سياسة الخصوصية
We want you to feel comfortable on our website and not have to worry about the security of your data. That is why data protection is an important part of our corporate philosophy.
In this Privacy Policy, you will find all the information about which Personal Data we collect and process and for what purpose. Equally, we will also inform you of your data protection rights and how you can assert them.
General Principles
a) What is Personal Data?
Personal Data is “any information relating to an identified or identifiable natural person. This includes, for example, name or address data, telephone number, mobile number, or online identifiers such as your device id and your IP address.
b) What is processing?
“Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means. The term is broad and covers virtually any handling of data.
c) Who is responsible for data processing?
The responsible party for data processing is Rahma Global Center for Coaching and Consulting LLC of 30 N Gould St #31660, Sheridan, Wyoming 82801, USA (“Rahma Global Academy”, “we”, “us”, or “our”). If you have any questions or if you wish to exercise your rights, please contact us using [email protected], call +905511542773 or write to us at the above address.
d) What law applies?
Our use of your Personal Data is subject to Wyoming`s statutory and common law consumer protection and data security provisions and, and the EU’s General Data Protection Regulation (“GDPR”), and of course we process your Personal Data accordingly.
e) What are the Legal Bases for processing Personal Data
We have to have at least one of the following legal bases to process your Personal Data: a) you have given your consent, b) the data is necessary for the fulfillment of a contract / pre-contractual measures, c) the data is necessary for the fulfillment of a legal obligation, or d) the data is necessary to protect our legitimate interests, provided that your interests are not overridden.
f) Who is the competent data protection authority?
You have the right to complain about our processing of Personal Data to a supervisory authority responsible for data protection. The supervisory authority in Wyoming is: The Office of the Attorney General (https://attorneygeneral.wyo.gov/). We would, however, appreciate the chance to deal with your concerns before you approach the Office of the Attorney General.
g) How long will you keep my data?
We process and store your Personal Data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period exists (in particular commercial and tax law in accordance with Wyoming`s Commercial Law and Fiscal Regulations and others for up to 6 years. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.
What Personal Data do we process?
a) Data that we collect automatically
i) Technical Data
When you access our website, some access data is recorded automatically and stored in a log file on our website’s server. This means if you browse and simply have a look at our website, we process a) the IP address of your computer, b) the date and time of your access, c) the name and URL of the accessed file, d) the browser used, e) the amount of bytes transferred, f) the status of the page request, g) the session ID and g) the referrer URL. The legal basis for processing is our legitimate interest.
ii) Hosting of our website
The hosting service used by us for the purpose of operating our website is Cloudflare, Inc. In doing so Cloudflare, processes all data to be processed in connection with the operation of this website, including log files on our behalf. The legal bases for processing are our legitimate interests, the provision of contractual services and the conclusion of the contract for our services.
iii) Content Management System
We also use the Content Management System (CMS) of WordPress by Automattic Inc to publish and maintain the created and edited content and texts on our website. This means that all content and texts submitted to our website are transferred to WordPress. The legal basis for this processing is our legitimate interest.
iv) Ecommerce system
To provide our ecommerce system, we use the WooCommerce service developed and operated by Automattic, Inc. WooCommerce provides us with their online e-commerce platform through which we can offer our premium listing features for sale to you. Both your contract data and your usage data are stored on WooCommerce’s servers. The legal basis for processing is the provision or initiation of a contractual service.
v) Cookies and Cookie Consent Management Tool
We use so-called cookies on our web site. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy. The legal basis for the use of cookies is your consent as well as our legitimate interest.
As described in our Cookie Policy, we use so-called cookies on our website. As the use of Non-essential Cookies requires in accordance with Wyoming`s statutory and common law consumer protection and data security provisions and the EU`s Privacy and Electronic Communications Directive (“PECD”), your consent, we use a cookie consent management tool to obtain and of course document your preferences. Consequently, we process: a) your consent(s) or revocation of your consent(s), b) your IP address, c) Information about your browser, d) Information about your device, e) Time of your visit to our website. The basis for processing is our legitimate interest and your consent. For further information on the cookies we use, please refer to our Cookie Policy.
