Last Updated:
Thraxelliathun is committed to protecting the privacy and security of your personal data. This Data Protection statement explains our approach to data protection and outlines the measures we take to ensure your information is handled responsibly and in compliance with applicable data protection laws.
We recognize that your personal data is valuable and sensitive. We have implemented comprehensive policies, procedures, and technical measures to protect your data from unauthorized access, use, disclosure, alteration, or destruction.
This statement should be read in conjunction with our Privacy Policy, which provides detailed information about how we collect, use, and share your personal data.
Our data protection practices are designed to comply with applicable data protection laws and regulations, including but not limited to the California Consumer Privacy Act and other relevant state and federal privacy laws in the United States.
We regularly review and update our data protection practices to ensure ongoing compliance with evolving legal requirements and industry best practices. Our commitment to data protection extends beyond mere legal compliance to encompass ethical data handling principles.
We maintain documentation of our data processing activities and are prepared to demonstrate our compliance with applicable data protection requirements to regulatory authorities upon request.
Our data protection practices are guided by fundamental principles that govern how we handle personal data:
Lawfulness, fairness, and transparency: We process personal data lawfully, fairly, and in a transparent manner. We provide clear information about our data processing activities and ensure that individuals understand how their data is being used.
Purpose limitation: We collect personal data for specified, explicit, and legitimate purposes and do not process it in a manner incompatible with those purposes. We clearly communicate the purposes for which we collect data at the time of collection.
Data minimization: We collect only the personal data that is adequate, relevant, and necessary for the purposes for which it is processed. We do not collect excessive data or retain data longer than necessary.
Accuracy: We take reasonable steps to ensure that personal data is accurate and kept up to date. We provide mechanisms for individuals to correct inaccurate data and update their information.
Storage limitation: We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. We have established retention schedules and procedures for secure data deletion.
Integrity and confidentiality: We implement appropriate technical and organizational measures to ensure the security of personal data, protecting it against unauthorized or unlawful processing and accidental loss, destruction, or damage.
Accountability: We take responsibility for our data processing activities and can demonstrate compliance with data protection principles. We maintain records of our processing activities and conduct regular audits.
In the course of providing our training services, we process various categories of personal data:
Identity data includes your name, username, title, date of birth, and other identifiers. This information helps us identify you and maintain your account.
Contact data includes your address, email address, and telephone numbers. We use this information to communicate with you about our services and respond to your inquiries.
Financial data includes payment card details and bank account information. This data is necessary to process payments for our training programs. We use secure payment processors and do not store complete payment card information on our servers.
Transaction data includes details about payments to and from you and information about the courses you have enrolled in. This data helps us manage your enrollment and provide customer support.
Technical data includes your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
Profile data includes your username and password, your interests, preferences, feedback, and survey responses. This information helps us personalize your experience and improve our services.
Usage data includes information about how you use our website and services. This data helps us understand user behavior and improve our offerings.
Marketing and communications data includes your preferences in receiving marketing communications from us and your communication preferences.
We process personal data only when we have a legal basis to do so. The legal bases we rely on include:
Consent: In some cases, we process personal data based on your explicit consent. When we rely on consent, we provide clear information about the processing and obtain your affirmative agreement. You have the right to withdraw consent at any time.
Contract performance: We process personal data when necessary to perform a contract with you, such as when you enroll in our training programs. This includes processing necessary to provide the services you have requested.
Legal obligations: We process personal data when necessary to comply with legal obligations, such as tax reporting requirements or responding to lawful requests from authorities.
Legitimate interests: We may process personal data when necessary for our legitimate interests or those of a third party, provided these interests are not overridden by your rights and interests. For example, we have a legitimate interest in analyzing website usage to improve our services.
We implement comprehensive security measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. Our security measures include:
Technical safeguards such as encryption of data in transit and at rest, secure socket layer technology for data transmission, firewalls and intrusion detection systems, regular security updates and patches, and secure authentication mechanisms.
