Privacy & Data Protection

Privacy Policy

Learn how Podacium collects, uses, and protects your personal data in compliance with Algerian Law 18-07 on Protection of Personal Data.

15
Sections
2026
Effective Date
1.0
Version
View Terms of Service

Podacium SARL

Registered Limited Liability Company (SARL) in Algeria

Language Notice

The official legal version of this document is in Arabic. Translations are provided for convenience only.

Address

PC38+5MV, Bir El Djir, Oran, Algeria

Email

podacium@gmail.com

Phone

+213 792 913 873

Website

www.podacium.com.dz

Effective Date

1 January 2026

Last Updated

1 January 2026

Version

1.0

1. Introduction

Important

Overview of our privacy commitment and scope

1.1 Our Commitment to Privacy

Podacium SARL ('Podacium', 'we', 'us', or 'our') is committed to protecting the privacy and personal data of all users of our educational platform ('Platform'). This Privacy Policy explains how we collect, use, store, share, and protect your personal information in accordance with Algerian Law No. 18-07 of 10 June 2018 on the Protection of Personal Data ('Law 18-07').

1.2 Scope

This Privacy Policy applies to all users of the Podacium Platform, including: Individual learners and students, Freelancers (when Freelancing Marketplace launches), Business and institutional users, Guest visitors, Minors (with parental consent).

1.4 Regulatory Compliance

Podacium is committed to compliance with: Algerian Law 18-07 on Protection of Personal Data, National Authority for the Protection of Personal Data (ANPDP) regulations, International best practices for data protection. We have filed (or will file prior to commercial launch) all required data processing declarations with ANPDP and will obtain necessary authorizations for cross-border data transfers.

1.5 Relationship to Other Policies

This Privacy Policy should be read together with: Terms of Service (which incorporates consent provisions in Section 7.8), Cookie Policy (detailing our use of cookies and tracking technologies), Refund Policy.

Terms of Service

Legal agreement between you and Podacium

Cookie Policy

Details about cookies and tracking

Refund Policy

Information about refunds and cancellations

3. Data We Collect

Types of personal data collected by Podacium

3.1 Personal Identification Data

Collected during registration: Full legal name, Email address, Date of birth, Phone number (optional). For Minors (under 19 years): Parental/guardian identification, Proof of parental consent, Relationship to minor. For Freelancers (when Marketplace launches): Tax Identification Number (NIF) for Algerian freelancers, Professional information, Portfolio, Bank account details (processed by payment gateway).

3.2 Account and Authentication Data

Username, Password (encrypted), Account creation date, Last login date and time, Two-factor authentication credentials (if enabled), Social login tokens (if you use Google/Facebook login).

3.3 Usage and Learning Data

Educational Activity: Courses enrolled, viewed, and completed; Video watch time and progress; Quiz and assignment submissions; Learning path progress; Certificate issuance records. Platform Interaction: Pages visited and navigation patterns; Time spent on platform; Features used; Search queries; Content downloads.

3.4 Technical and Device Data

IP address, Browser type and version, Operating system, Device type (desktop, mobile, tablet), Screen resolution, Referring website/source, Geographic location (country/city level, derived from IP), Language preferences, Time zone.

3.5 Communication Data

Email correspondence with support team, In-platform messages, Support ticket content, Survey responses, Feedback submissions.

3.6 Business Intelligence (BI) Data

For Individual Users: Engagement metrics, Learning analytics, Performance trends. For Business/Institutional Users: Employee learning progress, Team performance dashboards, Training ROI metrics, Aggregated workforce analytics. Note: Enterprise BI clients may upload confidential business data. Such data is subject to additional security measures and Non-Disclosure Agreements (NDAs).

3.7 AI Interaction Data (Future Feature)

When AI Services launch: Questions asked to AI tutors, AI-generated responses, Feedback on AI accuracy, AI learning path recommendations accepted/rejected. Important: AI interaction data will only be used for AI training with explicit consent and in anonymized, aggregated form.

3.8 Payment and Financial Data

Processed by third-party payment gateways (not stored by Podacium): Credit/debit card information, Bank account details, Payment authorization tokens. Stored by Podacium: Transaction IDs and amounts, Transaction dates and times, Course purchase history, Subscription status, Refund records, Invoices issued.

3.9 User-Generated Content

Course assignments and projects, Forum posts and comments, Reviews and ratings, Uploaded files (within platform limits), Profile pictures (optional), Freelance work deliverables (when Marketplace launches).

