Who We Are

Cognaxia operates as an educational platform focused on game mechanics and 3D design training. Our physical location is at Alameda de Capuchinos, 68, 29014 Málaga, Spain. When we refer to "we," "us," or "our" in this policy, we mean Cognaxia and its authorized representatives.

You can reach our data protection team at support@cognaxia.com or call us at +34930153617 if you have questions about how we handle your information.

Information We Collect

We gather different types of data depending on how you interact with our platform. Here's what that looks like in practice:

Information You Give Us Directly

When you sign up for courses, contact us, or fill out forms on our website, you provide details like your name, email address, phone number, and sometimes your educational background. If you enroll in paid programs, we'll also collect billing information though we don't store complete payment card details on our servers.

Data Collected Automatically

Our website collects technical information when you browse. This includes your IP address, browser type, device information, and which pages you visit. We use cookies and similar tracking tools for this purpose. Most of this happens in the background to help us understand how people use our site and where we can make improvements.

Information From Other Sources

Sometimes we receive data from third parties. For example, if you sign up using a social media account, we'll get basic profile information from that platform. We also work with payment processors who confirm transaction details.

How We Use Your Data

We don't collect information just for the sake of it. Everything we gather serves specific purposes related to running our educational platform effectively.

• Processing your enrollment and managing your access to courses and learning materials
• Communicating about your programs, sending course updates, and responding to your questions
• Processing payments and maintaining financial records as required by Spanish law
• Improving our website functionality and creating better learning experiences based on usage patterns
• Sending occasional updates about new courses or program changes if you've opted in to receive them
• Protecting against fraud and maintaining platform security
• Complying with legal obligations under Spanish and European law

We base our data processing on several legal grounds under GDPR. Most commonly, we process your data to fulfill our contract with you when you enroll in courses. We also have legitimate interests in improving our services and preventing fraud. For marketing communications, we rely on your consent, which you can withdraw at any time.

Sharing Your Information

We don't sell your personal data to anyone. That's not our business model and never will be. However, we do share information with certain third parties who help us operate our platform.

Service Providers

We work with companies that provide essential services like hosting our website, processing payments, sending emails, and analyzing site traffic. These providers only access data necessary for their specific functions and are contractually required to protect your information.

Legal Requirements

We'll disclose information if required by Spanish law, court orders, or legitimate requests from government authorities. This includes cooperating with law enforcement when legally obligated.

Business Transfers

If Cognaxia were involved in a merger, acquisition, or sale of assets, your data might be transferred as part of that transaction. We'd notify you beforehand and ensure the receiving party maintains equivalent privacy protections.

Your Rights Under GDPR

European data protection law gives you significant control over your personal information. Here's what you can do:

Access Your Data

You can request a copy of all personal information we hold about you. We'll provide this in a commonly used electronic format within one month of your request.

Correct Inaccuracies

If any information we have is wrong or outdated, you can ask us to fix it. You can also update most details directly through your account settings.

Request Deletion

You have the right to ask us to delete your data in certain circumstances. This isn't absolute though. We might need to keep some records to comply with Spanish tax law or to resolve disputes.

Restrict Processing

You can ask us to limit how we use your data while we resolve questions about accuracy or our legal basis for processing.

Data Portability

You can request your data in a machine-readable format and ask us to transfer it to another service provider where technically feasible.

Object to Processing

You can object to our processing of your data based on legitimate interests. We'll stop unless we have compelling legal grounds to continue.

Withdraw Consent

Where we process data based on your consent, you can withdraw that consent anytime. This won't affect the lawfulness of processing before you withdrew consent.

To exercise any of these rights, email us at support@cognaxia.com with your request. We'll verify your identity before processing requests that involve accessing or changing your data. There's no charge for most requests, though we can charge a reasonable fee for clearly excessive or repetitive requests.

Data Security Measures

We implement technical and organizational measures to protect your information from unauthorized access, alteration, or destruction. Our security practices include:

• Encryption of data in transit using TLS/SSL protocols
• Secure server infrastructure with regular security updates and patches
• Access controls limiting who can view personal data internally
• Regular security assessments and vulnerability testing
• Employee training on data protection and privacy best practices
• Incident response procedures for potential data breaches

While we take security seriously, no method of transmission over the internet is completely secure. We do our best to protect your data but can't guarantee absolute security.

If we discover a data breach that poses a risk to your rights and freedoms, we'll notify you within 72 hours as required by GDPR and inform the Spanish Data Protection Agency.

International Data Transfers

We primarily store and process data within the European Economic Area. Some of our service providers may be based outside the EEA, which means your data could be transferred internationally.

When we transfer data outside the EEA, we ensure adequate protection through mechanisms like Standard Contractual Clauses approved by the European Commission. We only work with providers who commit to GDPR-equivalent data protection standards.

Cookies and Tracking Technologies

Our website uses cookies – small text files stored on your device that help us recognize you and remember your preferences. We use different types:

Essential Cookies

These are necessary for the website to function. They enable basic features like page navigation and access to secure areas. The site won't work properly without them.

Functional Cookies

These remember your choices (like language preferences or login details) to provide enhanced, personalized features.

Analytics Cookies

We use these to understand how visitors interact with our website – which pages are popular, how long people stay, where they come from. This helps us improve the user experience.

You can control cookies through your browser settings. Most browsers let you refuse cookies or alert you when cookies are being sent. Keep in mind that disabling cookies might affect website functionality.

Children's Privacy

Our courses are designed for individuals aged 16 and older. We don't knowingly collect personal information from anyone under 16 without parental consent. If you're under 16 and interested in our programs, please have a parent or guardian contact us.

If we discover we've collected data from someone under 16 without proper consent, we'll delete that information promptly.

How Long We Keep Your Data

We don't keep personal information longer than necessary. Retention periods vary based on the type of data and why we collected it:

Account information and learning records are kept for the duration of your relationship with us plus two additional years. This lets us provide support for alumni and maintain educational records.

Financial records are retained for ten years to comply with Spanish tax and accounting regulations. This is a legal requirement, not our choice.

Marketing consent records are kept until you withdraw consent, plus three years to demonstrate compliance with privacy regulations.

Technical logs and analytics data are typically deleted after twelve months unless needed for security investigations.

After retention periods expire, we either delete data securely or anonymize it so it can no longer identify you.

Changes to This Policy

We update this privacy policy occasionally to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you by email or through a prominent notice on our website.

The "Last Updated" date at the top tells you when the policy was most recently revised. We encourage you to review this page periodically to stay informed about how we protect your information.

Continued use of our services after changes take effect means you accept the updated policy. If you disagree with changes, you can close your account and stop using our services.

Spanish Data Protection Authority

You have the right to lodge a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos) if you believe we've violated your privacy rights. You can contact them at:

Agencia Española de Protección de Datos
C/ Jorge Juan, 6
28001 Madrid, Spain
Website: www.aepd.es

We'd appreciate the opportunity to address your concerns directly before you contact the supervisory authority, but this is your legal right regardless.