Terms of Service
Learn Portuguese with Sofia
Effective Date: July 1 2025
This Privacy Policy explains what personal information we collect, why we collect it, how we use it, and the choices you have. It applies to anyone who visits our website, buys a product on Gumroad, joins a Zoom class, exchanges messages on WhatsApp, or otherwise interacts with Learn Portuguese with Sofia (“we,” “our,” “us”).
1. What We Collect
| Category | Typical Data | How We Collect It |
|---|---|---|
| Identity & Contact | Name, e‑mail address, time zone | Website enquiry forms, Gumroad checkout, Calendly bookings, e‑mail |
| Purchase & Payment | Course purchased, price, payment status (processed by Gumroad) | Gumroad order data (we never see full card details) |
| Class & Homework | