Privacy Policy & GDPR

Last updated: August 28, 2025

GDPR Compliance

Didaxa is fully compliant with the EU General Data Protection Regulation (GDPR). We take your privacy seriously and are committed to protecting your personal data.

What Data We Collect

Personal Data

  • Name (used for lessons)
  • Email address
  • Educational profile information
  • Learning preferences

Usage Data

  • Learning progress
  • Platform interactions
  • Session times
  • Exercise responses

Technical Data

  • IP address (anonymized)
  • Browser and device type
  • Cookie data (see Cookie Policy)

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: For non-essential cookies and marketing communications
  • Contract: To provide our tutoring services
  • Legitimate interests: To improve our services and prevent fraud
  • Legal obligation: To comply with applicable laws

How We Use Your Data

  • Provide personalized tutoring services
  • Improve our learning algorithms
  • Communicate service updates and information
  • Analyze and improve platform performance
  • Ensure security and prevent abuse
  • Comply with legal obligations

Data Sharing

We NEVER sell your personal data. We only share data with:

  • Service providers: Such as hosting, analytics (all GDPR compliant)
  • Legal authorities: When required by law
  • With your consent: For any other purpose with your explicit permission

Your GDPR Rights

Under GDPR, you have the following rights:

Right to access

Request a copy of your data

Right to rectification

Correct inaccurate data

Right to erasure

"Right to be forgotten"

Right to restriction

Limit data processing

Right to portability

Transfer your data

Right to object

Object to processing

To exercise these rights, contact our DPO at: dpo@didaxa.ai

Data Retention

We retain your personal data only for as long as necessary for the purposes collected:

  • Account data: Until account deletion
  • Learning data: 2 years after last activity
  • Billing data: As per legal requirements (7 years)
  • Cookies: See our Cookie Policy

International Transfers

Your data is stored on servers in the EU. If we transfer data outside the EU, we ensure appropriate safeguards are in place (such as standard contractual clauses or adequacy decisions).

Data Security

We implement technical and organizational security measures to protect your data:

  • SSL/TLS encryption for all data transfers
  • Encryption of data at rest
  • Strict access controls
  • Regular security audits
  • Staff training on data protection
  • Data breach response procedures

Children's Privacy

For users under 16, parental consent is required. We do not knowingly collect data from children under 13 without verified parental consent.

Cookie Policy

We use cookies to improve your experience. For detailed information, see our Cookie Policy.

Changes to This Policy

We may update this policy periodically. We will notify you of significant changes via email or through a prominent notice on our service.

Contact Us

For privacy questions or to exercise your GDPR rights:

  • Data Protection Officer (DPO): dpo@didaxa.ai
  • General privacy email: privacy@didaxa.ai
  • Address: Didaxa AI is a product of Ing. Enrico D'Urso, Milano (MI), Italy
  • Contact form: Click here

Right to complain: You have the right to lodge a complaint with your country's data protection supervisory authority.

This privacy policy complies with EU GDPR and applicable data protection laws.