Privacy Policy

Last updated: January 28, 2026

1. Introduction

Welcome to Cloudegree. We operate globally, including in Cameroon and the European Union, and are committed to protecting your personal data and respecting your privacy.

This Privacy Policy explains how we collect, use, store, and protect your information in accordance with:

  • EU General Data Protection Regulation (GDPR) for users in the European Union
  • Cameroon Law No. 2010/012 on Cybersecurity and Cybercrime and related data protection regulations for users in Cameroon
  • International data protection best practices for all other users

This policy applies to all services offered by Cloudegree, including our website, learning platform, programs, bootcamps, mentorship sessions, and webinars.

Effective Date: January 28, 2026

2. Data We Collect

We collect different types of information to provide and improve our services:

2.1 Personal Identification Data

  • Name
  • Email address
  • Account identifiers
  • Authentication/session tokens (managed securely through NextAuth)

2.2 Learning & Enrollment Data

  • Courses, bootcamps, or mentorship programs enrolled
  • Progress status and completion tracking
  • Participation metadata (scheduling and attendance, not private session content)

2.3 Usage & Technical Data

  • Pages viewed and platform interactions
  • Device and browser information
  • Approximate region (Cameroon vs International) for content localization

Note: Analytics data is only collected with your consent. See Section 6 for details.

2.4 Communication Data

  • Contact form submissions
  • WhatsApp messages and support requests
  • Webinar and open house registrations

3. How We Use Your Data

We use the information we collect for the following purposes:

  • Provide access to Cloudegree services: Deliver programs, bootcamps, mentorship, and hands-on labs
  • Authenticate and secure user accounts: Verify your identity and protect against unauthorized access
  • Communicate program updates and support: Send important notifications, respond to inquiries, and provide customer assistance
  • Improve platform performance and learning experience: Analyze usage patterns to enhance features and fix technical issues (with your consent)
  • Meet legal and regulatory obligations: Comply with applicable laws and maintain necessary records

4. Legal Basis for Processing

For Users in the European Union (EU GDPR)

We process your personal data based on the following legal grounds:

  • Contract performance: Processing is necessary to provide account access, courses, mentorship, and other services you have enrolled in
  • Legitimate interest: We process data for legitimate business purposes such as platform improvement, security, and fraud prevention, provided these interests do not override your rights
  • Consent: For optional features like analytics cookies and marketing communications, we only process data with your explicit consent, which you can withdraw at any time

For Users in Cameroon

Our data processing follows lawful, fair, and transparent principles in accordance with Cameroon Law No. 2010/012 on Cybersecurity and Cybercrime:

  • Data is collected only for explicit and legitimate purposes
  • Processing is limited to what is necessary to achieve those purposes
  • Data is kept accurate and up to date
  • Data is stored securely and protected against unauthorized access

5. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience on our platform. Our cookies fall into the following categories:

Strictly Necessary Cookies

These cookies are essential for the website to function and cannot be disabled:

  • Authentication: NextAuth session management for secure login
  • Security: Fraud prevention and protection against unauthorized access

Functional Cookies

Region detection: Determining whether you are accessing from Cameroon or internationally to deliver localized content and pricing

Analytics Cookies (Opt-in Only)

Analytics cookies help us understand how users interact with our platform:

  • First-party analytics only - we do not use third-party tracking services
  • Activated only with user consent via our cookie banner
  • Data is aggregated and anonymized where possible

No third-party advertising or tracking cookies: We do not use cookies for cross-site tracking or share your data with advertising networks.

For detailed information about the cookies we use, please see our Cookie Policy. You can manage your cookie preferences at any time through the consent banner or your browser settings.