3.10 Data We Do NOT Collect

Podacium does not collect: National ID card numbers (except for parental consent verification), Biometric data, Health or medical information, Religious or political beliefs, Trade union membership, Genetic data, Criminal history (unless required for specific institutional programs).

4. How We Use Your Data

Purposes for processing your personal data

Account Management

Create, maintain, and secure your account

Educational Service

Provide courses, track progress, issue certificates

Payment Processing

Process payments and handle transactions

Platform Improvement

Analyze usage and improve user experience

Security & Fraud Prevention

Protect against unauthorized access and fraud

Legal Compliance

Comply with laws and respond to authorities

4.6 Communication and Marketing

Transactional Communications (no consent required): Order confirmations and receipts, Course enrollment notifications, Certificate delivery, Password reset emails, Account security alerts, Important Terms/Policy updates. Marketing Communications (consent required): New course announcements, Promotional offers and discounts, Platform feature updates, Educational content recommendations, Newsletters.

You can opt out of marketing communications at any time via:

  • Unsubscribe links in emails
  • Account settings dashboard
  • Email to podacium@gmail.com

4.10 AI Model Training (Future, with Consent)

Important: Only anonymized, aggregated data will be used for AI training, and only with explicit user consent.

5. Data Retention

How long we keep your personal data

5.1 Active Accounts

Data is retained as long as your Account remains active and for the purposes for which it was collected.

5.2 Deleted Accounts

Upon Account deletion: Personal Identification Data: Deleted within 6 months of Account deletion request. Financial and Transaction Records: Retained for 10 years in anonymized form. Course Completion Certificates: Retained indefinitely for verification purposes. User-Generated Content: Public forum posts: Anonymized (author name removed) but content retained; Private assignments: Deleted with Account.

Personal Data

Deleted within 6 months of account deletion

Financial Records

Retained 10 years (anonymized) for legal compliance

Certificates

Retained indefinitely for verification purposes

5.5 Backup Data

Backups containing your data are deleted within 90 days of Account deletion. Backup retention necessary for disaster recovery and system integrity.

6. Data Sharing and Disclosure

When and with whom we share your data

6.1 No Sale of Personal Data

Podacium does not sell, rent, or trade your personal data to third parties for marketing purposes.

6.2 Service Providers (Data Processors)

We share data with trusted third-party service providers who process data on our behalf: Payment Processors (CIB, SATIM, EDAHABIA), Cloud Hosting Providers (Algerian data centers), AI Service Providers (Future), Analytics Providers, Communication Services. All third-party processors sign Data Processing Agreements and comply with Algerian Law 18-07.

6.6 Aggregate and Anonymized Data

We may share anonymized, aggregated data that cannot be used to identify individuals with: Educational researchers, Industry partners, Government agencies, The public (via reports and publications). Example: '70% of users complete courses within 3 months' or 'Algerian learners prefer video content over text.'

7. Cross-Border Data Transfers

Important

International data transfers and safeguards

7.1 Data Localization Commitment

Primary data storage: All personal data is stored on servers physically located in Algeria.

7.2 International Transfers (ANPDP Authorization Required)

Under Law 18-07, cross-border transfers of personal data require prior authorization from the National Authority for the Protection of Personal Data (ANPDP). Circumstances requiring international transfer: Backup storage on EU servers (for disaster recovery), AI service providers located outside Algeria, International analytics tools, Payment processors serving international users.

8. Data Security

Important

Measures to protect your personal data

8.1 Security Measures

Podacium implements industry-standard technical and organizational measures to protect personal data:

Encryption

AES-256 at rest, TLS 1.3 in transit

Access Controls

Role-based access, multi-factor authentication

Infrastructure Security

Secure data centers, 24/7 monitoring

Backup & Recovery

Regular backups, disaster recovery plan

8.2 Data Breach Response

In the event of a personal data breach: Detection and Assessment (within 24 hours), Notification to ANPDP (within 48-72 hours), Notification to Affected Users (within 72 hours), Remediation, Post-Incident Review.

8.3 User Responsibilities

While we implement strong security measures, you also have responsibilities: Keep your password confidential and strong, Enable two-factor authentication, Do not share Account credentials, Log out after using shared devices, Report suspicious activity immediately, Keep your contact information up to date. We are not liable for unauthorized access resulting from your failure to protect Account credentials.

9. Your Rights Under Algerian Law

Important

Data subject rights under Law 18-07

Under Law 18-07, you have the following rights regarding your personal data: Right of Access, Right to Rectification, Right to Erasure / 'Right to be Forgotten', Right to Object, Right to Data Portability, Right to Restrict Processing, Right to Withdraw Consent, Right to Lodge Complaint.