vi) Economic analyses and market research
For business reasons, we analyze the data we have on web and server traffic patterns, website interactions, browsing behavior etc. The analyses serve us alone and are not disclosed externally and processed using anonymous analyses with summarized and or anonymized values. For this purpose we use Google Analytics. The legal basis is our legitimate interest and your consent. For further information, please refer to our Cookie Policy.
vii) Fonts
We use Google Fonts by Google LLC and Font Awesome of Fonticons Inc on our website to display external fonts. To enable the display of certain fonts on our website, a connection to a Google/Font Awesome server is established when our website is accessed. The connection to Google/Font Awesome established when you call up our website enables Google/Font Awesome to determine which website sent your request and to which IP address the display of the font is to be transmitted. This represents a legitimate interest.
viii) reCAPTCHA
We also use Google`s reCAPTCHA from Google LLC to check whether data input is made by a human being or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. The legal basis for using reCAPTCHA is our legitimate interest.
ix) Google Maps
Our website uses Google Maps API of the provider Google LLC to visually display geographical information. When using Google Maps, Google also collects, processes and uses data about visitors’ use of the map functions including their IP address. You can find more information about data processing by Google in the Google privacy policy. The integration of Google Maps represents a legitimate interest.
x) Links to other websites
Please note that if you use a link from our website to a third party website, that third party may also set new cookies that are not covered by this policy. In such cases, we recommend that you read the cookie policy on the third-party website itself.
b) Data that we collect directly
i) Contacting us
You can contact us in various ways and data is always collected in the process. You provide us with most of the data that we process when you contact us such as your name, and email address. This data is collected and processed exclusively for the purpose of contacting you and processing your request and then deleted again, provided that there is no legal obligation to retain it. The legal basis is both your consent and contract.
We also offer to contact us via the messaging services of WhatsApp. If you contact us via WhatsApp we store and use the mobile phone number, you use and – if provided – your first and last name in accordance with the provision of a contractual or pre-contractual measure to process and respond to your request.
ii) Account Registration
If you create a user account, we will collect your User Name, Email Address, and your Password. Within your profile you are able to delete your account at any time. Your data will be processed on the basis of your consent.
iii) Profile
As a registered user, you have the opportunity to create a user profile with just a few clicks and details. If you make use of the option, the relevant profile data (First name and last name, Phone number , Address, Age, Location), you provide will be transferred to your profile. Of course, you can change the information at any time via the settings in your profile.
The legal basis for the processing of your Personal Data is the establishment and implementation of the user contract for the use of the service. We store the data until you delete your user account. Insofar as legal retention periods are to be observed, storage also takes place beyond the time of deletion of a user account.
Alternatively, you are able to sign up using the convenience feature from Google, Facebook and X (formerly Twitter). For convenience login and sign up, you will be asked to provide your basic information (i.e., name, email address, and display picture) which is linked to your Google or Facebook or X account, as applicable. When registering via convenience functions, you consent to certain data from your respective profile of being transferred to us.
iv) Contractual Services and our Courses
We process the Personal Data involved when you enter into a contract with us in order to be able to provide our contractual services. This includes in particular learner support, correspondence with you, invoicing, fulfillment of our contractual, accounting and tax obligations. Accordingly, the data is processed on the basis of fulfilling our contractual obligations and our legal obligations.
v) Learning management system
For optimal learner support, we use your first name, last name, e-mail address and the data related to your contract with us. Your data may be stored in our learning management system (“LMS system”) MasterStudy LMS which is provided by StylemixThemes. This data processing is based on our legitimate interest in providing our customer service.
vi) Payment Data
If you make a purchase your payment will be processed via the payment service providers PayPal and Stripe and payment will solely be processed through the payment system of PayPal and Stripe. The legal basis for the provision of a payment system is the establishment and implementation of the user contract for the use of the service.
