DeepLearnAcademy Inc. ("DeepLearnAcademy," "we," "us," or "our") respects your privacy and is committed to protecting personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable Ontario privacy principles. This Privacy Policy explains what information we collect, why we collect it, how we use and disclose it, where it is stored, and what rights you have.
1. Accountability
DeepLearnAcademy Inc. is responsible for personal information under our control. We have designated a privacy contact reachable at [email protected]. Questions, complaints, or access requests may also be directed to our main office at 275 Larch Street, Suite 402, Sudbury, ON P3E 1B2, Canada, or by telephone at +1 (705) 555-4281.
2. Identifying purposes
We collect personal information for identified purposes and do not use it for unrelated purposes without consent, except where permitted by law. Primary purposes include:
- Responding to programme enrolment enquiries, cohort registration requests, and corporate AI training inquiries submitted through our website or email;
- Processing enrolment applications, tuition payments, and attendance records for academy programmes;
- Delivering instruction, instructor feedback, peer review coordination, and capstone assessment;
- Issuing certificates of completion and maintaining training records as required for vocational programme administration;
- Communicating schedule changes, policy updates, and service-related notices;
- Improving website functionality, security, and user experience when you consent to optional analytics cookies;
- Complying with legal, regulatory, and tax obligations applicable to Ontario corporations.
3. Consent
We obtain meaningful consent before collecting, using, or disclosing personal information, except where the law permits collection without consent. Website contact forms require an explicit PIPEDA consent checkbox that is not pre-checked. Enrolment contracts include separate consent language for programme-specific data uses. You may withdraw consent for non-essential processing subject to legal or contractual restrictions; withdrawal may limit our ability to deliver certain services.
4. Limiting collection
We collect only information reasonably necessary for the purposes identified. Typical categories include:
- Identity and contact data: name, email address, phone number, mailing address, employer name (optional);
- Enrolment data: programme selections, prerequisite declarations, payment references, attendance logs;
- Instructional data: lab submissions, discussion participation, assessment scores, capstone materials;
- Technical data: IP address, browser type, device identifiers, cookie preferences, server logs;
- Communication records: email correspondence and support tickets.
We do not collect health information, government identity numbers, or financial card numbers through public contact forms. Payment card data is processed by third-party payment processors under their own privacy terms.
5. Limiting use, disclosure, and retention
Personal information is used only for the purposes for which it was collected, unless you consent to additional uses or the law authorises otherwise. We do not sell personal information. We may disclose information to:
- Instructors and teaching assistants involved in your cohort delivery;
- Cloud hosting and email service providers operating under contractual confidentiality obligations;
- Payment processors for tuition transactions;
- Professional advisors (legal, accounting) bound by confidentiality;
- Law enforcement or regulators when required by valid legal process.
Retention periods vary by data category. Enrolment and instructional records are typically retained for seven years after programme completion for audit and dispute resolution. Marketing enquiry data is deleted within twenty-four months if no enrolment occurs. Server logs rotate on a ninety-day cycle unless security investigation requires longer retention.
6. Accuracy
We rely on you to provide accurate information. You may request correction of inaccurate or incomplete personal information by contacting [email protected]. We will amend records where appropriate and notify third parties who received incorrect data when feasible.
7. Safeguards
We implement administrative, technical, and physical safeguards proportionate to information sensitivity, including access controls, encrypted transport (HTTPS), role-based permissions for staff, and secure disposal procedures. No method of transmission or storage is completely secure; we cannot guarantee absolute security but we review controls regularly.
8. Openness
This policy is publicly available at deeplearnacademy.one/privacy.php. Supplementary information about specific programme data practices is provided in enrolment documentation. Our legal imprint is published at /legal.php. Upon request, we explain our policies and practices in understandable terms, including the types of personal information we hold and general accountability measures.
8a. Sensitive information
We generally do not collect sensitive categories such as health data, biometric identifiers, or government-issued identity numbers through our public website. If future programmes require exceptional categories, we will identify the purpose, obtain appropriate consent, and apply heightened safeguards before collection.
9. Individual access
You may request access to personal information we hold about you, subject to limited exceptions under PIPEDA. We respond within thirty days where practicable. Access requests should include sufficient detail to locate records. If we deny access, we explain the reason and outline complaint options.
10. Challenging compliance
If you believe we have not handled your personal information appropriately, contact [email protected] first. You may also file a complaint with the Office of the Privacy Commissioner of Canada if concerns remain unresolved.
11. Website and cookies
Our website uses essential cookies for security and consent storage. Optional analytics cookies activate only with your consent via the cookie banner. See our Cookie Policy for categories, durations, and opt-out instructions. Cookie preferences are stored locally for six months unless you clear browser data.
12. International transfers
Primary hosting uses Canadian and North American infrastructure. Some subprocessors may process data in the United States under contractual clauses requiring protection comparable to PIPEDA principles. We assess transfer risks before engaging new vendors.
13. Children's privacy
Our programmes are designed for adult learners and professionals. We do not knowingly collect personal information from individuals under sixteen without verified parental consent. Contact us to request deletion if you believe a minor submitted data in error.
14. Changes to this policy
We may update this Privacy Policy to reflect legal, technical, or operational changes. Material updates will be posted on this page with a revised "Last updated" date. Continued use of our services after updates constitutes acceptance where permitted by law.
15. Marketing communications
With your consent, we may send programme announcements, enrolment window reminders, and academy news by email. You may unsubscribe using the link in any marketing message or by contacting [email protected]. Transactional messages related to active enrolment — schedule changes, assessment feedback, billing receipts — are not marketing and may be sent without separate marketing consent where necessary to deliver contracted services.
16. Automated decision-making
We do not make enrolment decisions solely through automated processing without human review. Prerequisite self-assessments on forms are advisory; faculty or admissions staff confirm suitability before final acceptance. AI-assisted tools used in coursework do not determine grades without instructor oversight.
17. Data breach notification
If a breach of security safeguards creates a real risk of significant harm, we will notify affected individuals and the Privacy Commissioner of Canada as required by PIPEDA breach notification provisions. We maintain an incident response plan including containment, assessment, remediation, and communication steps.
18. Records of processing
We maintain internal records describing major processing activities — enrolment administration, instructional delivery, payment reconciliation, and website analytics — to demonstrate accountability. Summaries are available to regulators upon lawful request.
19. Law enforcement requests
We review law enforcement and regulatory requests for personal information carefully. Disclosure occurs only when we believe the request is valid under Canadian law, scoped appropriately, and supported by proper authority. We notify affected individuals when legally permitted to do so.
20. Data portability
Upon request, enrolled learners may receive copies of personal information and key instructional records we hold in commonly used electronic formats where technically feasible. Requests should specify the data categories sought. We may require identity verification before release.
21. De-identification and research
We may use de-identified or aggregated data derived from instructional interactions to improve curriculum design and publish anonymised statistics about cohort outcomes. De-identification processes aim to remove direct identifiers; residual re-identification risk is minimised through aggregation thresholds.
21a. Employee and contractor privacy
Instructors, teaching assistants, and administrative staff receive privacy training appropriate to their roles. Access to learner records is granted on a need-to-know basis and logged where systems support auditing. Contractors processing personal information on our behalf must execute agreements requiring PIPEDA-aligned safeguards and breach notification cooperation.
21b. Social media and public communications
If you interact with DeepLearnAcademy accounts on third-party social platforms, those platforms' privacy policies govern your interactions. We do not import social media credentials into enrolment systems without explicit consent. Public testimonials or capstone showcases are published only with documented permission.
21c. Retention schedule summary
Contact form submissions: up to twenty-four months. Active enrolment files: duration of programme plus seven years. Payment records: seven years for tax compliance. Marketing suppression lists: retained until you opt in again or request deletion where lawful. Analytics logs: ninety days unless extended for security investigations with documented justification.
22. Contact
DeepLearnAcademy Inc.
275 Larch Street, Suite 402, Sudbury, ON P3E 1B2, Canada
Email: [email protected]
Phone: +1 (705) 555-4281
BN 837058392NS0001
We aim to acknowledge privacy correspondence within five business days and resolve access requests within thirty days where practicable, subject to complexity and legal exceptions under PIPEDA.