
Privacy Policy
Indonesian Affixation for Professional and Institutional Use
Effective Date: 3 April 2026
This Privacy Policy explains how personal data is collected, used, stored, shared, and protected when you interact with the Indonesian Affixation for Professional and Institutional Use (the “Course”), including related landing pages, checkout pages, learning areas, prerecorded lessons, downloads, live sessions, email communications, comment areas, and support channels.
The Course is delivered using Systeme.io as the primary business and course platform. Payments may be processed through Stripe or other disclosed payment processors.
This Policy is intended to align with applicable European Union law, including:
General Data Protection Regulation (EU) 2016/679 (“GDPR”)
ePrivacy rules and national cookie laws
EU consumer and digital content laws where relevant
Nothing in this Policy limits rights granted by mandatory law.
1. Who We Are
The provider of the Course is the data controller for personal data processed in connection with the Course.
The Data Controller is:
Business Name: Learn Indonesian with Ossi
Business Type: Individual Business Owner
Country of Establishment: Italy
Business Address: Tuscany, Italy
Contact Email: support@learnindonesianwithossi.com
2. Platforms and Service Providers Used
To operate the Course, we may use:
Systeme.io for landing pages, funnels, account management, email automation, course hosting, membership access, forms, and analytics features
Stripe for secure payment processing
Webinar or live session providers
Cloud storage or productivity tools
Customer support systems
Analytics and security tools
Accounting or tax software
These providers may act as processors or independent controllers depending on their role.
3. Scope of This Policy
This Policy applies when you:
Visit the Course landing pages or websites
Submit forms through Systeme.io pages
Purchase through checkout pages
Create an account or membership login
Access course lessons
Receive emails or automations
Join live sessions
Comment in community sections
Request support
Download materials
This Policy does not apply to third-party websites we do not control.
4. Personal Data We Collect
Depending on your interaction, we may collect the following categories of data.
A. Identity and Contact Data
Full name
Email address
Telephone number, if voluntarily provided
Company or institution name, if provided
Billing details
Account username
B. Transaction Data
Purchase history
Payment status
Invoices
Refunds
Subscription status if recurring offers are later introduced
VAT-related details where legally required
Note: Full payment card data is generally processed directly by Stripe and not stored by us.
C. Course and Membership Data
Enrollment status
Lesson progress
Completed modules
Downloads accessed
Login timestamps
Membership access permissions
D. Communications Data
Support requests
Emails opened or clicked (where tracking is enabled lawfully)
Survey responses
Feedback submissions
Webinar attendance data
Chat or comment posts
E. Technical Data
IP address
Browser type
Device type
Operating system
Referral source
Pages visited
Timestamps
Cookie identifiers
F. Funnel and Optimization Data
Because the Course is newly launched and currently being improved, we may collect data relating to:
Page conversion rates
Abandoned checkout behavior
Email engagement
Sales funnel performance
Lesson completion rates
Split test / A/B testing results
Feature usage
Where consent is legally required, such tools are used only after valid consent.
5. Special Category Data
We do not intentionally request sensitive personal data such as:
Health data
Religion
Ethnicity
Political opinions
Biometric data
Sexual orientation
Please do not submit such information through forms, comments, support, or live sessions unless specifically required under a lawful basis.
6. Why We Process Your Data (Legal Bases)
Under GDPR, we rely on the following lawful bases.
A. Contract Performance – Article 6(1)(b)
To:
Process your order
Create your account
Deliver Course access
Send purchase confirmations
Provide downloadable materials
Manage refunds
Provide support
B. Legitimate Interests – Article 6(1)(f)
To:
Improve Course quality
Optimize funnels and user experience
Prevent fraud
Secure systems
Monitor platform stability
Moderate community areas
Analyze business performance
Recover unpaid fees where lawful
We balance these interests against your rights.
C. Legal Obligations – Article 6(1)(c)
To:
Comply with tax laws
Maintain accounting records
Respond to lawful requests
Meet consumer protection obligations
D. Consent – Article 6(1)(a)
Where required, for:
Marketing emails
Non-essential cookies
Analytics tracking
Promotional communications
You may withdraw consent at any time.
7. Email Marketing and Automations
Because Systeme.io includes email automation tools, we may send:
Purchase confirmations
Onboarding emails
Lesson reminders
Transactional notices
Support communications
Where required by law, marketing emails are sent only with valid consent or another lawful basis.
You may unsubscribe from marketing emails at any time through the unsubscribe link or by contacting us.
Transactional emails may still be sent where necessary for service delivery.
8. Cookies and Tracking Technologies
We may use cookies or similar technologies through Systeme.io or connected tools for:
Login authentication
Session management
Remembering preferences
Analytics
Funnel measurement
A/B testing
Marketing attribution
Security
Where required under EU law, non-essential cookies are activated only after consent.
Please also review the separate Cookie Policy.
9. Sharing Personal Data
We do not sell personal data.
We may share data with service providers such as:
Stripe
Webinar providers
Email delivery providers
Analytics vendors
Accountants
Legal advisors
Cloud infrastructure providers
We may also disclose data where legally required or necessary to protect rights, prevent fraud, or enforce contracts.
10. International Transfers
Some providers may process data outside the European Economic Area.
Where this occurs, we aim to ensure lawful safeguards such as:
Adequacy decisions
Standard Contractual Clauses
Supplementary safeguards where required
You may request more information where applicable.
11. Retention Periods
We retain data only as long as reasonably necessary.
Examples:
Customer account data: while active and for a reasonable post-access period
Invoices and payment records: as required by tax law
Email subscription data: until unsubscribe or no longer needed
Analytics data: according to the tool settings and business needs
Support requests: reasonable support retention periods
Comments: until removed, account closure, or moderation action
Data may then be deleted, anonymized, or archived securely.
12. Your GDPR Rights
Where GDPR applies, you may have rights to:
Access your data
Correct inaccurate data
Erase data in certain circumstances
Restrict processing
Object to legitimate interest processing
Withdraw consent
Data portability where applicable
Complain to a supervisory authority
These rights may be subject to legal exceptions.
13. Automated Decision Making
We do not make legally significant decisions solely through automated processing.
However, automated systems may be used for:
Email sequencing
Customer segmentation
Funnel optimization
Fraud detection flags
Personalized onboarding flows
These do not create legal or similarly significant effects without required safeguards.
14. Security Measures
We use reasonable technical and organizational measures, which may include:
Password-protected systems
Access controls
HTTPS encryption where available
Vendor due diligence
Limited staff access
Backups
Monitoring for suspicious activity
No platform can guarantee absolute security.
15. Third Party Platforms
Systeme.io and Stripe each maintain their own privacy and security frameworks.
When you interact directly with their systems, their own legal terms or privacy notices may also apply.
We recommend reviewing their current policies.
16. Contact Us
For privacy requests or questions, contact the official support or legal contact listed on the website, checkout page, or invoices.
Please provide enough information to identify your request.
17. Complaints
If you believe your data rights have been infringed, you may contact us first for resolution.
You also have the right to lodge a complaint with your local EU/EEA supervisory authority.
18. Changes to This Policy
We may update this Privacy Policy to reflect:
Platform changes
New integrations
Legal developments
Operational changes
Product growth
The latest version should remain available on the website.
19. Transparency Notice
As of the Effective Date:
The Course is newly launched
Funnels and learning delivery are being refined through controlled testing
This status does not reduce our obligations under privacy law.
20. Contact
If you have questions about this Privacy Policy or wish to exercise your GDPR rights, please contact:
LEARN INDONESIAN WITH OSSI
Tuscany, Italy 50125
©2026 Learn Indonesian with Ossi