Skip to content
RokCode Academy Programming, step by step
Privacy, cookies, and your rights

Privacy Policy

This Privacy Policy explains what personal data RokCode Academy collects, how it is used, and the choices you have. It also covers our use of cookies, optional analytics, and how to exercise privacy rights under the GDPR and related laws.

Last Updated: January 15, 2026

1) Data controller and contact details

The controller responsible for processing personal data on this website is RokCode Academy LLC ("RokCode Academy", "we", "us"). Our registered contact details are:

We provide this dedicated privacy mailbox as the primary contact point for privacy questions and to help you exercise your rights. We do not currently appoint a formal Data Protection Officer as a regulated role, but [email protected] is monitored by staff trained to handle data protection requests.

2) Personal data we collect

We collect only the data needed to operate our learning platform, respond to requests, and improve the experience. Depending on how you use the site, the following categories may be processed:

  • Identity and contact data: first name (optional), full name (if you provide it), email address, phone number (only if you provide it for support), and messages you send to us.
  • Account and subscription data: plan selection, purchase history, and support history. Payment card details are not stored on our servers if you use a third party payment processor.
  • Technical data: IP address, user agent, browser type and version, device identifiers, operating system, language settings, time zone, and approximate location inferred from IP.
  • Usage data: pages viewed, time spent, navigation patterns, clicks, referrers, and error events (for example, failed page loads).
  • Cookie and similar data: cookie identifiers and preferences, including whether you accepted or rejected analytics cookies.

We do not ask for sensitive categories of personal data (for example health, political opinions, religion, or biometric identifiers). Please avoid including sensitive information in messages you send to us.

3) How we collect data

We collect data through a combination of direct input and technical means:

  • Web forms: when you subscribe to updates or contact us, you provide information such as your email address and optional name.
  • Cookies and similar technologies: used to remember cookie preferences and to support optional analytics if you consent.
  • Server logs: our hosting infrastructure records basic request information for security and reliability (for example IP address and timestamp).
  • Analytics tools: if you consent, we may measure aggregated usage patterns. We currently describe Google Analytics 4 and Meta Pixel in this policy so you understand the categories of tracking typically used for advertising attribution.

If you reject analytics cookies via the banner, analytics tags should not run in your browser. Your choice is stored locally on your device so we can respect it on future visits from the same browser.

4) Legal basis for processing (GDPR Article 6)

Where GDPR applies, we rely on the following legal bases:

Consent (Art. 6(1)(a))

We use consent for optional analytics cookies and for marketing communications such as newsletters. You can withdraw consent at any time by rejecting cookies (for analytics) or unsubscribing (for email). Withdrawal does not affect earlier lawful processing.

Contract (Art. 6(1)(b))

If you purchase a plan or request service delivery, we process necessary data to provide access, handle billing records, and support your account. This includes confirming your plan choice and responding to service related requests.

Legitimate interests (Art. 6(1)(f))

We process limited technical and log data for security, fraud prevention, and maintaining the reliability of the site. We balance these interests against your rights and implement safeguards such as access controls and data minimization.

Legal obligation (Art. 6(1)(c))

We may retain certain records to comply with legal or regulatory obligations, such as accounting and tax requirements, and to respond to lawful requests from authorities.

5) Purposes of processing

We process personal data for the following purposes:

  • Service delivery: enable access to courses and learning paths, maintain the platform, and provide requested features.
  • Customer support: respond to questions, troubleshoot issues, and keep a record of support interactions so we can resolve recurring problems.
  • Marketing communications: send newsletters and product updates only when you have opted in, and manage unsubscribe requests.
  • Analytics and product improvement: understand how visitors use the site (with consent where required) to improve navigation, content structure, and performance.
  • Security and fraud prevention: monitor abnormal traffic and protect the platform, including rate limiting and detection of malicious activity.
  • Legal compliance: maintain records needed for compliance, enforce policies, and respond to lawful requests.

6) Retention periods

We keep personal data only as long as needed for the stated purposes. Typical retention periods are:

  • Newsletter subscriptions: until you unsubscribe, then deleted or anonymized within 30 days.
  • Form submissions and support emails: 2 years from the last interaction, unless legal or security reasons require longer retention.
  • Server logs (security and reliability): up to 90 days, then rotated or deleted unless needed to investigate incidents.
  • Analytics data (if consented): 14 months, then automatically deleted or aggregated depending on the tool configuration.
  • Billing and accounting records: retained as required by applicable law, typically 7 years in many jurisdictions.

