction of data processing in certain circumstances.
Objection – object to processing where based on legitimate interests.
Consent withdrawal – withdraw consent for non-essential processing (e.g., cookies, marketing) at any time.
Parental rights – parents/guardians may access, correct, or request deletion of their child’s data (FERPA, COPPA, GDPR minors).

To exercise your rights or ask questions, contact us at compliance@openedg.org. We will respond within the legally required timeframe.

Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal obligations. We encourage you to review this page regularly. Significant updates will be communicated through our website or directly where legally required.