Privacy Policy

Last updated: January 18, 2025

1. Introduction

At Almastack ("we," "our," or "us"), we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our learning management system platform and related services.

This Privacy Policy applies to all users of our Service and should be read in conjunction with our Terms & Conditions.

2. Information We Collect

2.1 Information You Provide

We collect information you provide directly to us, including:

  • Account registration information (name, email address, country)
  • Profile information and preferences
  • Payment and billing information
  • Educational content and course materials you create
  • Communications with our support team
  • Feedback and survey responses

2.2 Information We Collect Automatically

When you use our Service, we automatically collect certain information, including:

  • Usage data and analytics (login times, features used, time spent)
  • Device information (IP address, browser type, operating system)
  • Log files and error reports
  • Cookies and similar tracking technologies

2.3 Information from Third Parties

We may receive information about you from third parties, such as payment processors, analytics providers, and integration partners, in accordance with their respective privacy policies.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide, maintain, and improve our Service
  • Process transactions and manage billing
  • Communicate with you about your account and our Service
  • Provide customer support and technical assistance
  • Monitor and analyze usage patterns and trends
  • Ensure security and prevent fraud
  • Comply with legal obligations
  • Send you marketing communications (with your consent)

4. Legal Basis for Processing (GDPR)

For users in the European Union, we process your personal data based on the following legal grounds:

  • Contract: To perform our contract with you (providing the Service)
  • Legitimate Interest: To improve our Service, ensure security, and analyze usage
  • Consent: For marketing communications and non-essential cookies
  • Legal Obligation: To comply with applicable laws and regulations

5. Information Sharing and Disclosure

5.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our Service, including:

  • Cloud hosting and infrastructure providers
  • Payment processors
  • Analytics and monitoring services
  • Customer support platforms
  • Email and communication services

5.2 Legal Requirements

We may disclose your information if required by law or if we believe such disclosure is necessary to:

  • Comply with legal process or government requests
  • Protect our rights, property, or safety
  • Prevent fraud or security threats
  • Protect the rights and safety of our users

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such transfer and any choices you may have.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and monitoring
  • Access controls and authentication mechanisms
  • Employee training and confidentiality agreements
  • Regular backups and disaster recovery procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Generally, we retain data as follows:

  • Account data: Until account deletion plus 30 days
  • Usage data: Up to 2 years for analytics purposes
  • Financial records: As required by law (typically 7 years)
  • Support communications: Up to 3 years

8. Your Rights and Choices

8.1 GDPR Rights (EU Users)

If you are located in the European Union, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a portable format
  • Restriction: Limit how we process your data
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: For processing based on consent

8.2 General Rights

All users can:

  • Update account information through your profile settings
  • Opt out of marketing communications
  • Request account deletion
  • Contact us with privacy concerns

8.3 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and collect usage information. You can control cookies through your browser settings.

Types of cookies we use:

  • Essential cookies: Required for basic functionality
  • Analytics cookies: Help us understand usage patterns
  • Functional cookies: Remember your preferences
  • Marketing cookies: For personalized advertising (with consent)

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by relevant data protection authorities
  • Other lawful transfer mechanisms as appropriate

11. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Privacy Officer: [email protected]

Data Protection Officer: [email protected]

General Support: [email protected]

Phone: +94112601647

Address: Level 26, East Tower, Echelon Square, World Trade Center,
Colombo 01, Sri Lanka

This Privacy Policy is effective as of January 18, 2025. Your continued use of our Service after any changes indicates your acceptance of the updated Privacy Policy.