Organizational safeguards including access controls that limit employee access to personal data based on job responsibilities, confidentiality agreements with employees and contractors, regular security training for staff, incident response procedures, and regular security audits and assessments.
Physical safeguards such as secure facilities with controlled access, surveillance systems, and secure disposal procedures for physical documents containing personal data.
We regularly test and evaluate the effectiveness of our security measures and update them as necessary to address emerging threats and vulnerabilities.
Despite our security measures, no system is completely secure. In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant authorities in accordance with applicable law.
We have established procedures for detecting, investigating, and responding to data breaches. Our incident response plan includes steps to contain the breach, assess its impact, notify affected individuals and authorities, and implement measures to prevent future breaches.
If we discover a breach, we will notify affected individuals without undue delay and provide information about the nature of the breach, the likely consequences, and the measures we are taking to address it.
Your personal data may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.
When we transfer personal data internationally, we implement appropriate safeguards to ensure that your data receives an adequate level of protection. These safeguards may include standard contractual clauses approved by relevant authorities, adequacy decisions, or other legally recognized transfer mechanisms.
We ensure that any third parties to whom we transfer data are obligated to protect your personal data in accordance with applicable data protection laws and our data protection standards.
You have various rights regarding your personal data, depending on your location and applicable law. These rights may include:
Right of access: You have the right to request access to your personal data and obtain information about how we process it. We will provide you with a copy of your personal data upon request.
Right to rectification: You have the right to request correction of inaccurate or incomplete personal data. We will update your information promptly upon receiving a valid request.
Right to erasure: In certain circumstances, you have the right to request deletion of your personal data. We will comply with such requests unless we have a legal obligation or legitimate reason to retain the data.
Right to restrict processing: You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.
Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
Right to object: You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will cease processing unless we have compelling legitimate grounds.
Right to withdraw consent: Where we process your personal data based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before withdrawal.
Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates applicable law.
To exercise any of your data protection rights, please contact us using the information provided at the end of this statement. We will respond to your request within the timeframe required by applicable law, typically within 30 days.
We may need to verify your identity before processing your request to ensure we are disclosing or modifying data only to the rightful owner. We will request only the information necessary for verification purposes.
In most cases, we will fulfill your request free of charge. However, if your request is manifestly unfounded, excessive, or repetitive, we may charge a reasonable fee or refuse to act on the request.
We have designated a data protection contact responsible for overseeing our data protection practices and ensuring compliance with applicable laws. If you have questions or concerns about how we handle your personal data, you may contact our data protection contact.
Our data protection contact is available to assist with data protection inquiries, handle requests to exercise data protection rights, and address complaints about our data processing activities.
Our services are not directed to children under the age of 18, and we do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without appropriate parental consent, we will take steps to delete that information promptly.
If you are a parent or guardian and believe that your child has provided us with personal data, please contact us so that we can take appropriate action.
We do not engage in automated decision-making, including profiling, that produces legal effects or similarly significantly affects individuals. Any decisions that may affect your rights or interests are made with human involvement.
If we implement automated decision-making in the future, we will provide appropriate information about the logic involved and the significance and consequences of such processing, and we will implement measures to safeguard your rights.
We engage third-party service providers to process personal data on our behalf. These processors are contractually obligated to process data only in accordance with our instructions and to implement appropriate security measures.
We carefully select our data processors and conduct due diligence to ensure they can provide sufficient guarantees regarding data protection. We maintain oversight of their processing activities through contractual provisions and periodic audits.
We may update this Data Protection statement from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post any updates on this page and update the revision date.
If we make material changes that significantly affect your rights, we will provide prominent notice or seek your consent where required by law.
If you have questions, concerns, or requests regarding data protection or our data processing practices, please contact us:
Thraxelliathun
Data Protection Contact
2929 East Camelback Road, Suite 216
Phoenix, Arizona 85016, USA
Phone: (913) 338-1143
Email: relations@thraxelliathun.world
We are committed to addressing your concerns and will respond to your inquiries as promptly as possible.