Privacy & Data Protection
See how AISDI safeguards your personal data, ensures regulatory compliance, and upholds your digital rights across all interactions.
PRIVACY & DATA PROTECTION POLICY
Artificial Intelligence Skills Development Institute (Pty) Ltd — trading as “AISDI™”
Effective Date: 10 July 2025
1. Purpose
This Policy outlines what personal data AISDI™ collects, why we collect it, how we use it, and the rights available to you when engaging with any AISDI™ service (websites, learning platforms, mobile apps, email, or downloads).
2. Who We Are
Artificial Intelligence Skills Development Institute (Pty) Ltd
Company registration: 2025/544994/07 | 4 Rheezicht Cres, Onrusrivier, 7201, Western Cape, South Africa
Email: support@aisdi.ai
Role-based contact: Privacy Officer, AISDI™ (controller / POPIA responsible party).
3. Data We Collect
Category | Typical items | Source |
Account Data | Name, email, password, country, job role | Supplied by you |
Transaction Data | Course purchases, VAT/GST info, refunds | Checkout |
Learning Activity | Module progress, quiz scores, ALMA™ prompt text | Generated during use |
Technical Logs | IP address, browser type, device IDs | Collected automatically |
Support Records | Emails, tickets, chat transcripts | Direct communications |
We do not intentionally collect special-category data; please avoid entering sensitive information in prompts or uploads.
4. How & Why We Use Your Data
Purpose | Legal basis (GDPR) | Notes |
Provide & administer Courses | Contract (Art 6 (1)(b)) | Enrolment, progress, downloads |
Process payments & refunds | Contract; legal obligation | Via Stripe & PayPal (PCI-DSS) |
Operational emails (password reset, service alerts) | Legitimate interest | Essential; cannot opt out |
Direct marketing emails | Consent | Unsubscribe link in every message |
Legal compliance & fraud prevention | Legal obligation; legitimate interest | POPIA, GDPR, CPRA, ECTA |
Analytics, personalisation and marketing cookies are not yet active; when introduced, we will update this Policy and obtain consent or provide opt-out controls.
AISDI™ does not engage in automated decision-making that produces legal or similarly significant effects.
5. Cookies & Tracking — Interim Notice
Provider | Purpose | Retention |
Kotobee Cloud | Session management, CSRF protection | Session |
Stripe | Secure card payments | ≤ 1 year |
PayPal | Fraud screening, transaction continuity | ≤ 1 year |
Only strictly necessary cookies are set at launch. A full preference centre will be introduced before any analytics, personalisation, or marketing cookies are deployed.
6. Sharing & Disclosure
Service Provider | Purpose | Safeguards |
Kotobee | Learning-platform hosting | ISO 27001; SCCs |
Stripe; PayPal | Payment processing & fraud prevention | PCI-DSS |
OpenAI; Anthropic; Google (Gemini) | AI inference powering ALMA™ explanations | Prompts pseudonymised; retention ≤ 30 days; SCCs |
AISDI™ does not sell personal data. Disclosures to regulators or courts occur only when legally required.
7. International Transfers
Data may be processed in the EU, UK, or US. Transfers rely on Standard Contractual Clauses (SCCs) or the UK International Data Transfer Agreement (IDTA), complemented by technical safeguards (encryption, access controls).
8. Data Retention
Data type | Retention period |
Account & learning records | Active enrolment + 5 years |
Financial records | 7 years (statutory) |
Marketing-consent logs | Until withdrawal + 2 years |
Support tickets | 3 years after closure |
Encrypted back-ups are purged on a 30-day rolling schedule.
9. Your Rights
Jurisdiction | Rights | How to exercise |
POPIA (SA) | Access, correction, deletion, objection | Email support@aisdi.ai |
GDPR (EU/UK) | Access, rectification, erasure, restriction, portability, objection | Same |
CPRA (California) | Know, delete, correct, opt-out of sale/share, non-discrimination | Same |
We respond within 30 days (extensions allowed where lawful).
10. Security Measures
TLS 1.2+ encryption in transit, strong encryption at rest, MFA for admin accounts, annual penetration tests, role-based access controls, continuous monitoring. Vulnerability reports: support@aisdi.ai. No method is perfectly secure; use is at your own risk.
11. Children’s Privacy
AISDI™ targets adult professionals. We do not knowingly collect data from children under 13. If you suspect we hold a minor’s data, contact us for removal.
12. Changes
Material changes will be posted here with a new Effective Date and, where required, announced 14 days in advance via email or banner.
13. Contact & Complaints
Privacy enquiries: support@aisdi.ai
Postal: Privacy Officer, AISDI™, 4 Rheezicht Cres, Onrusrivier, 7201, Western Cape, South Africa
South-African complaints: Information Regulator (IRSA) — POPIAcomplaints.IR@justice.gov.za
EU/UK complaints: your local supervisory authority.
Version 2.0 — Published 10 July 2025