Privacy Policy

01Introduction and Overview

Who We Are

iginity.com is a digital platform owned and operated by Iginity Learning Technologies (Pvt.) Ltd., a company registered under the laws of Pakistan, with its registered office in Islamabad. Throughout this policy, when we say "iginity," "we," "us," or "our," we refer to this company and its controlled affiliates. When we say "you" or "your," we refer to the individual using our website, enrolling in our courses, or interacting with our digital services.

Scope of This Policy

This comprehensive Privacy Policy applies to:

The public-facing website hosted at iginity.com and all subdomains
All online courses, training programs, workshops, webinars, and digital content offered through our platform
Mobile applications or progressive web apps we may release under the iginity brand
Electronic communications including emails, newsletters, support tickets, and in-platform messaging
Offline interactions where personal data is collected and subsequently digitized

This policy does NOT apply to:

Third-party websites or services that we link to for reference or partnership purposes
Information collected by employers or organizations that sponsor your access under a separate corporate agreement

Agreement to Terms

By creating an account, enrolling in a course, or otherwise using our services, you are formally agreeing to the collection, use, transfer, and retention of your personal data as described in this policy.

02Information We Collect

We collect a wide array of information to deliver personalized, secure, and high-quality learning experiences. For clarity, we categorize all data into three primary types.

Personal Information (Directly Provided by You)

This is information you knowingly and voluntarily share with us.

Account Credentials & Identity Verification

Full legal name and, optionally, a display name
Email address and, optionally, a secondary recovery email
Self-created password (encrypted and never visible to iginity staff)
Phone number (optional, for two-factor authentication or urgent course updates)
Profile photograph or avatar (optional)

Billing & Transactional Data

Full billing address and physical address
Credit/debit card numbers (tokenized, full details not stored by us)
Tax identification number or company VAT/GST details
Complete order history, including purchases, refunds, and renewals

Communication Records

All emails, chat logs, and support tickets
Feedback surveys, course reviews, and instructor evaluations
Marketing and notification preferences

Educational & Behavioral Data (Generated Through Learning)

Unlike a simple e-commerce platform, iginity is an educational ecosystem. Your learning process generates valuable data.

Course Progress & Performance

Enrollment records and access history
Progress tracking: videos watched, articles read, assessments attempted
Assessment data: quiz scores, assignment submissions, exam results
Certification data: digital certificates and unique verification IDs

Skill Mapping & Recommendations

Aggregated performance metrics across multiple courses
Time spent on topics, pause points, and re-watched segments
Self-declared goals and interests for recommendations

Technical Metadata (Automatically Collected)

Device & Browser Data

IP address and derived approximate geographic location (city/country level)
Browser type, version, and engine
Operating system and version
Device type (desktop, tablet, smartphone), manufacturer, and model
Screen resolution, language settings, and time zone

Network & Usage Logs

Date and time of each request (standard access logs)
Referring and exit URLs, including search engine query terms
Click-stream data and page interaction sequences

03Cookies & Tracking Technologies

What Are Cookies and Why Do We Use Them?

Cookies are small text files stored on your device when you visit a website. Web beacons, tags, and scripts serve similar functions. At iginity, these technologies are deployed for four core purposes.

The Four Categories of Cookies on iginity.com

Category 1

Strictly Necessary Cookies (Always Active)

These are fundamental to the operation of the iginity platform. Without them, the website would not function. Uses include maintaining your login session, enabling secure payment processing, and remembering your cookie consent choices. By law, these are exempt from consent requirements.

Category 2

Performance & Analytics Cookies

These collect aggregated, anonymous data about how our platform is used, helping us measure performance and fix bugs. We use Google Analytics 4 (with IP anonymization), session heatmaps (all sensitive fields masked), and A/B testing scripts. Deployed only after your explicit consent.

Category 3

Functional Cookies

These enable non-essential features that improve your experience: remembering your preferred language, saving your course player volume settings, and recalling your last watched video position. Optional, via consent.

Category 4

Targeting & Advertising Cookies

Used to deliver relevant advertisements both on and off the iginity platform. We may use Facebook Pixel, LinkedIn Insight Tag, and Google Ads Conversion Tracking. Strictly optional and deployed only with explicit consent.

Managing Your Cookie Preferences

On your first visit, a cookie consent banner appears. You can "Accept All," "Reject All," or "Customize" by category. Nothing in our core functionality breaks if you reject all non-necessary cookies. You can change preferences anytime via the "Cookie Settings" link in our footer. We also honor the Global Privacy Control (GPC) signal.

04How We Use Your Information

Contractual Service Delivery

Fulfilling our contract with you: creating accounts, enrolling you in courses, processing payments, awarding certificates, enabling instructor interaction, and delivering technical support.

