GDPR Policy for Bloomdemy
​
Effective Date: 15 April 2022
​
Introduction
Bloomdemy is committed to protecting the privacy and personal data of its users. This GDPR Policy outlines how we collect, process, store, and protect personal data by the General Data Protection Regulation (GDPR) and other applicable data protection laws.
The protection of personal data is essential to us. In this regard, we undertake to make every effort to ensure compliance with all legislative requirements on the protection of personal data, in particular, those laid down in Regulation (EU) 2016/679 on the protection of individuals concerning the processing of personal data and on the free movement of such data ("GDPR").
Data Controller
​
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union, and other provisions related to data protection are Bloomdemy SRL, Address: Mihai Eminescu Street, Building 4, Entrance 4, Floor 3, Suite 12, Caracal City, Olt County. Country: Romania Email: hello@bloomdemy.com Website: www.bloomdemy.com
​
Personal Data Collection
​
We collect personal data from users who visit the Bloomdemy website and interact with our services. The types of personal data we may collect include:
-
Name
-
Contact information (email address, phone number, mailing address)
-
Payment information (credit card details, billing address)
-
User preferences and interests
-
Communication history
-
IP address and device information
-
Any other information voluntarily provided by the user
We collect personal data for the following purposes:
-
Creating and managing user accounts
-
Processing and fulfilling orders for online courses
-
Providing customer support and responding to inquiries
-
Sending relevant promotional and marketing communications (with user consent)
-
Analyzing user behavior and improving our services
-
Lawful Basis for Processing
We rely on the following lawful bases for processing personal data:
-
Performance of a contract: Processing personal data is necessary for the performance of the agreement between Bloomdemy and the user, such as processing course orders and providing access to online course materials.
-
Consent: We may seek consent for specific processing activities, such as sending promotional emails or newsletters. Users have the right to withdraw their consent at any time.
-
Legitimate interests: We may process personal data based on our legitimate interests, such as improving our services, ensuring website security, and preventing fraud.
-
2. Data Retention
We retain personal data for as long as necessary to fulfill the purposes outlined in this GDPR Policy unless a more extended retention period is required or permitted by law. When personal data is no longer needed, we will securely dispose of it.
-
3. Data Sharing and Transfers
We may share personal data with third-party service providers who assist us in operating our website and delivering our services. These service providers are contractually obligated to process personal data only on our instructions and in compliance with applicable data protection laws.
We may also disclose personal data when required by law or if we believe in good faith that such disclosure is necessary to protect our rights, comply with a legal obligation, or protect the safety of users.
In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of the transaction. We will ensure that appropriate safeguards are in place to protect personal data during any such transfer.
-
4. Data Security
Bloomdemy takes data security seriously and implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure. These measures include:
-
Secure transmission of data using encryption protocols (HTTPS)
-
Regular system updates and vulnerability assessments
-
Restricted access to personal data on a need-to-know basis
-
Regular staff training on data protection practices
-
5. User Rights
Users have the following rights regarding their personal data:
-
Right to access: Users can request access to their personal data held by Bloomdemy.
-
Right to rectification: Users can request the correction of inaccurate or incomplete personal data.
-
Right to erasure: Users can request the deletion of their personal data under certain circumstances, such as when the data is no longer necessary for the purposes it was collected.
-
Right to restrict processing: Users can request the restriction of processing their personal data in certain situations.
-
Right to data portability: Users can request to receive a copy of their personal data in a structured, commonly used, and machine-readable format.
-
Right to object: Users can object to processing their personal data based on legitimate interests or for direct marketing purposes.
-
Right to withdraw consent: Users have the right to withdraw their consent at any time, where consent was the lawful basis for processing.
To exercise these rights, users can contact Bloomdemy using the contact information provided in this GDPR Policy.
-
6. Cookies and Similar Technologies
Bloomdemy uses cookies and similar technologies to enhance user experience and analyze website usage. Users can manage their cookie preferences through their browser settings. For more information, please refer to our Cookie Policy.
-
7. Changes to the GDPR Policy
Bloomdemy may update this GDPR Policy from time to time to reflect changes in our data processing practices or legal requirements. We encourage users to review this policy periodically for any updates.