eAttestatsiya

Privacy Policy

Effective date: 2025-08-24

This Privacy Policy explains how eAttestatsiya LLC (“eAttestatsiya”, “we”, “us”, or “our”) collects, uses, and protects your information when you use https://example.com, our services, and related applications (collectively, the “Service”).

Please also review our Terms & Conditions, which govern your use of the Service.

1) Information We Collect

We collect information to operate the Service, provide subscriptions, and improve user experience.

Account & Profile: name/username, email, phone (if provided), password hash (never plaintext), role/permissions.
Wallet & Subscriptions: wallet balance (UZS), subscription plan, price, start/end dates, status, and payment records (e.g., method = “balance”, note, timestamps).
Content & Activity: tests you start/complete, categories selected, progress, scores, feedback, and support requests.
Technical Data: IP address, device/browser info, language, time zone, pages viewed, referral URL, session IDs, and server logs (for security and debugging).
Payment Top‑Ups: we may store top‑up requests and moderation status; if external processors are used, they may collect billing details directly (we do not store full card data on our servers).
Cookies/Local Storage: session management, preferences (e.g., theme, language), and analytics (see “Cookies & Analytics”).

2) How We Use Information

Provide and maintain the Service, including tests, wallet, and subscription management.
Process subscription purchases from your wallet balance and record payments for audit/compliance.
Authenticate users, prevent fraud/abuse, and ensure platform security and integrity.
Improve features, UX, and performance; conduct analytics and troubleshooting.
Communicate important notices (e.g., subscription expiry, policy updates, security alerts).
Comply with legal obligations and enforce our Terms and policies.

3) Legal Bases for Processing (GDPR)

Contract: to create your account, run tests, and administer subscriptions/wallet.
Legitimate Interests: to secure our Service, prevent misuse, and improve features.
Consent: for optional cookies/analytics, marketing updates, and certain top‑ups (where required). You can withdraw consent at any time.
Legal Obligation: to meet record‑keeping, tax, and compliance requirements.

4) Cookies & Analytics

We use cookies and similar technologies to remember your session, preferences (language/theme), and measure usage.

Strictly Necessary: session/auth cookies to keep you signed in and secure.
Preferences: language and UI settings saved in cookies/localStorage.
Analytics: aggregated usage metrics (pages, events, device). Where required by law, analytics runs only with your consent.

Do Not Track: Our Service does not currently respond to browser “DNT” signals.

5) Sharing & Processors

We do not sell your personal information. We may share limited data with:

Service Providers/Processors: hosting, security, analytics, email delivery, and payment gateway partners—only as needed to provide the Service under data processing agreements.
Admins/Moderators: where required to verify top‑ups, manage content, or provide support (access is role‑based and logged).
Legal/Compliance: when necessary to comply with law or protect rights, safety, and property.
Business Transfers: in a merger, acquisition, or asset sale, subject to continued protection of your data.

Category	Purpose	Data Types	Region
Hosting/DB	Run the app and store data	Account, subscriptions, logs	May vary (see provider’s policy)
Analytics	Measure usage & performance	Aggregated events, device data	May vary
Email/SMS/Telegram	Send notices & codes	Email/phone, message meta	May vary
Payments	Top‑ups and receipts	Transaction meta (no full card data)	May vary

6) Data Retention

We keep data only as long as necessary for the purposes set out in this policy, including legal, tax, and accounting requirements.

Account, wallet, and subscription/payment records: retained for the duration of your account and for a reasonable period thereafter for compliance and dispute resolution.
Logs and analytics: retained for shorter periods unless needed for security or legal reasons.

7) Security

We implement technical and organizational measures to protect your data (e.g., encryption in transit, role‑based access, audit logs, input validation, rate limiting). However, no system is 100% secure.

8) Your Privacy Choices & Rights

Access/Portability: request a copy of your data.
Rectification: correct inaccurate or incomplete information.
Deletion: request deletion of eligible data (subject to legal retention).
Restriction/Objection: limit or object to certain processing.
Consent: withdraw analytics/marketing consent at any time.

To exercise rights, contact us at privacy@example.com or support@example.com. We may verify your identity before acting on requests.

CCPA/CPRA (California): You may have rights to know, delete, correct, and limit use/disclosure of sensitive information. We do not “sell” personal information as defined by CCPA. To submit a request, use the contact methods above.

9) International Data Transfers

Your information may be processed outside your country. Where required, we use appropriate safeguards (e.g., contractual clauses) to protect your data.

10) Children’s Privacy

The Service is intended for users who meet the applicable minimum age for educational platforms in their jurisdiction. We do not knowingly collect personal data from children below that threshold. If you believe a child provided personal data, contact us to remove it.

11) Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version with a new “Effective date” and, when appropriate, notify you via the Service or email.

12) Contact Us

eAttestatsiya LLC
Tashkent, Uzbekistan
+998 (00) 000-00-00
support@example.com
Data Protection: privacy@example.com

Please include your account email/username with any privacy request so we can verify and respond.

This Privacy Policy is part of our Terms & Conditions.