Privacy Policy

Last updated: March 9, 2026

1. Introduction

CDN Certified ("we", "us", "our") respects your privacy. This policy explains what data we collect, how we use it, and your rights. We are based in the Netherlands and comply with the General Data Protection Regulation (GDPR).

2. Data We Collect

Account data: name, email address, and optionally company name and job title — provided when you register.

Payment data: processed by Stripe. We do not store credit card numbers. Stripe may store payment details per their privacy policy.

Learning data: lesson progress, quiz answers, exercise completions, and certification status.

Usage data: pages visited, features used, and referral source. We use Plausible Analytics, which is privacy-friendly and does not use cookies or collect personal data.

Email engagement: email open and click data via Brevo (our email service provider).

3. How We Use Your Data

  • To provide and improve the Service
  • To track your learning progress and issue certificates
  • To process payments
  • To send transactional emails (welcome, progress, certificates)
  • To send marketing emails (only with your consent; you can unsubscribe anytime)
  • To understand how the platform is used (aggregated, anonymous analytics)

4. Third-Party Services

We use the following third-party services that may process your data:

  • Stripe — payment processing
  • Brevo — transactional and marketing emails
  • Plausible Analytics — privacy-friendly website analytics (no cookies, no personal data)

5. Cookies

We use only essential cookies required for the Service to function (session, CSRF protection). We do not use tracking cookies. Plausible Analytics does not use cookies.

6. Your Rights (GDPR)

As a data subject under the GDPR, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your data ("right to be forgotten")
  • Portability — receive your data in a machine-readable format
  • Object — object to processing for marketing purposes
  • Restrict — request restricted processing in certain circumstances

To exercise any of these rights, contact [email protected]. We will respond within 30 days.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we remove personal data within 30 days. We may retain anonymised, aggregated data indefinitely for analytics. Payment records are retained as required by Dutch tax law (7 years).

8. Data Security

We use industry-standard security measures including encrypted connections (HTTPS/TLS), secure password hashing, and access controls. No system is perfectly secure; we commit to notifying affected users promptly in the event of a data breach.

9. Children

The Service is not directed at children under 16. We do not knowingly collect data from children under 16.

10. Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes via email.

11. Contact

For privacy-related questions or requests, contact [email protected].