Privacy Policy & GDPR Compliance

1. Introduction

ISO 26262 Academy ("we," "our," or "us") is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This Privacy Policy explains how we collect, use, process, and protect your personal data when you visit our website.

2. Data Controller Information

Data Controller: ISO 26262 Academy
Contact: info@iso26262.academy
Website: https://iso26262.academy
Data Protection Officer: Available upon request

3. What Data We Collect

We collect the following types of personal data:

Data Type	Purpose	Legal Basis	Retention Period
IP Address	Error checking, security, functionality monitoring	Legitimate Interest	90 days
Request Metadata	Technical troubleshooting, service improvement	Legitimate Interest	90 days
Analytics Data (Google Analytics)	Website usage analysis, performance optimization	Consent	26 months (Google's retention)
Behavioral Data (Hotjar)	User experience improvement, website optimization	Consent	365 days
Cookies & Similar Technologies	Website functionality, analytics, user preferences	Consent	Varies by cookie type

3.1 Automatically Collected Data

IP Address: Collected automatically when you submit requests to our website
Request Metadata: Including browser type, operating system, referring pages, access times
Cookies: Small data files stored on your device for functionality and analytics

4. How We Use Your Data

We use your personal data for the following purposes:

Error Monitoring: To identify and resolve technical issues on our website
Functionality Testing: To ensure our website operates correctly
Security: To protect against fraud, abuse, and security threats
Analytics: To understand how users interact with our website (via Google Analytics)
User Experience: To improve website design and usability (via Hotjar)

Important: We do not use your personal data for any commercial purposes, marketing, or profiling beyond the technical and analytical purposes outlined above.

5. Data Sharing and Third Parties

We share your data with the following third parties:

5.1 Google Analytics

Google Analytics collects and processes data about your website usage
This includes IP addresses (anonymized), browser information, and behavioral data
Google's data processing is governed by their privacy policy
You can opt-out using Google's Analytics Opt-out Browser Add-on

5.2 Hotjar

Hotjar records user sessions and collects heatmap data
This helps us understand user behavior and improve our website
Hotjar's data processing is governed by their privacy policy
You can opt-out via Hotjar's opt-out page

                No Other Data Distribution: Except for Google Analytics and Hotjar, we do not distribute, sell, or share your personal data with any other third parties.
            

6. Your Rights Under GDPR

As a data subject, you have the following rights:

Right of Access: Request copies of your personal data
Right to Rectification: Request correction of inaccurate data
Right to Erasure: Request deletion of your personal data
Right to Restrict Processing: Request limitation of data processing
Right to Data Portability: Request transfer of your data
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent for analytics and tracking

To exercise these rights, contact us at: info@iso26262.academy

7. Cookies and Tracking Technologies

Our website uses the following types of cookies:

Essential Cookies: Required for basic website functionality
Analytics Cookies: Google Analytics tracking cookies
Functional Cookies: Hotjar session recording and heatmap cookies

You can manage cookie preferences through your browser settings or our cookie consent banner.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

Secure data transmission (HTTPS)
Regular security assessments
Access controls and authentication
Data minimization principles
Regular data deletion procedures

9. Data Retention

We retain personal data only as long as necessary:

IP Addresses and Metadata: 30 days for error checking and functionality
Google Analytics Data: 26 months (Google's default retention)
Hotjar Data: 365 days for behavioral analysis
Cookies: Varies by type (session cookies expire when you close your browser)

10. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA):

Google Analytics: Data may be transferred to the United States under Google's adequacy mechanisms
Hotjar: Data processing locations as per Hotjar's privacy policy

11. Children's Privacy

Our website is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

13. Contact Information

If you have any questions about this Privacy Policy or want to exercise your rights, please contact us:

Email: info@iso26262.academy
Website: https://iso26262.academy
Response Time: We will respond to your requests within 30 days

14. Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not handled your personal data in accordance with the law.

This Privacy Policy is effective as of June 12, 2025 and was last updated on June 12, 2025.

Privacy Policy & Data Protection Notice