Privacy Policy

Indonesian Affixation for Professional and Institutional Use

Effective Date: 3 April 2026

This Privacy Policy explains how personal data is collected, used, stored, shared, and protected when you interact with the Indonesian Affixation for Professional and Institutional Use (the “Course”), including related landing pages, checkout pages, learning areas, prerecorded lessons, downloads, live sessions, email communications, comment areas, and support channels.

The Course is delivered using Systeme.io as the primary business and course platform. Payments may be processed through Stripe or other disclosed payment processors.

This Policy is intended to align with applicable European Union law, including:

  • General Data Protection Regulation (EU) 2016/679 (“GDPR”)

  • ePrivacy rules and national cookie laws

  • EU consumer and digital content laws where relevant

Nothing in this Policy limits rights granted by mandatory law.

1. Who We Are

The provider of the Course is the data controller for personal data processed in connection with the Course.

The Data Controller is:

  • Business Name: Learn Indonesian with Ossi

  • Business Type: Individual Business Owner

  • Country of Establishment: Italy

  • Business Address: Tuscany, Italy

  • Contact Email: support@learnindonesianwithossi.com

2. Platforms and Service Providers Used

To operate the Course, we may use:

  • Systeme.io for landing pages, funnels, account management, email automation, course hosting, membership access, forms, and analytics features

  • Stripe for secure payment processing

  • Webinar or live session providers

  • Cloud storage or productivity tools

  • Customer support systems

  • Analytics and security tools

  • Accounting or tax software

These providers may act as processors or independent controllers depending on their role.

3. Scope of This Policy

This Policy applies when you:

  • Visit the Course landing pages or websites

  • Submit forms through Systeme.io pages

  • Purchase through checkout pages

  • Create an account or membership login

  • Access course lessons

  • Receive emails or automations

  • Join live sessions

  • Comment in community sections

  • Request support

  • Download materials

This Policy does not apply to third-party websites we do not control.

4. Personal Data We Collect

Depending on your interaction, we may collect the following categories of data.

A. Identity and Contact Data

  • Full name

  • Email address

  • Telephone number, if voluntarily provided

  • Company or institution name, if provided

  • Billing details

  • Account username

B. Transaction Data

  • Purchase history

  • Payment status

  • Invoices

  • Refunds

  • Subscription status if recurring offers are later introduced

  • VAT-related details where legally required

Note: Full payment card data is generally processed directly by Stripe and not stored by us.

C. Course and Membership Data

  • Enrollment status

  • Lesson progress

  • Completed modules

  • Downloads accessed

  • Login timestamps

  • Membership access permissions

D. Communications Data

  • Support requests

  • Emails opened or clicked (where tracking is enabled lawfully)

  • Survey responses

  • Feedback submissions

  • Webinar attendance data

  • Chat or comment posts

E. Technical Data

  • IP address

  • Browser type

  • Device type

  • Operating system

  • Referral source

  • Pages visited

  • Timestamps

  • Cookie identifiers

F. Funnel and Optimization Data

Because the Course is newly launched and currently being improved, we may collect data relating to:

  • Page conversion rates

  • Abandoned checkout behavior

  • Email engagement

  • Sales funnel performance

  • Lesson completion rates

  • Split test / A/B testing results

  • Feature usage

Where consent is legally required, such tools are used only after valid consent.

5. Special Category Data

We do not intentionally request sensitive personal data such as:

  • Health data

  • Religion

  • Ethnicity

  • Political opinions

  • Biometric data

  • Sexual orientation

Please do not submit such information through forms, comments, support, or live sessions unless specifically required under a lawful basis.

6. Why We Process Your Data (Legal Bases)

Under GDPR, we rely on the following lawful bases.

A. Contract Performance – Article 6(1)(b)

To:

  • Process your order

  • Create your account

  • Deliver Course access

  • Send purchase confirmations

  • Provide downloadable materials

  • Manage refunds

  • Provide support

B. Legitimate Interests – Article 6(1)(f)

To:

  • Improve Course quality

  • Optimize funnels and user experience

  • Prevent fraud

  • Secure systems

  • Monitor platform stability

  • Moderate community areas

  • Analyze business performance

  • Recover unpaid fees where lawful

We balance these interests against your rights.

