Privacy Policy

1 Introduction

Learn Linux by Doing ("we", "us", "our") operates the website https://learnlinuxbydoing.com and provides digital educational products.

This Privacy Policy describes:

• What personal information we collect
• Why we collect it and how we use it
• How we protect your data
• Your rights regarding your personal information
• How to contact us with privacy concerns

By using our website or purchasing our products, you agree to this Privacy Policy. If you do not agree, please do not use our services.

2 Data Controller Information

For the purposes of data protection laws (including GDPR), the data controller is:

• Name: Learn Linux by Doing
• Email: privacy@learnlinuxbydoing.com
• Website: https://learnlinuxbydoing.com
• Address: Dargslan s.r.o. : 929 01, Trnava, Dunajska Streda 1560/51, SK

If you have any questions about how we handle your data, contact us at privacy@learnlinuxbydoing.com.

3 Information We Collect

We collect different types of information depending on how you interact with our website and services.

3.1 Information You Provide Directly

When You Purchase a Product:

• Name – for order confirmation and support
• Email Address – for delivery of digital products and order updates
• Payment Information – processed securely by Stripe or Lemon Squeezy (we do not store card details)
• Billing Address – required by payment processors for fraud prevention

When You Contact Us:

• Email Address – to respond to your inquiry
• Message Content – to address your question or issue

3.2 Information Collected Automatically

When you visit our website, we may automatically collect:

• IP Address – for security and fraud prevention
• Browser Type & Version – to optimize website compatibility
• Device Information – (desktop/mobile, operating system)
• Pages Visited – to understand user behavior and improve UX
• Referral Source – how you found our website (e.g., Google, social media)
• Date & Time of Visit – for analytics and troubleshooting

3.3 Cookies & Tracking Technologies

We use cookies and similar technologies (see Section 7 for details):

• Essential Cookies – required for checkout and security
• Analytics Cookies – to understand website traffic (Google Analytics, if used)
• Marketing Cookies – to track conversions and ad performance (if used)

4 How We Use Your Information

We use your personal information for the following purposes:

5 Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, we process your personal data based on:

5.1 Contractual Necessity

Processing is necessary to fulfill our contract with you (e.g., delivering the product you purchased).

5.2 Legitimate Interests

We have a legitimate interest in:

• Preventing fraud and ensuring security
• Improving our products and services
• Understanding customer behavior through analytics

5.3 Legal Obligation

We may process data to comply with legal requirements (e.g., tax laws, anti-fraud regulations).

5.4 Consent

For certain activities (e.g., marketing emails beyond transactional messages), we rely on your explicit consent, which you can withdraw at any time.

6 Third-Party Services & Data Sharing

We share your information with trusted third-party service providers to operate our business. These providers are contractually obligated to protect your data.

6.1 Payment Processors

• Stripe – Processes credit card payments securely (PCI-DSS compliant)
• Lemon Squeezy – Alternative payment processor for digital goods

Data Shared: Name, email, payment information, billing address
Privacy Policies: Stripe Privacy Policy, Lemon Squeezy Privacy Policy

6.2 Email Delivery

• Email service providers (e.g., SendGrid, Mailgun, or native hosting email)

Data Shared: Email address, name, order details (for transactional emails only)

6.3 Analytics (If Used)

• Google Analytics – Website traffic analysis (anonymized IP addresses)

Data Shared: Anonymized browsing data, device type, pages visited
Opt-Out: Install the Google Analytics Opt-Out Browser Add-On

6.4 Hosting & Infrastructure

• Web hosting providers (e.g., AWS, DigitalOcean, Cloudflare)

Data Shared: Server logs, IP addresses, cached content

6.5 No Data Selling

We do not sell, rent, or trade your personal information to marketers or advertisers.

7 Cookies & Tracking Technologies

We use cookies (small text files stored on your device) to improve your experience and analyze website usage.

7.1 Types of Cookies We Use

Essential Cookies (Required)

• Session management (keeping you logged in during checkout)
• Security (preventing CSRF attacks)
• Payment processing

These cookies are necessary for the website to function and cannot be disabled.

