General Data Protection Regulation (GDPR) Compliance Policy

Last Updated: February 23, 2025

Neutronex is committed to protecting the privacy and security of personal data in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws. This policy outlines how we collect, process, store, and protect your personal information.

1. Data Controller Information

Company Name: Neutronex
Address: 64 Church St, Klerksdorp Central, Klerksdorp, 2570, South Africa
Email: [email protected]
Phone: +27 660 397 761

2. Personal Data We Collect

We collect and process the following categories of personal data:

2.1 Information You Provide Directly

Name and contact details (email address, phone number)
Account credentials (username, password)
Profile information (educational preferences, learning progress)
Payment and billing information
Communications and correspondence
Quiz responses and test results
Feedback and survey responses

2.2 Information Collected Automatically

Device information (IP address, browser type, operating system)
Usage data (pages visited, time spent, interaction patterns)
Cookies and similar tracking technologies
Log files and analytics data
Performance metrics and learning statistics

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Consent: You have given explicit consent for processing your data for specific purposes
Contractual Necessity: Processing is necessary to perform our contract with you or to take steps before entering into a contract
Legal Obligation: Processing is required to comply with legal or regulatory obligations
Legitimate Interests: Processing is necessary for our legitimate business interests, provided your rights do not override these interests

4. How We Use Your Personal Data

We use your personal information for the following purposes:

Providing and managing access to our educational platform
Delivering interactive quizzes, tests, and learning content
Processing payments and managing subscriptions
Personalizing your learning experience and recommendations
Tracking progress and providing feedback
Communicating important updates, announcements, and support
Improving platform functionality and user experience
Analyzing usage patterns and performance metrics
Ensuring platform security and preventing fraud
Complying with legal and regulatory requirements
Marketing communications (with your consent)

5. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

5.1 Service Providers

Cloud hosting and storage providers
Payment processing services
Email and communication platforms
Analytics and performance monitoring tools
Customer support systems

5.2 Legal Requirements

Law enforcement agencies when required by law
Regulatory authorities and government bodies
Legal advisors and auditors
Courts and dispute resolution bodies

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the relevant third parties.

Third-Party Safeguards: All third parties are contractually obligated to protect your data and use it only for specified purposes.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside your region. When we transfer data internationally, we ensure appropriate safeguards are in place:

Standard Contractual Clauses approved by regulatory authorities
Adequacy decisions confirming appropriate data protection levels
Binding Corporate Rules for intra-organization transfers
Your explicit consent for specific transfers

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

Active Accounts: Data retained while your account remains active
Closed Accounts: Data retained for 90 days after account closure, except where longer retention is required
Legal Requirements: Data retained as required by law (typically 7 years for financial records)
Legitimate Interests: Data retained for dispute resolution, fraud prevention, and legal compliance

After the retention period expires, we securely delete or anonymize your personal data.

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

8.1 Right of Access

You can request confirmation of whether we process your data and obtain a copy of your personal information.

8.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

8.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data under certain circumstances:

Data is no longer necessary for the original purpose
You withdraw consent and no other legal basis exists
You object to processing and no overriding legitimate grounds exist
Data has been unlawfully processed
Legal obligations require erasure

8.4 Right to Restriction of Processing

You can request limitation of how we use your data when:

You contest the accuracy of the data
Processing is unlawful but you prefer restriction over erasure
We no longer need the data but you require it for legal claims
You have objected to processing pending verification

8.5 Right to Data Portability

You can receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.

8.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

8.7 Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significant impacts.

8.8 Right to Withdraw Consent

Where processing is based on consent, you can withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

9. Exercising Your Rights

To exercise any of your rights, please contact us using the following methods:

Email: [email protected]
Phone: +27 660 397 761
WhatsApp: +27 660 397 761
Telegram: +27 660 397 761
Mail: 64 Church St, Klerksdorp Central, Klerksdorp, 2570, South Africa

Response Time: We will respond to your request within 30 days. If we require additional time, we will inform you of the extension and reasons.

Verification: We may request additional information to verify your identity before processing requests.

No Fee: Exercising your rights is generally free. However, we may charge a reasonable fee for manifestly unfounded, excessive, or repetitive requests.

10. Data Security Measures

We implement comprehensive technical and organizational measures to protect your personal data:

10.1 Technical Measures

Encryption of data in transit and at rest
Secure socket layer (SSL) technology
Regular security assessments and penetration testing
Firewalls and intrusion detection systems
Access controls and authentication mechanisms
Regular software updates and patch management
Secure backup and disaster recovery procedures

10.2 Organizational Measures

Staff training on data protection and security
Confidentiality agreements with employees and contractors
Data protection impact assessments
Incident response and breach notification procedures
Regular audits and compliance reviews
Privacy by design and default principles

11. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms:

We will notify the relevant supervisory authority within 72 hours of becoming aware of the breach
We will notify affected individuals without undue delay if the breach poses a high risk
Notifications will include the nature of the breach, potential consequences, and measures taken or proposed
We maintain documentation of all data breaches, including facts, effects, and remedial actions

12. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. For detailed information about our use of cookies, please refer to our Cookie Policy.

Cookie Categories:

Strictly Necessary: Essential for platform functionality
Performance: Help us understand how you use our platform
Functional: Remember your preferences and settings
Targeting: Deliver relevant content and advertisements (with consent)

You can manage cookie preferences through your browser settings or our cookie consent tool.

13. Children's Privacy

Our platform is not intended for children under the age of 16. We do not knowingly collect personal data from children without parental consent.

If we become aware that we have collected personal data from a child without appropriate consent, we will take steps to delete such information promptly.

Parents or guardians who believe we may have collected information from a child should contact us immediately.

14. Marketing Communications

We may send you marketing communications about our services, educational content, and special offers:

Consent: We will obtain your consent before sending marketing communications
Opt-Out: You can unsubscribe at any time using the link in our emails or by contacting us
Preferences: You can manage your communication preferences in your account settings
Service Communications: We may still send essential service-related communications even if you opt out of marketing

15. Third-Party Links

Our platform may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties.

We encourage you to review the privacy policies of any third-party services you access through our platform.

16. Updates to This Policy

We may update this GDPR Compliance Policy periodically to reflect changes in our practices, legal requirements, or business operations.

Notification: We will notify you of material changes through email or prominent notice on our platform
Effective Date: Changes become effective on the date specified in the updated policy
Continued Use: Your continued use of our platform after changes constitute acceptance of the updated policy
Version History: Previous versions are available upon request

17. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have processed your personal data in violation of applicable data protection laws.

You can contact your local data protection authority or the authority in the jurisdiction where:

You have your habitual residence
Your place of work is located
The alleged infringement occurred

We encourage you to contact us first so we can address your concerns directly.

18. Data Protection Officer

For questions about our data protection practices or this policy, you can contact our Data Protection Officer:

Email: [email protected]
Subject Line: Attention: Data Protection Officer
Address: 64 Church St, Klerksdorp Central, Klerksdorp, 2570, South Africa

19. Contact Information

For any questions, concerns, or requests regarding this GDPR Compliance Policy or our data processing practices, please contact us:

Neutronex
64 Church St, Klerksdorp Central
Klerksdorp, 2570
South Africa

Email: [email protected]
Phone: +27 660 397 761
WhatsApp: +27 660 397 761
Telegram: +27 660 397 761

Effective Date: This policy is effective as of February 23, 2025, and applies to all personal data processed from that date forward.

By using our platform, you acknowledge that you have read, understood, and agree to be bound by this GDPR Compliance Policy.