6. Analytics & Monitoring

We take a privacy-first approach to analytics and monitoring:

  • First-party analytics only: We use our own analytics system and do not rely on third-party services like Google Analytics
  • No cross-site tracking: We do not track your activity across other websites or apps
  • No sale or sharing of analytics data: Your usage data is never sold or shared with third parties for marketing purposes
  • Aggregated and anonymized: Data is aggregated and anonymized where possible to protect your privacy
  • EU users can opt in or out at any time: You have full control over analytics cookies through our consent banner

7. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected:

  • Account data: Retained while your account is active. If you delete your account, personal data is removed within 90 days, except where retention is required by law
  • Analytics data: Retained for a limited period (typically up to 2 years) in aggregated form. Individual session data is anonymized after 30 days
  • Communication data: Retained only as needed for support purposes (typically up to 3 years)

When data is no longer required, it is securely deleted or anonymized so it can no longer be associated with you.

8. Data Sharing & Transfers

We do not sell your personal data. We only share your information in limited circumstances necessary to operate our platform:

Limited Sharing with Service Providers

We work with trusted third-party providers who help us deliver our services:

  • Hosting providers: For website and platform infrastructure
  • Email infrastructure: For transactional emails and support communications
  • Payment processors: For secure payment handling (we do not store payment card details)

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

International Data Transfers

Because we operate globally, your data may be processed in countries where our infrastructure and service providers are located. When international transfers occur:

  • Safeguards are applied to protect data consistency and security
  • Service providers comply with international data protection standards
  • Standard contractual clauses are used where required by law

Legal Disclosure

We may disclose your information if required by law, such as in response to a court order or legal process, or to protect our rights, property, or safety.

9. Data Security

We implement industry-standard security measures to protect your personal data:

  • HTTPS encryption: All data transmitted between your browser and our servers is encrypted using TLS/SSL
  • Secure session management: HTTP-only cookies and secure authentication through NextAuth to prevent unauthorized access
  • Access control and internal policies: Access to personal data is restricted to authorized personnel on a need-to-know basis
  • Regular security best practices: We regularly review and update our security measures to address emerging threats

While we implement reasonable safeguards, no method of transmission or storage is 100% secure. We are committed to protecting your data to the best of our ability.

10. Your Rights

Depending on your location, you have specific rights regarding your personal data:

EU Users (GDPR Rights)

If you are located in the European Union, you have the following rights under GDPR:

  • Access your data: Request a copy of the personal data we hold about you
  • Correct inaccuracies: Request that we correct any incomplete or inaccurate data
  • Request deletion ("right to be forgotten"): Request that we delete your personal data, subject to legal obligations
  • Restrict or object to processing: Request that we limit how we use your data or object to certain types of processing
  • Data portability: Request a copy of your data in a structured, commonly used format
  • Withdraw consent: Withdraw your consent for analytics or other optional features at any time
  • Lodge a complaint: File a complaint with your local data protection authority if you believe we have not handled your data appropriately

Cameroon Users

In accordance with Cameroon data protection principles, you have the following rights:

  • Right to access and correct personal data: View and update your information to ensure accuracy
  • Right to object to unlawful processing: Challenge the use of your data if you believe it is being processed unlawfully
  • Right to request deletion: Request deletion of your data where legally applicable and not subject to retention requirements

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: privacy@cloudegree.com

We will respond to your request within 30 days and verify your identity to protect your privacy.

11. Children's Privacy

Our services are not intended for children under the age of 16 (or the applicable age of digital consent in your jurisdiction).

We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without appropriate consent, we will take steps to delete that information as quickly as possible.

If you believe we may have collected information from a child, please contact us immediately at privacy@cloudegree.com.

12. Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or operational needs.

When we make changes:

  • The updated policy will be posted on this page
  • The "Last updated" date at the top will be revised
  • For significant changes, we may notify you via email or a notice on our website

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Inquiries:

privacy@cloudegree.com

For data access, correction, or deletion requests

General Inquiries:

hello@cloudegree.com

We take your privacy seriously and will respond to all legitimate requests within 30 days.

This Privacy Policy is designed to comply with the EU General Data Protection Regulation (GDPR), Cameroon Law No. 2010/012 on Cybersecurity and Cybercrime, and other applicable data protection laws. If you have specific questions about how these laws apply to you, please contact us at privacy@cloudegree.com.