Privacy Policy
Effective date: January 15, 2026
GraniteWave Nexus (“we”, “us”, “our”) provides Business Intelligence education. This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our website and services.
1. Information we collect
- Account data: name, email, contact details.
- Transaction data: purchased courses, billing-related information handled by our payment processor.
- Usage data: pages viewed, course progress metrics, device and browser information.
- Support data: communications you send via forms or email.
2. How we use information
- Provide and improve courses, deliver certificates, and administer cohorts.
- Process payments and fulfill orders through PCI-compliant payment providers.
- Communicate about service updates, policy changes, and relevant courses (you may opt out).
- Monitor usage to maintain security, prevent fraud, and ensure service quality.
3. Legal bases for processing
We process personal data on the basis of consent, contract performance, legitimate interests in operating and improving our services, and compliance with legal obligations.
4. Sharing and disclosure
We do not sell personal data. We share data with service providers who support platform operations (e.g., hosting, payments, analytics) under confidentiality and data processing agreements. We may disclose information to comply with legal requests or protect rights and safety.
5. Cookies and similar technologies
We use essential cookies for authentication and platform stability, and optional analytics cookies to understand product usage. You can control cookies through your browser settings. Our cookie banner records your consent preferences.
6. Data retention
We retain personal data as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data category and legal requirements.
7. Your rights
Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, or request data portability. To exercise rights, contact [email protected]. We will respond within the timeframes required by applicable law.
8. International transfers
We may transfer personal data to countries with different data protection laws. We implement safeguards such as Standard Contractual Clauses where required.
9. Security
We implement technical and organizational measures including encryption in transit, access controls, secure development practices, and incident response procedures.
10. Children’s privacy
Our services are not directed to children under 16. We do not knowingly collect data from children. If we learn that a child has provided personal data, we will delete it.
11. Changes to this policy
We may update this policy from time to time. Material changes will be communicated via email or prominent notice on the site.
12. Contact
For questions about this policy or data practices, email [email protected] or call +1 (415) 429-7781.