If you make a payment via bank and wire transfer or crypto wallet, we receive Payment Confirmations, Payment data will solely be processed through your service provider and we have no access to any Payment Data you may submit to your bank.
vii) Administration, financial accounting, office organization, contact management
We process data in the context of administrative tasks as well as organization of our business, and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The processing bases are our legal obligations and our legitimate interest.
viii) Service Notifications
By using our services, you are giving your consent to receiving notifications and messages per email. Those typically include general, profile and content information in relation to your use of our Services. Our system notifications are designed to enhance your experience. You can of course opt out from receiving notifications by following the unsubscribe instructions at the bottom of every notification e-mail sent by us. The legal bases are to provide you with our services and your consent as well as our legitimate interest.
ix) Promotional use of your data
We use your data within the legally permissible scope for marketing purposes, e.g., to draw your attention to special promotions and discount offers using the services of AWeber and MailChimp. In addition, we may draw your attention to comparable offers by email, e.g., we may inform you about exclusive sales, promotions, or special events. The legal basis for processing is our legitimate interest.
x) Newsletter
If you subscribe to our newsletter, we will use your name and email address to send you information about deals, promotions, news using the services of AWeber and MailChimp to whom we pass on your email address and name for this purpose. You can find an unsubscribe link at the end of each newsletter. The legal basis is our legitimate interest and your consent.
Data Sharing
In certain cases, it is necessary to transmit the processed Personal Data in the course of data processing. In this respect, there are different recipient bodies and categories of recipients.
Internal
If necessary, we transfer your Personal Data within Rahma Global Academy. Of course, we comply with the associated legal framework and ensure that your data is processed properly. Access to your Personal Data is only granted to authorized employees who need access to the data due to their job or to contact you in case of queries.
External bodies
Personal Data is transferred to our service providers in the following instances:
to use marketing services and to advertise our services and courses online,
to communicate with you,
to provide our website and courses, and
to state authorities and institutions as far as this is required or necessary.
International transfers
We may transfer your Personal Data to other companies as necessary for the purposes described in this Privacy Policy. In order to provide adequate protection for your Personal Data when it is transferred, we have contractual arrangements regarding such transfers. We take all reasonable technical and organizational measures to protect the Personal Data we transfer.
Security of your data
In order to protect the data stored with us in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we use appropriate technical and organizational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.
Nevertheless, internet-based data transmissions can always have security gaps, so that absolute protection cannot be guaranteed. And databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised as expeditiously as possible after which the breach was discovered.
Marketing
Insofar as you have given us your separate consent to process your data for marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.
You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or contractual relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or contractual relationship with us.
Direct Marketing generally takes the form of email but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe or opt out.
Based on your recent purchases, we will send you information on similar products by email. In addition to these product recommendations, the e-mails may also contain vouchers. If you no longer wish to receive product recommendations from us, you can object to this at any time. You will find the unsubscribe link in every email you receive from us.
Social Media
General
We are present on social media on the basis of our legitimate interest (currently, Facebook, Instagram, TikTok and X (formerly Twitter)). If you contact or connect with us via social media, we and the relevant social media platform are jointly responsible for the processing of your data and enter into a so-called joint controller agreement. The Personal Data collected when contacting us is to handle your request and the bases are both your consent and our legitimate interest.
Market research and advertising
In addition, your data may be processed for market research and advertising purposes. For example, usage profiles can be created from your usage behavior and the resulting interests. This allows, for example, advertisements to be placed within and outside the platforms that presumably correspond to your interests. The legal basis is our legitimate interest.
When you visit our profiles and interact with us and others
When you visit our social media profiles, we, as the operator of the profile, process your actions and interactions with our profile (e.g., the content of your messages, enquiries, posts or comments that you send to us or leave on our profile or when you like or share our posts) as well as your publicly viewable profile data (e.g., your name and profile picture). Which Personal Data from your profile is publicly viewable depends on your profile settings, which you can adjust yourself in the settings of your social media account. The legal basis is our legitimate interest and your consent.
Advertising
We would like to show you interesting advertising outside of our website and use various third-party tools and cookies for this purpose. These collect and process information about your activities on our website – for example, which products you are interested in or which pages you visit. By knowing what you are looking for and how you use our website, we can adapt our advertising to your needs. And thus increase the likelihood that you will also be shown suitable and interesting advertising outside our website.
We also analyze this data to evaluate the relevance of the advertisements and to optimize the advertisements for you. Through the tools, your browser regularly establishes a connection to the server of the tool provider when you visit our website. For some tools, we have no direct influence on what data is processed by the providers. The following personal data may be processed by third-party providers i) HTTP header information (e.g., IP address, web browser, website URL, date and time); ii) measuring pixel-specific data (e.g., pixel ID and cookie ID); and iii) additional information about visits to our website (e.g., orders placed, products clicked on). The legal bases for processing are our legitimate interest and your consent in case of cookies. For further information, please refer to our Cookie Policy.
