GDPR Compliance

General Data Protection Regulation (GDPR)

AceCCL is committed to protecting the privacy and personal data of all users, including those in the European Union. This page outlines our compliance with the General Data Protection Regulation (GDPR).

Our Commitment

We respect your privacy rights and implement appropriate technical and organizational measures to ensure the security of your personal data.

Contractual Necessity

We process your personal data to provide our NAATI CCL practice services as outlined in our Terms of Service.

Legitimate Interest

We may process data for legitimate business interests such as improving our platform, analytics, and fraud prevention.

Consent

For certain activities like marketing communications, we rely on your explicit consent.

Right of Access

You have the right to request access to your personal data and information about how we process it.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Restrict Processing

You can request restriction of processing in specific circumstances.

Right to Data Portability

You can request a copy of your data in a structured, machine-readable format.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

Contact Information

For GDPR-related inquiries, please contact our support team:

Email: support@aceccl.com

Subject: GDPR Inquiry

Retention Period

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, and resolve disputes.

Account Data

Account information is retained while your account is active and for a reasonable period after account closure.

Practice Data

Practice session data and progress tracking information is retained to provide continuous service improvement.

Technical Measures

We implement appropriate technical safeguards including encryption, secure servers, and access controls.

Organizational Measures

We maintain strict data access policies, regular security training, and incident response procedures.

International Transfers

When transferring data outside the EU, we ensure appropriate safeguards are in place, including adequacy decisions or standard contractual clauses.

Third-Party Services

We only work with third-party processors that provide adequate guarantees for GDPR compliance.

Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe your rights under GDPR have been violated.

Direct Contact

We encourage you to contact us first at support@aceccl.com so we can address your concerns directly.

Policy Updates

We may update our GDPR compliance practices from time to time. Material changes will be communicated to affected users.