Privacy Policy | OpusLearn

1. Who we are

OpusLearn SAS ("OpusLearn", "we", "us", "our") is a company registered in France. We operate the OpusLearn platform at opuslearn.ai. Our data controller contact is: privacy@opuslearn.ai.

2. What data we collect

We collect information you provide directly: your name, email address, job title, company, and role when you create an account or complete the assessment. We also collect usage data automatically: pages visited, lessons completed, time spent, and device/browser information. We use cookies and similar technologies for authentication, preferences, and analytics.

3. How we use your data

We use your data to: provide and personalise our platform; send you product updates, learning reminders, and account notifications; process payments; respond to support requests; and improve our platform and content. We do not sell your data to third parties. We do not use your data to train AI models without explicit consent.

4. Legal basis for processing

Under GDPR, we process your data on the following legal bases: (a) Contract — processing necessary to provide the service you signed up for; (b) Legitimate interests — analytics and product improvement; (c) Consent — marketing communications (you can withdraw at any time); (d) Legal obligation — compliance with applicable laws.

5. Data retention

We retain your account data for as long as your account is active or as needed to provide the service. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal or accounting purposes.

6. Data sharing

We share your data with: (a) Service providers — Supabase (database), Vercel (hosting), and Stripe (payments). These providers act as data processors under GDPR and are bound by data processing agreements. (b) Legal authorities — if required by law or to protect our rights. We do not share your data with advertisers or data brokers.

7. International transfers

Our service providers may process data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

8. Your rights

Under GDPR, you have the right to: access your personal data; correct inaccurate data; request deletion of your data; object to processing; restrict processing; data portability; and withdraw consent at any time. To exercise any of these rights, contact us at privacy@opuslearn.ai. You also have the right to lodge a complaint with your local supervisory authority.

9. Cookies

We use essential cookies (required for authentication and security) and analytics cookies (to understand how the platform is used). You can manage cookie preferences in your browser settings. Disabling essential cookies may prevent you from using certain features.

10. Security

We use industry-standard security measures including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews. No system is completely secure — if you believe your account has been compromised, contact us immediately at security@opuslearn.ai.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by a prominent notice on the platform. Continued use of the platform after changes take effect constitutes acceptance of the updated policy.

12. Contact

For any privacy-related questions or to exercise your rights, contact: privacy@opuslearn.ai or write to: OpusLearn SAS, 10 rue de la Paix, 75002 Paris, France.