Your Rights and Privileges
Privacy rights
Under the GDPR, you can exercise the following rights:
The right to access;
The right to rectification;
The right to erasure;
The right to restrict processing;
The right to object to processing;
The right to data portability;
The right to complaint to a supervisory authority
Updating your information and withdrawing your consent
If you believe that the information we hold about you is inaccurate or request its rectification, deletion, or object to its processing, please do so in your account or by contacting us.
USA Users
The following applies to all users located in the United States. While we understand and appreciate that privacy and consumer data protection laws differ as they are subject to each state’s legislature and that no data protection framework similar to the GDPR exists on a federal level, we are committed to follow and apply the for your state relevant privacy rules and regulations.
As of the day of drafting, the following states had enacted privacy and consumer data protection laws:
California Consumer Privacy Act (“CCPA”) including its subsequent amendments from the California Privacy Rights and Enforcement Act (“CPRA”);
Colorado Privacy Act (“CPA”);
Connecticut Data Privacy Act (“CTDPA”);
Delaware Personal Data Privacy Act (“DPDPA”);
Indiana Consumer Data Protection Act (“ICDPA”);
Iowa Consumer Data Protection Act (“ICDPA”);
Montana Consumer Data Privacy Act (“MCDPA”);
Oregon Consumer Privacy Act (“OCPA”);
Tennessee Information Protection Act (“TIPA”);
Texas Data Privacy and Security Act (“TDPSA”);
Utah Consumer Privacy Act (“UCPA”); and
Virginia Consumer Data Protection Act (“VCDPA”).
Further and under consideration of the similarities of the above provisions, no conflict should arise pursuing a uniform approach in granting all users in the USA the same rights and privileges as set out above. However, should ambiguity occur the most stringent provision is chosen to ensure the most comprehensive approach when it comes to protecting your Personal Data.
Further, the following also apply
i) “Shine the Light”
“Shine the Light” law (Civil Code Section 1798.83) requires us to respond to requests from California asking about the business’s practices related to disclosing Personal Data to third parties for the third parties’ direct marketing purposes. You may make a request about our collection and disclosure of your Personal Data using the contact details provided.
ii) COPPA (Children Online Privacy Protection Act)
When it comes to the collection of Personal Data from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under the age of 13 years old.
iii) CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. To be in accordance with CAN SPAM, we agree to the following: If at any time you would like to unsubscribe from receiving future emails, you can email us, and we will promptly remove you from ALL correspondence.
iv) Telephone Consumer Protection Act (TCPA)
If we process your Personal Data for the purpose of sending you SMS marketing communications, you may manage your receipt of marketing and non-transactional communications from us by replying or texting ‘STOP’ if you receive our SMS communications. In this respect, the data processing is carried out solely on the basis of our consent in personalized direct advertising per SMS.
v) Controls For Do-Not-Track Features
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (‘DNT’) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, our website does not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this policy.
vi) Right to complain
Finally, and in regard to the right to complain to a supervisory authority. You have the right to lodge a complaint about our processing of Personal Data with a supervisory authority responsible for data protection. In Wyoming this is the Office of the Attorney General (https://attorneygeneral.wyo.gov/). Users based in Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia may lodge a complaint with the relevant district attorney or attorney general office. However, we would appreciate the opportunity to address your concerns before you contact any supervisory authority.
Access Request
In the event you want to make a Data Subject Access Request, please contact us. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days, we will tell you why and when we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we will tell you why.
What we do not do
We do not request Personal Data from minors and children;
We do not use Automated decision-making including profiling; and
We do not sell your Personal Data.
Changes
We may update this Privacy Policy from time to time. If we make changes to this Privacy Policy, we will revise the effective date.
Effective Date
Tuesday, March 5th, 2024
Questions
If you feel that the above is not sufficient or if you have any queries as regards the collection, processing or use of your information we are looking forward to hearing from you. We will make every effort to reply as soon as possible and take into consideration any suggestions from your end.