DeepOpinion Academy Privacy Policy

Version 1.1–06.02.2025

1. Introduction

This Privacy Policy outlines how Intelligent NLU GmbH, trading as DeepOpinion ("DeepOpinion," "we," "our," or "us"), collects, processes, and protects your personal data when you use DeepOpinion Academy ("Academy"). Your privacy is important to us, and we are committed to complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
Important: By registering for and using the Academy, you explicitly consent to the collection, processing, and storage of your personal data as described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, you should not use the Academy. You may withdraw your consent at any time as outlined in Section 7 – Your Rights & How to Exercise Them.

2. Data We Collect 

We collect and process the following categories of personal data:
  • Account Information: Name, email address, phone number, company (if applicable), role, and other details provided during registration.
  • Course & Certification Data: Training progress, course completions, certifications, and other learning activities.
  • Forum & Communication Data: Messages, posts, and interactions within Academy forums and chat sections.
  • Usage Data: Log files, IP addresses, browser type, device information, and activity tracking within the Academy.
  • IT & Identifiable Data: Browser type and version, operating system, online navigation data, referring site, log-in activity, cookies data, and web behavior tracking.
  • Profile & Custom Information: Additional data collected based on user input, such as job title, interests, demographic information, and preferences, subject to the Academy’s setup.

3. How We Use Your Data

Your personal data is processed for the following purposes:Providing the Academy Services:
  • Enabling access to courses, forums, and certifications.
  • User Authentication & Account Management: Verifying user identities, processing registrations, and managing accounts.
  • Performance & Analytics: Improving Academy services by analyzing user activity and engagement.
  • Customer Support & Communication: Responding to inquiries, support requests, and service updates.
  • Certification & Progress Sharing: If applicable, providing course completion data, certifications, and learning progress to your employer or other relevant third parties, such as organizations sponsoring your training, for professional development, commercial, compliance, or verification purposes.
  • Security & Fraud Prevention: Protecting against unauthorized access, fraud, and misuse of the Academy platform.
  • Legal & Compliance Obligations: Ensuring compliance with legal and regulatory requirements.

4. Legal Basis for Processing

We primarily process your data based on your explicit consent (Article 6(1)(a) GDPR), which you provide when registering for the Academy and agreeing to this Privacy Policy. You may withdraw your consent at any time, which will not affect the lawfulness of processing carried out before withdrawal.
Additionally, we may process your data under the following legal bases:
  • Contractual Necessity (Article 6(1)(b) GDPR): When processing is required to provide Academy services you have registered for, such as managing accounts, course access, and issuing certifications.
  • Legitimate Interests (Article 6(1)(f) GDPR): For improving user experience, service optimization, security, and fraud prevention, provided these interests do not override your fundamental rights and freedoms.
  • Legal Compliance (Article 6(1)(c) GDPR): When processing is necessary to comply with legal obligations, such as record-keeping, tax compliance, and responding to regulatory or law enforcement requests.

5. Data Sharing & Third Parties

We do not sell or rent your personal data. We may share it with:
  • Service Providers: The Academy is hosted and operated using LearnWorlds, a third-party platform that provides the underlying platform and technical framework for the Academy, including hosting, user management, and learning management system functionality. LearnWorlds is operated by LearnWorlds (CY) Ltd ("LearnWorlds"), with its registered office at Gladstonos 120, Foloune Building, 2nd Floor, B1, 3032, Limassol, Cyprus. LearnWorlds acts as a data processor on our behalf under a Data Processing Agreement (DPA) to ensure compliance with GDPR.
  • Employers or Other Relevant Third Parties: By enrolling in courses on the Academy, you acknowledge and agree that we may share information about your course enrollment, progress, completion status, certifications, and related achievements with your employer or other relevant third parties, such as organizations sponsoring your training, for professional development, commercial, compliance, or verification purposes.
  • Regulatory Authorities: When required by law or in response to legal requests, we may disclose your personal data to regulatory authorities, law enforcement agencies, or other governmental bodies in accordance with legal obligations.

6. Data Retention & Deletion

We retain personal data for specific periods depending on the nature of the data and the purpose for which it was collected, in compliance with Article 5(1)(e) GDPR. Account-related data is retained for as long as an account remains active and may be deleted after a period of inactivity unless required for compliance. Certification and training records are retained for verification purposes unless a user requests deletion, subject to legal obligations. Forum and communication data are stored as long as necessary to support user engagement and may be anonymized or deleted upon inactivity. Legal and compliance-related data is retained as required by applicable laws. Once data is no longer needed, we securely delete or anonymize it unless continued retention is legally mandated or necessary for dispute resolution, security, or legitimate business interests that do not override user rights under GDPR. Data is stored for operational, compliance, and legal purposes, and the retention period varies depending on the type of data and applicable regulations.

7. Your Rights & How to Exercise Them

Under GDPR and other applicable laws, you have the following rights:
  • Right of Access (Article 15 GDPR): Request a copy of your personal data and obtain information on how it is processed.
  • Right to Rectification (Article 16 GDPR): Request correction of inaccurate or incomplete personal data.
  • Right to Erasure ('Right to be Forgotten') (Article 17 GDPR): Request deletion of your personal data under certain conditions.
  • Right to Restriction of Processing (Article 18 GDPR): Request limited processing of your personal data under specific circumstances.
  • Right to Data Portability (Article 20 GDPR): Receive your personal data in a structured, commonly used, and machine-readable format and request its transfer to another controller.
  • Right to Object (Article 21 GDPR): Object to processing of your personal data in certain situations, including direct marketing.
  • Right to Withdraw Consent (Article 7(3) GDPR): Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing before withdrawal.
  • Right to Object to Automated Decision-Making (Article 22 GDPR): You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.
  • To exercise your rights, you may submit a request by contacting us at dpo@deepopinion.ai. Please include the following details in your request:
  1. Your full name and email address associated with your account.
  2. A clear description of the right you wish to exercise (e.g., data access, rectification, or deletion).
  3. Any additional information needed to verify your identity and process your request securely.

We will respond to your request within one month in accordance with Article 12 GDPR. If an extension is required due to complexity, we will inform you accordingly. If you are unsatisfied with our response, you have the right to lodge a complaint with the relevant data protection authority.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or alteration. While we strive for security, no system is entirely risk-free. In case of a data breach, we will notify affected users and authorities as required by law.

9. Data Storage, Hosting & International Transfers 

Your personal data is stored on LearnWorlds' infrastructure, which serves as the hosting provider for the Academy. Some of our service providers, including LearnWorlds, may process data outside the EEA. In cases where data is transferred outside the EEA, LearnWorlds ensures that such transfers comply with GDPR by implementing appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission or relying on adequacy decisions where applicable.

10. Cookies & Tracking Technologies

The Academy platform uses cookies and other tracking technologies managed by LearnWorlds. These cookies may be used for essential platform functionality, performance analytics, and user experience enhancements. DeepOpinion does not directly manage or place cookies on the platform; instead, LearnWorlds determines and administers cookie usage.
For more details about the types of cookies used, their purposes, and how to manage your preferences, please refer to LearnWorlds' Cookies Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services or legal obligations. Users will be notified of material changes, and continued use of the Academy constitutes acceptance of the updated policy.

12. Contact Information

For any questions regarding this Privacy Policy or your data rights, contact us at:
DeepOpinion
 Intelligent NLU GmbH
 Grabenweg 72, 6020 Innsbruck, Austria
 Email: privacy@deepopinion.ai