Legal
Privacy Policy
How OpsPilot Academy handles account, course, usage, payment, cookie, and support information. Last Updated: June 3, 2026
1. Introduction
This Privacy Policy explains how OpsPilot Academy Ltd. collects, uses, shares, and protects personal information when you use OpsPilot Academy.
2. Information Collected
We collect account details, contact information, course progress, support messages, billing identifiers, usage data, device information, and cookie data. Payment card details are collected and processed by Stripe; we do not store full card numbers.
3. How Data Is Used
We use information to provide courses, maintain accounts, process purchases, respond to support requests, issue certificates, improve platform performance, detect abuse, comply with legal obligations, and send service communications.
4. Payment Processing
Payments are processed by Stripe. Stripe may process payment information under its own terms and privacy practices, and it supports PCI DSS obligations for payment handling. Stripe privacy information is available at https://stripe.com/privacy.
5. Third-Party Providers
We may use hosting, analytics, email, customer support, security, and payment providers to operate the service. Providers may access information only as needed to provide contracted services.
6. Data Sharing
We do not sell personal information. We may share information with service providers, Stripe for payments, legal or regulatory authorities when required, and professional advisors under confidentiality obligations.
7. Data Retention
We retain account, course, billing, and support records for as long as needed to provide services, comply with legal and tax obligations, resolve disputes, and enforce agreements. We delete or anonymize data when it is no longer needed.
8. User Rights
Depending on your location, you may request access, correction, deletion, portability, restriction, or opt-out of certain processing by contacting privacy@opspilotacademy.org. We may need to verify your identity before completing a request.
9. International Transfers
We operate from Hong Kong SAR and may process information in other countries where service providers operate. We use appropriate safeguards where required for international transfers.
10. Children's Privacy
The service is intended for users 18 and older and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child submitted information, contact us for deletion.
11. Data Security
We use administrative, technical, and organizational safeguards such as TLS in transit, access controls, monitoring, least-privilege practices, and AES-256 encryption where supported for stored sensitive records.
12. Breach Notification
If we identify a data breach requiring notice, we will notify affected users and/or regulators as required by law, with a target of within 72 hours where legally applicable and feasible.
13. Changes
We may update this Privacy Policy. The Last Updated date will show the latest version, and material updates may be communicated through the service or by email.
14. Contact
Privacy questions: privacy@opspilotacademy.org. Data protection contact: dpo@opspilotacademy.org.