GDPR Privacy Policy
Last updated: October 16, 2025
This Privacy Policy describes how Domain ("we", "us", or "our") collects, uses, stores, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable data protection legislation. By using our platform at bemulasco.biz, you acknowledge the practices described in this document.
1. Data Controller
Domain acts as the data controller for personal data collected through this website and its associated services. For all data protection enquiries, you may contact us at:
- Email: [email protected]
- Phone: +1 613 621 3596
- Postal address: 68 Rue Principale, Nédélec, QC J0Z 2Z0, Canada
2. Data We Collect
2.1 Information You Provide Directly
- Full name and contact details (email address, phone number)
- Account registration information
- Billing and payment information
- Communications sent to us via contact forms or email
- Responses submitted in surveys or feedback forms
2.2 Information Collected Automatically
- IP address and approximate geographic location
- Browser type, version, and operating system
- Pages visited, time spent, and navigation paths
- Referring URLs and search terms
- Device identifiers and session data
2.3 Information from Third Parties
We may receive personal data from third-party services such as payment processors, authentication providers, and analytics platforms, only where such data is necessary to deliver our services.
3. Legal Basis for Processing
We process your personal data only when a valid legal basis exists under Article 6 of the GDPR:
| Processing Purpose | Legal Basis |
|---|---|
| Account creation and service delivery | Performance of a contract (Art. 6(1)(b)) |
| Processing payments | Performance of a contract (Art. 6(1)(b)) |
| Sending service-related communications | Legitimate interests (Art. 6(1)(f)) |
| Sending marketing communications | Consent (Art. 6(1)(a)) |
| Improving platform functionality | Legitimate interests (Art. 6(1)(f)) |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c)) |
| Security monitoring and fraud prevention | Legitimate interests (Art. 6(1)(f)) |
4. How We Use Your Data
Your personal data is used for the following purposes:
- Providing, operating, and maintaining our online learning platform and seminars
- Creating and managing your user account
- Processing payments and issuing receipts or invoices
- Responding to your enquiries and providing customer support
- Sending transactional notifications related to your account or purchases
- Sending promotional or educational content where you have given consent
- Analysing usage patterns to improve user experience and service quality
- Detecting, investigating, and preventing fraudulent or unauthorised activity
- Meeting applicable legal and regulatory obligations
5. Cookies and Tracking Technologies
5.1 Types of Cookies Used
- Essential cookies: Required for the platform to function correctly. These cannot be disabled without affecting core functionality.
- Analytical cookies: Used to understand how visitors interact with the platform. Collected data is aggregated and anonymised where possible.
- Functional cookies: Allow us to remember your preferences and personalise your experience.
- Marketing cookies: Used to deliver relevant advertising and measure campaign effectiveness. These are only set with your consent.
5.2 Managing Cookies
You may control or withdraw your consent to non-essential cookies at any time through your browser settings or our cookie preference tool. Please note that disabling certain cookies may affect the functionality of the platform.
6. Data Sharing and Disclosure
We do not sell, rent, or trade your personal data. We may share your data with trusted third parties only in the following circumstances:
- Service providers: Third-party vendors who assist in operating our platform, processing payments, delivering emails, or providing analytics. These parties are bound by data processing agreements and may only process your data on our documented instructions.
- Legal requirements: Where we are required to disclose data to comply with a legal obligation, court order, or governmental authority.
- Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity, subject to the same privacy commitments.
- Protection of rights: Where necessary to protect the rights, property, or safety of Domain, our users, or the public.
7. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place in accordance with GDPR requirements. These safeguards may include:
- Standard Contractual Clauses approved by the European Commission
- Transfers to countries recognised as providing an adequate level of data protection
- Binding Corporate Rules where applicable
You may request a copy of the relevant safeguards by contacting us at [email protected].
8. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by applicable law. Retention periods are determined by the following criteria:
- Account data is retained for the duration of your active account plus a reasonable period following account closure to address any outstanding obligations
- Transaction and billing records are retained as required by applicable financial and tax regulations
- Communications and support records are retained for a period sufficient to resolve disputes and improve service quality
- Data collected on the basis of consent is retained until consent is withdrawn
When data is no longer required, it is securely deleted or anonymised.
9. Your Rights Under GDPR
If you are located in the European Economic Area or a jurisdiction with equivalent data protection legislation, you have the following rights regarding your personal data:
- Right of access (Art. 15): You may request a copy of the personal data we hold about you.
- Right to rectification (Art. 16): You may request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17): You may request deletion of your personal data where there is no compelling reason for its continued processing.
- Right to restriction of processing (Art. 18): You may request that we limit the processing of your data in certain circumstances.
- Right to data portability (Art. 20): You may request that we provide your data in a structured, commonly used, machine-readable format.
- Right to object (Art. 21): You may object to processing based on legitimate interests or for direct marketing purposes.
- Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
- Right to lodge a complaint: You have the right to lodge a complaint with your local supervisory authority if you believe your data protection rights have been infringed.
To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days of receiving your request. We may need to verify your identity before processing your request.
10. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:
- Encryption of data in transit using TLS/SSL protocols
- Encryption of sensitive data at rest
- Access controls limiting data access to authorised personnel only
- Regular security assessments and vulnerability testing
- Staff training on data protection obligations
Despite these measures, no method of transmission over the internet or electronic storage is completely secure. We encourage you to use strong passwords and notify us immediately if you suspect any unauthorised activity on your account.
11. Children's Privacy
Our services are not directed at children under the age of 16. We do not knowingly collect personal data from individuals under 16 years of age. If we become aware that we have inadvertently collected data from a child, we will take prompt steps to delete it. If you believe we have collected data from a child, please contact us at [email protected].
12. Third-Party Links
Our platform may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any external sites you visit. The presence of a link does not imply our endorsement of or affiliation with the linked party.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through a prominent notice on our platform. Your continued use of our services after the effective date of any update constitutes your acceptance of the revised policy.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us through any of the following channels:
- Email: [email protected]
- Phone: +1 613 621 3596
- Post: 68 Rue Principale, Nédélec, QC J0Z 2Z0, Canada
- Website: bemulasco.biz
We are committed to resolving any concerns promptly and transparently.