If you request deletion, we will remove data that is not required for legal obligations or for establishing, exercising, or defending legal claims.

7) Sharing and processors

We do not sell personal data. We share data only with service providers acting as processors or with third parties when required by law. Categories of processors may include:

  • Hosting and infrastructure providers: to host the website and store data securely.
  • Email delivery services: to send newsletters and transactional messages (for example, subscription confirmation).
  • Analytics providers: such as Google Analytics 4, only if you consent to analytics cookies.
  • Advertising and attribution tools: Meta Pixel may be used only if you consent to marketing cookies, and only to measure campaign performance and improve relevance.
  • Payment processors: to handle transactions. We do not store full card details on our servers when a third party processor is used.

When we use processors, we require them to protect data using appropriate security measures and to process it only on documented instructions. Access to personal data inside our organization is limited to staff who need it to perform their duties.

8) International transfers

RokCode Academy LLC is based in the United States. If you access the site from the European Economic Area, the United Kingdom, or Switzerland, your personal data may be processed in countries outside your jurisdiction. Where required, we rely on appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs): contractual protections approved by the European Commission.
  • Adequacy decisions: where the relevant authority recognizes that a country provides an adequate level of data protection.
  • Additional safeguards: encryption in transit, access controls, and minimization of exported data where feasible.

You can request information about transfer safeguards by emailing [email protected].

9) Your rights (GDPR)

If GDPR applies to you, you have the following rights, subject to applicable exceptions:

  • Right of access: request a copy of your personal data and information about processing.
  • Right to rectification: request correction of inaccurate or incomplete data.
  • Right to erasure: request deletion where the data is no longer needed or processing is unlawful.
  • Right to restriction: request that processing is limited in certain cases.
  • Right to data portability: receive data you provided in a structured, commonly used format and transmit it to another controller where technically feasible.
  • Right to object: object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: withdraw at any time for processing based on consent.

To exercise these rights, email [email protected]. Please include enough information for us to locate your data (for example the email used for subscription). We may request additional information only to verify identity.

You also have the right to lodge a complaint with a supervisory authority. If you are in the UK, you can contact the Information Commissioner's Office (ICO). If you are in the EEA, you can contact your local data protection authority.

10) Cookies and similar technologies

Cookies are small text files stored on your device. We use cookies to keep the site working and, if you consent, to understand how the site is used. We group cookies into the categories below:

Strictly necessary cookies

These cookies support core functionality such as remembering basic preferences and protecting the site. Without them, some parts of the site may not work as intended. Typical duration: session to 30 days depending on the setting stored.

Analytics cookies (optional)

If you accept via the cookie banner, analytics cookies help us measure aggregated usage such as page views and navigation patterns. Typical duration: up to 14 months, depending on the analytics provider configuration.

Marketing cookies (optional)

Marketing cookies are used to measure advertising performance and improve relevance. We only use them when you consent. Typical duration varies by provider and may range from a few days to several months.

Managing cookies

You can accept or reject optional cookies using the banner. You can also delete cookies through your browser settings. If you delete cookies, you may need to set your preferences again.

The site stores your cookie preference on your device (local storage) so the banner does not repeatedly prompt you. This preference is not used to identify you personally, but it is treated as a preference record.

11) Children’s privacy

RokCode Academy is not directed to children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided personal data, contact [email protected] and we will take steps to delete the information.

12) Security measures

We use administrative, technical, and organizational measures designed to protect personal data, including access controls, least privilege practices, and TLS encryption for data in transit. No method of transmission or storage is fully secure, so we cannot guarantee absolute security, but we work to reduce risks and respond to incidents quickly.

13) Policy updates

We may update this policy to reflect changes in the service, legal requirements, or our processing activities. If we make significant changes, we will post the updated policy on this page and may provide additional notice such as a banner or email if appropriate. The "Last Updated" date at the top shows when the latest version became effective.

14) How to contact us

For questions about this policy, requests to access or delete data, or to withdraw consent, contact:

Related documents

Your use of our services is also governed by our Terms. If you are comparing plans or considering a subscription, review the Pricing page for what is included.

Terms Pricing

Cookie preference

Your current cookie preference is stored in your browser. You can change it here and the banner will be shown again on your next visit.