1. Who We Are

Codracta is an educational organization specializing in 3D game level design training. We're based in Alicante, Spain, and we provide online and in-person courses for aspiring game designers.

Our contact information:

• Registered Address: C. Alcolecha, Nº 15, 3ºI, 03014 Alicante, Spain
• Phone: +34934417526
• Email: info@codracta.com

2. What Information We Collect

We collect different types of information depending on how you engage with our services. Here's what we gather and why:

2.1 Information You Give Us Directly

• Contact details — name, email address, phone number, and mailing address when you sign up for courses or contact us
• Account information — username, password, and profile preferences when you create a student account
• Payment data — billing address and transaction details (we don't store full credit card numbers ourselves)
• Educational background — prior experience, portfolio links, and career goals to help us personalize your learning path
• Communication records — emails, messages, and feedback you send us

2.2 Information We Collect Automatically

When you visit our website or use our learning platform, we automatically gather some technical information:

• IP address and approximate location
• Browser type and device information
• Pages you visit and time spent on each
• Referring websites and search terms used to find us
• Course progress and quiz results within our learning management system

2.3 Cookies and Similar Technologies

We use cookies to improve your experience on our site. Some are essential for the site to work, while others help us understand how people use our platform so we can make it better. You can control cookie preferences through your browser settings.

3. How We Use Your Information

We use the data we collect for specific purposes. We won't surprise you with unexpected uses of your personal information.

We keep marketing separate from essential communications. You can unsubscribe from promotional emails anytime, but we'll still need to send you important stuff about courses you're enrolled in.

4. Who We Share Your Data With

We don't sell your personal information. That's a hard rule. But we do work with some trusted partners who help us deliver our services:

4.1 Service Providers

• Payment processors — to handle transactions securely
• Email service providers — to send you course materials and updates
• Cloud hosting services — to store course content and student data safely
• Analytics platforms — to understand how our website performs

These companies only access the minimum data they need to do their job, and they're contractually obligated to protect your information.

4.2 Legal Requirements

Sometimes we're legally required to share information with authorities — for example, if there's a valid court order or if we need to protect someone's safety. We'll always verify the legitimacy of such requests before complying.

4.3 Business Transfers

If Codracta merges with another company or gets acquired, your data would be part of that transfer. We'd notify you beforehand and ensure the new owner respects this privacy policy.

5. International Data Transfers

Our servers are primarily located within the European Union. However, some of our service providers (like certain cloud infrastructure companies) operate globally. When your data moves outside the EU, we make sure it's protected through:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions recognizing certain countries as providing sufficient protection
• Additional safeguards like encryption during transfer

6. How Long We Keep Your Data

We don't keep your information longer than necessary. Here's our general approach:

You can ask us to delete your data sooner in most cases — see the "Your Rights" section below.

7. How We Protect Your Information

Security isn't just a checkbox for us. We've implemented multiple layers of protection:

• Encryption: All data transmitted between your browser and our servers uses TLS encryption. Sensitive data at rest is also encrypted.
• Access controls: Only authorized staff members can access student data, and we track who accesses what.
• Regular security audits: We review our systems quarterly and patch vulnerabilities promptly.
• Secure authentication: Passwords are hashed using industry-standard algorithms, and we encourage two-factor authentication.
• Staff training: Everyone on our team undergoes regular privacy and security training.

Despite our best efforts, no system is 100% secure. If a breach occurs, we'll notify affected individuals and the Spanish Data Protection Agency (AEPD) within 72 hours as required by law.

8. Your Privacy Rights

Under GDPR and Spanish data protection law, you have significant control over your personal information. Here's what you can do:

8.1 Right to Access

You can request a copy of all personal data we hold about you. We'll provide it in a commonly used electronic format within 30 days.

8.2 Right to Correction

If any information we have is inaccurate or incomplete, let us know and we'll fix it promptly. You can update most details directly through your student account.

8.3 Right to Deletion

You can ask us to delete your data in certain situations — for example, if it's no longer needed for the original purpose, or if you withdraw consent. We'll comply unless we have a legal obligation to keep the information.

8.4 Right to Restrict Processing

You can ask us to temporarily stop using your data if you're contesting its accuracy or questioning whether we have a legitimate need for it.

8.5 Right to Data Portability

You can request your data in a structured, machine-readable format to transfer to another service provider if you wish.

8.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes. We'll stop unless we have compelling grounds to continue.

8.7 Right to Withdraw Consent

Where we rely on your consent (like marketing emails), you can withdraw it anytime by clicking unsubscribe or contacting us.

9. Children's Privacy

Our courses are designed for individuals 16 years and older. We don't knowingly collect personal information from anyone under 16 without parental consent. If you're a parent and believe your child has provided us with personal data without permission, please contact us immediately so we can delete it.

10. Third-Party Links

Our website and course materials sometimes link to external resources — like game development tools, industry articles, or student portfolio sites. We're not responsible for the privacy practices of these third-party sites. Always check their privacy policies before sharing personal information.

11. Changes to This Policy

We review and update this privacy policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you by email and post a notice on our website at least 30 days before the changes take effect.

The "Last Updated" date at the top of this page shows when the current version was published. Continued use of our services after changes become effective means you accept the updated policy.

12. Complaints and Regulatory Authority

We hope to resolve any privacy concerns directly. But if you're not satisfied with our response, you have the right to lodge a complaint with:

As we operate in Spain, the AEPD is our lead supervisory authority. However, you can also contact the data protection authority in your own EU country if that's more convenient.