Right of Access

Access your personal data

Right to Rectification

Correct inaccurate data

Right to Erasure

Delete your personal data

Right to Portability

Receive your data in machine-readable format

Right to Withdraw

Withdraw consent at any time

Right to Lodge Complaint

Complain to ANPDP if rights are violated

9.9 Response Times

We commit to responding to all rights requests: Acknowledgment: Within 48 hours, Complete response: Within 15 days, Complex requests: Up to 30 days (with notification of delay). Exercising your rights is free of charge.

10. Minors' Data Protection

Important

Special protections for users under 19

10.1 Age Requirements

Minimum age to create Account: 16 years. Users under 19 years are considered Minors under Algerian law and require parental consent.

10.2 Parental Consent

For users aged 16-18: Verifiable parental or legal guardian consent required. Parent must provide: Scanned ID document, OR Phone number verification via OTP.

Consent Process:

  • Minor provides parent/guardian contact information during registration
  • Podacium contacts parent/guardian for verification
  • Account activated only after consent verified

11. Cookies and Tracking Technologies

Use of cookies and similar technologies

11.1 Overview

Podacium uses cookies and similar tracking technologies to enhance user experience, analyze Platform usage, and deliver personalized content. Full details are provided in our separate Cookie Policy.

11.3 Cookie Consent

On first visit: Cookie banner displayed, Granular consent options (accept all, reject non-essential, customize), Essential cookies placed immediately, Non-essential cookies only placed after consent. Managing Cookie Preferences: Adjust settings anytime via Account dashboard, Use browser settings to block/delete cookies, Contact podacium@gmail.com for assistance.

12. Changes to This Privacy Policy

How we update this policy

12.2 Notification of Changes

Material changes will be communicated via: Email notification to registered users (at least 15 days before effective date), Prominent notice on Platform homepage, In-app notification upon next login.

12.3 Consent to Changes

Continued use of Platform after changes take effect constitutes acceptance of updated Privacy Policy. If you do not agree with changes: Discontinue Platform use, Delete your Account before effective date, Exercise data subject rights (access, deletion, etc.).

13. International Users and GDPR

Compliance with international regulations

13.1 Current Status

EU and US users are currently geo-blocked pending full compliance implementation. When we open services to EU users, we will: Appoint an EU representative, Comply with GDPR's stricter data protection requirements, Offer all GDPR data subject rights, Implement GDPR-compliant data breach notification (72 hours).

14. Business Intelligence Enterprise Clients

Additional protections for enterprise users

14.1 Additional Protections

Enterprise clients using BI features benefit from: Non-Disclosure Agreements (NDAs), Data Isolation (complete separation from other users' data), Custom Security (additional encryption and access controls), Dedicated Support (priority data protection assistance).

14.3 Client Responsibilities

Enterprise clients are responsible for: Obtaining necessary consents from employees, Ensuring lawful basis for providing employee data, Compliance with employment and labor laws, Data minimization (only upload necessary data).

15. Contact Information

How to contact us about privacy matters

Email

podacium@gmail.com

Phone

+213 792 913 873

Address

PC38+5MV, Bir El Djir, Oran, Algeria

Website

www.podacium.com.dz

15.2 Response Times

Response Times:
  • General inquiries: 48 hours
  • Data subject rights requests: 15 days (up to 30 days for complex requests)
  • Data breach notifications: 72 hours
  • Complaints: 15 days

15.3 ANPDP Contact

National Authority for the Protection of Personal Data: 01, Rue Ahmed Ouaked, Dely Ibrahim, Algiers, Algeria. Website: https://www.anpdp.dz, Email: contact@anpdp.dz.

Acknowledgment and Consent

By using the Podacium Platform, you acknowledge that: You have read and understood this Privacy Policy, You understand how your personal data will be collected, used, and protected, You consent to data processing as described herein, You understand your rights under Algerian Law 18-07, You can withdraw consent or exercise data subject rights at any time. If you are a Minor (under 19 years): Your parent or legal guardian has provided verifiable consent for your use of the Platform and processing of your personal data.

View Terms of ServiceView Cookie PolicyView Refund Policy

Thank you for trusting Podacium with your personal information. We are committed to protecting your privacy and complying with all Algerian data protection laws.

Last Updated: 1 January 2026Version: 1.0Effective Date: 1 January 2026

Privacy Policy — How Podacium Protects Your Data | Podacium