Personalization and Learning Optimization

Using educational data to create tailored experiences: adaptive learning paths, course recommendations, in-platform notifications, and curriculum improvements based on aggregated, anonymized performance data.

Communication and Engagement

Transactional emails (payment confirmations, password resets, policy changes) — you cannot opt out. Course progress emails — manageable in settings. Marketing emails — only with explicit opt-in, with one-click unsubscribe in every message.

Analytics, Research, and Product Development

Anonymized and aggregated data drives our evolution: statistical analysis, A/B testing, and developing new product lines based on interest patterns.

Safety, Security, and Legal Compliance

Fraud prevention, terms enforcement, legal holds for court orders, and security monitoring against hacking, brute-force attacks, and DDoS threats.

05The Legal Bases for Processing

Under data protection laws like the GDPR, every processing activity must have a valid legal basis. We rely on one of six:

Contractual Necessity

Processing needed to deliver the service you requested (e.g., course access).

Legitimate Interests

Processing for our legitimate business purposes, balanced against your rights (e.g., marketing to existing customers with opt-out).

Consent

Explicit permission for specific purposes (e.g., cookies, sensitive data). Withdrawable at any time.

Legal Obligation

Compliance with court orders and statutory requirements.

Vital Interests

Protecting life or physical integrity in emergencies.

Public Interest

Government-recognized initiatives or publicly funded research.

07International Data Transfers

As a Pakistan-based company serving globally, your data will likely cross borders. We ensure protection travels with your data.

Our Infrastructure

Primary production data is stored in secure servers (e.g., Frankfurt for EMEA users, Singapore for APAC). For EU/EEA users, we use Standard Contractual Clauses (SCCs) with Transfer Impact Assessments and supplementary encryption measures.

Protection Measures

All data is encrypted in transit (TLS 1.3) and at rest (AES-256) regardless of physical location. Cloud contracts bind providers to identical data protection standards.

08Data Retention & Minimization

We don't hoard data. We set clear, purpose-driven time limits.

Data Type	Retention Period
Active Account Data	Until deletion or 5 years of inactivity
Deleted Account Data	Irreversibly deleted from active systems within 30 days
Financial Records	7 years per tax law
Certificate Records	Permanent archive for credential verifiability
Marketing Consents	Indefinitely to demonstrate compliance
Analytics Data	Auto-deleted after 26 months

09Data Security

Technical Safeguards

TLS 1.3 for data in transit, AES-256 for data at rest
Dual firewalls, IDS/IPS, and DDoS mitigation
Mandatory MFA for all staff accessing production
Secure SDLC with code review and security testing

Organizational Safeguards

Confidentiality agreements and annual security training for all staff
Access on a strict "least privilege" basis

Data Breach Response

We maintain a formal incident response plan. If a breach is confirmed and poses a risk to your rights, we notify the relevant supervisory authority within 72 hours. For high-risk breaches, we notify you without undue delay, describing the data involved and recommended protective measures.

10Your Rights

You may exercise these rights at any time, free of charge:

Access & Portability

Request a copy of your data in machine-readable format.

Rectification

Correct inaccurate or incomplete data.

Erasure

Request deletion ("right to be forgotten"), with lawful exceptions.

Restriction

Limit processing during disputes or verification.

Objection

Object to direct marketing (absolute) or legitimate interest processing.

Withdraw Consent

Revoke previously given consent at any time.

Automated Decisions

Right to human review of significant automated decisions.

To make a request:

Email dpo@iginity.comfrom your account email with subject “Data Subject Request: [Your Right]”. We verify identity and respond within 30 days.

11Children's Privacy

iginity.com is for professional and advanced learning. By creating an account, you represent you are at least 16 years of age. We do not knowingly collect data from anyone under 16. If we learn we have inadvertently collected such data, we will immediately terminate the account and delete all associated information.

12Jurisdictional Rights

EEA, UK, and Switzerland

GDPR

Right to lodge a complaint with your local data protection supervisory authority. We welcome you to contact us first.

California, USA

CPRA

Right to know, correct, and delete. We do not sell your data. No discrimination for exercising CPRA rights.

Pakistan

Local Jurisdiction

As a company incorporated in Islamabad, you have the right to seek redressal in your home jurisdiction. Direct grievances to our DPO.

13Changes to This Policy

We may modify this policy. Material changes trigger a prominent banner on our homepage for 30 days, an email notification summarizing changes, and, where required, a request for fresh consent. Minor edits are reflected by updating the Effective Date.

14Contact Us

We have appointed a Data Protection Officer to oversee compliance.

Data Protection Officer

Iginity Learning Technologies (Pvt.) Ltd.
Islamabad, ICT 44000
Pakistan

Email: dpo@iginity.com

Web: iginity.com/contact-privacy

We acknowledge queries within 3 business days and provide substantive resolution within 30 calendar days.

Effective Date

May 1, 2026

End of Privacy Policy