Privacy Policy
Effective date: January 1, 2026
Cinderbay Decision Institute (“we”, “our”, “us”) operates educational services at our official domain, cinderbay.bond, and related pages. This Privacy Policy explains how we collect, use, disclose, and protect information about you when you interact with our website and programs.
1. Information we collect
- Contact information you provide (name, email, phone) when submitting inquiries or enrolling.
- Account and authentication data when you sign in (hashed credentials, session tokens).
- Payment-related information processed by our payment partners; we do not store full card numbers.
- Learning activity data (course selections, progress checkpoints, assessments).
- Technical data (IP address, device, browser, approximate location) for security and performance.
- Cookies and similar technologies used to remember preferences and measure site usage.
2. How we use information
- To provide, personalize, and improve courses and support.
- To communicate about enrollments, billing, updates, and service notices.
- To secure our services, detect fraud, and prevent abuse.
- To comply with legal obligations and enforce our Terms.
3. Legal bases
Where applicable, we process data based on consent, contract performance, legitimate interests (such as service improvement and security), and compliance with legal duties.
4. Sharing
- Vendors that help us operate the service (hosting, payments, analytics, communications) under contracts and confidentiality obligations.
- Legal and safety requirements (court orders, preventing harm, protecting our rights).
- Business transfers (mergers, acquisitions) with appropriate safeguards.
5. Retention
We retain personal data only as long as necessary for the purposes in this Policy. Typical retention periods: inquiry records (18 months), enrollment records (7 years), and security logs (up to 12 months), unless longer retention is required by law.
6. Your rights
Subject to local laws, you may have rights to access, correct, delete, or port your data, and to object or restrict certain processing. To exercise these rights, contact us at [email protected].
7. International transfers
We may process data in the United States and other countries. We use appropriate safeguards such as standard contractual clauses where required.
8. Security
We apply administrative, technical, and physical controls to protect data, including encryption in transit, access controls, and audit logging. No system is perfectly secure; please exercise care when sharing information online.
9. Cookies
We use strictly necessary cookies (to maintain sessions), functional cookies (to remember preferences like theme), and performance cookies (to understand usage). You can manage cookies via your browser settings and our cookie banner.
10. Children’s privacy
Our services are intended for adults and not directed to children under 16. We do not knowingly collect information from children.
11. Changes to this Policy
We may update this Policy from time to time. We will post updates with a new effective date and, where appropriate, provide additional notice.
12. Contact
Questions or requests: [email protected] or +1 (415) 555-0198.
Plain-language summary
We collect the minimum needed to run your courses, keep it secure, and never sell your personal data. You control your preferences and can ask us to delete your information.