Privacy Policy

Who We Are

Mineralex operates from București, Romania, providing educational content and training programs for aspiring game developers. You can find us at Strada Râmnicu Vâlcea nr14, în spatele cofetărie Georgis, București 031808. When we mention "we," "us," or "our" throughout this document, we're talking about Mineralex and our educational platform at mineralex.com.

For any privacy questions or concerns, reach out to us at info@mineralex.com or call +40762853111. We actually read these messages and respond to them.

What Information We Collect

Let's be straightforward about what we gather and why. We only collect what we need to run our educational programs effectively.

Information You Provide Directly

When you sign up for our courses or contact us about programs, you'll share some basic details:

• Your name and email address for course communications
• Phone number if you want us to call you about program details
• Educational background when relevant to course placement
• Portfolio or project information if you're applying for advanced programs
• Payment details when enrolling in paid courses (though we don't store full card numbers)

Technical Information We Collect Automatically

Like most websites, ours collects some technical data when you visit. This includes your IP address, browser type, device information, and which pages you view. We use this to understand how people use the site and to fix problems when they come up.

How We Use Your Information

We're not doing anything mysterious with your data. Here's what happens with it:

• Managing your enrollment in courses and tracking your progress through programs
• Sending you updates about courses you're taking or have expressed interest in
• Responding when you contact us with questions or need support
• Processing payments and handling refunds when necessary
• Improving our educational content based on how students interact with materials
• Sending occasional emails about new courses that might interest you (you can opt out anytime)
• Complying with Romanian and EU legal requirements for educational institutions

Legal Basis for Processing (GDPR Compliance)

Since we operate in the EU, we need a legal reason to process your data. Here's how that breaks down:

Contractual Necessity

When you enroll in a course, we need certain information to deliver that service. We can't teach you game development without knowing who you are and how to contact you about course materials.

Legitimate Interests

We have legitimate business interests in improving our courses, preventing fraud, and maintaining site security. We balance these interests against your privacy rights.

Legal Obligations

Romanian law requires us to keep certain records, particularly financial ones, for specific periods. We're not holding onto this data longer than we have to.

Your Consent

For marketing emails and some optional features, we ask for your explicit consent. You can withdraw this anytime without affecting your course access.

Who We Share Information With

We work with a few service providers to run our educational platform. These companies only get access to information they need to do their specific jobs:

• Payment processors who handle transactions securely (they never share your full payment details with us)
• Email service providers who help us send course updates and newsletters
• Cloud hosting services where our course materials and student data are stored
• Analytics tools that help us understand how people use our site
• Video hosting platforms for our instructional content

All these partners are contractually required to protect your data and can't use it for their own purposes. If we ever need to share information beyond these standard service providers, we'll ask for your permission first.

International Data Transfers

Most of our data stays within the EU, but some service providers we use have servers in other countries. When data leaves the EU, we make sure it's protected through standard contractual clauses approved by the European Commission or through providers certified under appropriate data protection frameworks.

We're selective about which international services we use, and we regularly review their security practices.

Your Rights Under GDPR

EU data protection law gives you substantial control over your personal information. Here's what you can do:

Access Your Data

You can request a copy of all personal information we hold about you. We'll provide this in a readable format within 30 days of your request.

Correct Inaccurate Information

If something we have on file is wrong, let us know and we'll fix it. You can update most basic information through your account settings.

Delete Your Data

You can ask us to delete your personal information. We'll do this unless we have a legal reason to keep it (like financial records we're required to maintain).

Object to Processing

You can object to how we use your data in certain situations, particularly for marketing purposes. We'll stop unless we can demonstrate compelling legitimate grounds.

Data Portability

You can get your data in a machine-readable format and transfer it to another service if you want to.

Restrict Processing

In some cases, you can ask us to temporarily limit how we use your information while we resolve a concern you've raised.

How We Protect Your Information

Security isn't just about having the right technology. It's also about having the right processes and people who take it seriously.

• All data transmission to and from our site uses encryption (HTTPS/TLS)
• We store sensitive data in encrypted databases with restricted access
• Our team receives regular training on data protection and security practices
• We use secure authentication methods and require strong passwords
• Regular security audits and updates to address potential vulnerabilities
• Access to student data is limited to staff who need it for their work
• We maintain backups in secure, geographically separated locations

No system is completely invulnerable, but we take reasonable precautions to protect your information. If a security breach ever affects your data, we'll notify you and the relevant authorities as required by Romanian and EU law.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies. Some are essential for the site to work, while others help us improve your experience.

Essential Cookies

These keep you logged in and remember your preferences. The site won't function properly without them.

Analytics Cookies

We use these to understand how people navigate our site and which content is most helpful. This helps us make better educational materials.

Marketing Cookies

These help us show relevant course recommendations and remember if you've already seen certain announcements. You can disable these through our cookie preferences.

You can manage cookie settings through your browser, though disabling certain cookies might limit site functionality.

Data Retention

We don't keep information longer than necessary. Different types of data have different retention periods based on their purpose and legal requirements:

• Course enrollment records: kept for the duration of your studies plus 5 years for certificate verification
• Financial records: retained for 7 years as required by Romanian tax law
• Marketing consent records: maintained until you withdraw consent, then deleted within 30 days
• Technical logs: automatically deleted after 12 months
• Correspondence: kept for 3 years after your last interaction with us

When we no longer need your data, we securely delete it. This means overwriting rather than just removing it from active systems.

Children's Privacy

Our courses are designed for adults. We don't knowingly collect information from anyone under 16 without parental consent. If you're under 16 and interested in our programs, have a parent or guardian contact us to discuss options.

If we discover we've inadvertently collected data from someone under 16 without proper consent, we'll delete it promptly.

Changes to This Policy

We update this policy occasionally to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you by email and post a notice on our website.

The "Last Updated" date at the top shows when the most recent changes were made. We recommend reviewing this policy periodically, especially before sharing new information with us.

Complaints and Concerns

If you're unhappy with how we handle your data, please let us know first. We'll do our best to resolve any concerns quickly.

You also have the right to lodge a complaint with Romania's supervisory authority for data protection (Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal - ANSPDCP) or your local EU data protection authority.