Analytics Cookies (Optional)

• Google Analytics (if used) – traffic analysis, page views, user behavior

You can opt out via browser settings or the Google Analytics opt-out tool.

Marketing Cookies (Optional)

• Conversion tracking (e.g., Facebook Pixel, Google Ads) – if used

You can manage these via browser settings or ad network opt-out tools.

7.2 How to Control Cookies

• Browser Settings: Most browsers allow you to block or delete cookies. See: AllAboutCookies.org
• Do Not Track: We respect DNT browser signals where technically feasible.

8 Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this policy.

8.1 Retention Periods

• Order Data: 7 years (for tax and legal compliance)
• Email Addresses: As long as you have a valid license or until you request deletion
• Support Emails: 3 years after the last interaction
• Analytics Data: 26 months (Google Analytics default)
• Server Logs: 90 days

8.2 Deletion

After the retention period, we securely delete or anonymize your data. You can request early deletion (see Section 9: Your Rights).

9 Your Privacy Rights

Depending on your location, you have the following rights regarding your personal data:

9.1 GDPR Rights (EU/EEA/UK Residents)

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your data
• Right to Restriction: Limit how we process your data
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for marketing or optional processing

9.2 How to Exercise Your Rights

To exercise any of these rights, contact us at:

• Email: privacy@learnlinuxbydoing.com
• Subject Line: "Privacy Rights Request - [Your Name]"

We will respond within 30 days (GDPR requirement). We may ask for identity verification to prevent fraud.

9.3 Right to Complain

If you believe we have mishandled your data, you have the right to lodge a complaint with your local data protection authority (e.g., ICO in the UK, CNIL in France).

10 Data Security

We implement industry-standard security measures to protect your personal information:

10.1 Technical Measures

• SSL/TLS Encryption: All data transmitted to/from our website is encrypted
• Secure Payment Processing: Card data is handled by PCI-DSS compliant processors (Stripe, Lemon Squeezy)
• Access Controls: Only authorized personnel can access customer data
• Regular Backups: Encrypted backups stored securely
• Firewall & Intrusion Detection: Server-level protection against attacks

10.2 Organizational Measures

• Employee training on data protection
• Limited access to personal data (need-to-know basis)
• Confidentiality agreements with third-party processors

10.3 Data Breach Notification

In the event of a data breach affecting your personal information, we will:

• Notify affected users within 72 hours (GDPR requirement)
• Report the breach to relevant data protection authorities
• Take immediate steps to mitigate damage

11 International Data Transfers

Your data may be transferred to and stored on servers located outside your country of residence, including countries that may have different data protection laws.

11.1 Transfers from the EU/EEA

If you are in the EU/EEA, your data may be transferred to:

• USA: Payment processors (Stripe, Lemon Squeezy) under EU-US Data Privacy Framework or Standard Contractual Clauses
• Cloud Providers: Hosting services with GDPR-compliant safeguards

11.2 Safeguards

We ensure international transfers are protected by:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements (DPAs) with all third-party processors
• Adequacy decisions (for countries recognized by the EU as having adequate protection)

12 Children's Privacy

Our services are not directed to individuals under the age of 16 (or 13 in some jurisdictions).

We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete it immediately.

Parents/Guardians: If you believe your child has provided us with personal information, contact us at privacy@learnlinuxbydoing.com.

13 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

• Changes in our data practices
• New legal or regulatory requirements
• Improvements to our services or technology

13.1 Notification of Changes

When we make significant changes, we will:

• Update the "Last Updated" date at the top of this page
• Send an email notification to users (for material changes)
• Post a notice on our website homepage

Your continued use of our services after changes constitutes acceptance of the updated policy.

14 Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:

For GDPR-related requests (access, deletion, etc.), please include:

• Your full name and email address associated with your account/order
• Specific request (e.g., "Delete my data", "Access my data")
• Proof of identity (to prevent fraud)