C. Legal Obligations – Article 6(1)(c)

To:

  • Comply with tax laws

  • Maintain accounting records

  • Respond to lawful requests

  • Meet consumer protection obligations

D. Consent – Article 6(1)(a)

Where required, for:

  • Marketing emails

  • Non-essential cookies

  • Analytics tracking

  • Promotional communications

You may withdraw consent at any time.

7. Email Marketing and Automations

Because Systeme.io includes email automation tools, we may send:

  • Purchase confirmations

  • Onboarding emails

  • Lesson reminders

  • Transactional notices

  • Support communications

Where required by law, marketing emails are sent only with valid consent or another lawful basis.

You may unsubscribe from marketing emails at any time through the unsubscribe link or by contacting us.

Transactional emails may still be sent where necessary for service delivery.

8. Cookies and Tracking Technologies

We may use cookies or similar technologies through Systeme.io or connected tools for:

  • Login authentication

  • Session management

  • Remembering preferences

  • Analytics

  • Funnel measurement

  • A/B testing

  • Marketing attribution

  • Security

Where required under EU law, non-essential cookies are activated only after consent.

Please also review the separate Cookie Policy.

9. Sharing Personal Data

We do not sell personal data.

We may share data with service providers such as:

  • Systeme.io

  • Stripe

  • Webinar providers

  • Email delivery providers

  • Analytics vendors

  • Accountants

  • Legal advisors

  • Cloud infrastructure providers

We may also disclose data where legally required or necessary to protect rights, prevent fraud, or enforce contracts.

10. International Transfers

Some providers may process data outside the European Economic Area.

Where this occurs, we aim to ensure lawful safeguards such as:

  • Adequacy decisions

  • Standard Contractual Clauses

  • Supplementary safeguards where required

You may request more information where applicable.

11. Retention Periods

We retain data only as long as reasonably necessary.

Examples:

  • Customer account data: while active and for a reasonable post-access period

  • Invoices and payment records: as required by tax law

  • Email subscription data: until unsubscribe or no longer needed

  • Analytics data: according to the tool settings and business needs

  • Support requests: reasonable support retention periods

  • Comments: until removed, account closure, or moderation action

Data may then be deleted, anonymized, or archived securely.

12. Your GDPR Rights

Where GDPR applies, you may have rights to:

  • Access your data

  • Correct inaccurate data

  • Erase data in certain circumstances

  • Restrict processing

  • Object to legitimate interest processing

  • Withdraw consent

  • Data portability where applicable

  • Complain to a supervisory authority

These rights may be subject to legal exceptions.

13. Automated Decision Making

We do not make legally significant decisions solely through automated processing.

However, automated systems may be used for:

  • Email sequencing

  • Customer segmentation

  • Funnel optimization

  • Fraud detection flags

  • Personalized onboarding flows

These do not create legal or similarly significant effects without required safeguards.

14. Security Measures

We use reasonable technical and organizational measures, which may include:

  • Password-protected systems

  • Access controls

  • HTTPS encryption where available

  • Vendor due diligence

  • Limited staff access

  • Backups

  • Monitoring for suspicious activity

No platform can guarantee absolute security.

15. Third Party Platforms

Systeme.io and Stripe each maintain their own privacy and security frameworks.

When you interact directly with their systems, their own legal terms or privacy notices may also apply.

We recommend reviewing their current policies.

16. Contact Us

For privacy requests or questions, contact the official support or legal contact listed on the website, checkout page, or invoices.

Please provide enough information to identify your request.

17. Complaints

If you believe your data rights have been infringed, you may contact us first for resolution.

You also have the right to lodge a complaint with your local EU/EEA supervisory authority.

18. Changes to This Policy

We may update this Privacy Policy to reflect:

  • Platform changes

  • New integrations

  • Legal developments

  • Operational changes

  • Product growth

The latest version should remain available on the website.

19. Transparency Notice

As of the Effective Date:

  • The Course is newly launched

  • Funnels and learning delivery are being refined through controlled testing

This status does not reduce our obligations under privacy law.

20. Contact

If you have questions about this Privacy Policy or wish to exercise your GDPR rights, please contact:

LEARN INDONESIAN WITH OSSI

Tuscany, Italy 50125

Email: support@learnindonesianwithossi.com

©2026 Learn Indonesian with Ossi