Privacy Policy

Last updated: 2026-06-08

1. Controller

The data controller is Trainity, contact: support@trainity.io.

2. Data we collect

• Account data: email, password (hashed), optional name.
• Payment data: we do not store full card numbers; tokenized references are provided by Mollie.
• Usage data: course progress, IP address, user agent, and basic analytics.
• Communications you send us.

3. Purposes and legal bases

We process data to provide the service (contract), keep it secure (legitimate interest), comply with accounting and tax obligations (legal obligation) and, with your consent where required, send product updates.

4. Sharing

We share data with service providers acting on our instructions: Mollie (payments), Resend (transactional email), our hosting provider, and — only when a promotional credit allowance is part of your plan — the partner practice platform that grants the credits, limited to your email and the quantity granted.

5. International transfers

Data is stored in the European Union. Where transfers to third countries occur (e.g., a service provider), we use standard contractual clauses.

6. Retention

Account data is retained while your account is active and for up to three years after inactivity. Accounting records are retained for 10 years as required by French law.

7. Your rights

You can access, rectify, erase, restrict or object to the processing of your data, and request portability. Contact support@trainity.io. You can also lodge a complaint with your local data protection authority (e.g., the CNIL in France).

8. Cookies

We use strictly necessary cookies (session, CSRF) and, with your consent, analytics cookies. No advertising cookies.

9. Security

Passwords are hashed with bcrypt. Data in transit is encrypted with TLS. Access to administrative interfaces is restricted and logged.