Privacy Policy
Last Updated: September 2025
Sigma Labs Cyprus is committed to protecting your privacy and personal data. This privacy policy explains how we collect, use, protect, and handle your personal information when you use our educational platform and statistical training services. We adhere to European Union data protection regulations and maintain the highest standards of data security.
Information We Collect
Personal Information
We collect the following types of personal data:
- Contact Information: Name, email address, phone number, postal address
- Educational Background: Academic qualifications, statistical experience, learning objectives
- Course Data: Enrollment information, progress tracking, assessment results
- Communication Records: Messages sent through contact forms, email correspondence
Technical Information
- Usage Data: IP address, browser type, device information, pages visited
- Cookie Data: Preferences, session information, analytics data
- Platform Analytics: Learning patterns, course completion rates, performance metrics
Legal Basis for Processing
We process your personal data based on the following legal grounds:
Consent
For marketing communications, newsletter subscriptions, and optional data processing activities
Contract Performance
To provide statistical education services, process enrollments, and deliver course content
Legitimate Interest
For website analytics, educational platform improvement, and business operations
Legal Obligation
For tax records, regulatory compliance, and educational reporting requirements
How We Use Your Data
Educational Services
- Deliver statistical education courses and educational content
- Track learning progress and provide personalized educational experiences
- Assess student performance and provide feedback on coursework
- Generate completion documentation and academic records
Communication & Support
- Respond to inquiries and provide customer support
- Send course updates, educational announcements, and important notifications
- Process enrollment applications and course registrations
Platform Improvement
- Analyze website usage patterns to improve user experience
- Develop new educational content and course offerings
- Conduct educational research and statistical analysis (anonymized data)
Data Retention Periods
We retain your personal data for the following periods:
| Data Type | Retention Period | Purpose |
|---|---|---|
| Contact form submissions | 3 years | Communication records and follow-up |
| Course enrollment records | 5 years | Educational documentation and verification |
| Financial records | 7 years | Legal and tax compliance requirements |
| Marketing data | Until consent withdrawn | Educational marketing and communications |
| Website analytics | 26 months | Platform improvement and user experience |
Data Protection & Security
Technical Safeguards
-
Encryption: All data transmitted using TLS/SSL encryption protocols
-
Secure Storage: Data stored on encrypted servers in EU-compliant facilities
-
Access Controls: Multi-factor authentication and role-based access systems
-
Monitoring: Continuous security monitoring and incident detection
Organizational Measures
-
Staff Training: Regular privacy and security training for all personnel
-
Data Processing Agreements: Contracts with all third-party processors
-
Breach Response: Incident response plan with 72-hour notification protocol
-
Regular Audits: Annual security assessments and compliance reviews
Your Privacy Rights
Under European data protection law, you have the following rights:
Right to Access
Request a copy of all personal data we hold about you and information about how it is processed
Right to Rectification
Request correction of inaccurate or incomplete personal data
Right to Erasure
Request deletion of your personal data under certain circumstances
Right to Data Portability
Receive your personal data in a structured, machine-readable format
Right to Object
Object to processing based on legitimate interests or for direct marketing purposes
Right to Restrict Processing
Request limitation of processing under specific circumstances
Right to Withdraw Consent
Withdraw consent for processing at any time where consent is the legal basis
Right to Lodge Complaints
File complaints with supervisory authorities regarding data processing
How to Exercise Your Rights
To exercise any of these rights, contact us using the information below. We will respond to your request within 30 days.
Third-Party Services
We use the following third-party services that may process your personal data:
Google Analytics
Website analytics and performance monitoring
Data transferred to: United States (adequacy decision)
Email Service Providers
Educational communications and course notifications
Data processing: EU-based servers with GDPR compliance
Payment Processors
Secure course enrollment and payment processing
Data protection: PCI DSS compliance and encryption standards
Hosting Services
Website and educational platform infrastructure
Location: EU data centers with ISO 27001 certification
International Data Transfers
Sigma Labs Cyprus is based in Cyprus, a member of the European Union. We primarily process data within the EU/EEA. When data is transferred outside this region, we ensure appropriate safeguards:
Transfer Mechanisms
- European Commission adequacy decisions
- Standard contractual clauses (SCCs)
- Binding corporate rules where applicable
Additional Safeguards
- Technical and organizational measures
- Regular compliance assessments
- Data minimization and purpose limitation
Contact Information
Data Controller
Supervisory Authority
Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable regulations. When we make material changes, we will notify you by updating the "Last Updated" date and, where appropriate, provide additional notice through our website or direct communication. We encourage you to review this policy periodically to stay informed about how we protect your personal information. Your continued use of our services after policy updates constitutes acceptance of the revised terms.