1. Introduction

‍Digital Builders ("we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our platform and services.We process your personal data in compliance with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and other applicable data protection laws.

‍2. Data Controller

‍Digital Builders acts as the data controller for personal data collected directly from users of our platform. For personal data processed on behalf of Community Owners within their communities, Digital Builders acts as a data processor and the Community Owner is the data controller.

‍3. What Personal Data We Collect

3.1 Account Information

‍Full name, email address, and password (encrypted)
Profile picture, biographical information, location, and professional details
Account preferences and settings

‍3.2 Usage and Activity Data

‍Course enrolment and completion data
Community posts, comments, and interactions
Coaching session bookings and notes
Event registrations and attendance
Gamification data (points, badges, streaks)
Platform activity logs and timestamps

‍3.3 Payment and Billing Data

‍Subscription plan and billing history
Payment method details (processed and stored securely by Stripe; we do not store raw card data)
Invoice and transaction records

‍3.4 Technical Data

‍IP address and device information
Browser type and version
Cookies and similar tracking technologies
Platform performance and error logs

‍3.5 Communications

‍Messages sent via platform chat
Support correspondence
Survey responses

‍4. How We Use Your Personal Data

‍We use your personal data on the following legal bases:

‍4.1 Contract Performance

‍Providing and maintaining your account and access to the Service.
Processing subscription payments and managing billing.
Enabling course delivery, coaching bookings, and community features.

‍4.2 Legitimate Interests

‍Improving and developing the platform based on usage patterns.
Sending service-related communications and product updates.
Detecting and preventing fraud, abuse, and security incidents.
Analytics to understand how the platform is used.

‍4.3 Legal Obligation

‍Complying with applicable laws and regulatory requirements.
Responding to lawful requests from authorities.
Maintaining financial records as required by law.

‍4.4 Consent

‍Sending marketing communications where you have opted in.
Using non-essential cookies (see our Cookie Policy).

‍5. Sharing Your Personal Data

‍We do not sell your personal data. We may share your data with:
Service providers who help us operate the platform (e.g., cloud hosting, payment processing via Stripe, video conferencing via Zoom), under data processing agreements.
Community Owners within whose community you participate, for the purposes of community management.
Law enforcement or regulatory authorities where required by law.
Professional advisers such as lawyers and accountants, under confidentiality obligations.
Successors in the event of a merger, acquisition, or sale of assets.
All third-party processors are contractually bound to process data only as instructed and to maintain appropriate security measures.

‍6. International Data Transfers

‍Some of our service providers operate outside the European Economic Area (EEA). Where we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, including:Standard Contractual Clauses (SCCs) approved by the European Commission.Transfers to countries recognised as providing adequate data protection.Other legally recognised transfer mechanisms.

‍7. Data Retention

‍We retain personal data only for as long as necessary for the purposes described in this Policy or as required by law:Active account data: retained for the duration of your account.Billing and financial records: retained for 7 years as required by EU accounting laws.Content and community activity: retained for the duration of the community or account.Technical logs: retained for up to 12 months for security purposes.Upon account deletion, we will delete or anonymise your personal data within 90 days, except where retention is required by law.

‍8. Your Rights Under GDPR

‍As an EU/EEA resident, you have the following rights regarding your personal data:

Right of Access: Request a copy of the personal data we hold about you.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure: Request deletion of your data (subject to legal retention obligations).
Right to Restriction: Request we restrict processing of your data in certain circumstances.
Right to Data Portability: Receive your data in a structured, machine-readable format.
Right to Object: Object to processing based on legitimate interests or for direct marketing.
Right to Withdraw Consent: Withdraw consent at any time where processing is consent-based.
Right not to be subject to Automated Decision-Making: Not be subject to solely automated decisions with significant effects.

To exercise any of these rights, contact our Data Protection Officer at dpo@digitalbuilders.io. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.

‍9. Cookies

‍We use cookies and similar technologies to operate and improve the platform. These include:Essential cookies: Required for the platform to function (no consent required).Analytics cookies: Help us understand usage patterns (consent required).Preference cookies: Remember your settings and preferences (consent required).You can manage cookie preferences through your browser settings or our cookie consent tool. Disabling certain cookies may affect platform functionality.

‍10. Security

‍We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit and at rest, access controls, regular security assessments, and incident response procedures. We use services such as Sentry for error monitoring to help maintain platform security.In the event of a data breach that affects your rights, we will notify you and the relevant supervisory authority as required by GDPR.

‍11. Children's Privacy

‍Our Service is not directed at children under 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected such data without appropriate parental consent, we will delete it promptly.

‍12. Changes to This Policy

‍We may update this Privacy Policy periodically. We will notify you of material changes via email or platform notification at least 30 days before they take effect. Your continued use of the Service after the effective date constitutes acknowledgement of the updated Policy.

‍13. Contact and DPO

‍For any privacy-related queries or to exercise your rights:Data Protection Officer: dpo@digitalbuilders.ioGeneral Privacy Enquiries: privacy@digitalbuilders.ioYou also have the right to complain to your local data protection authority. A list of EU data protection authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en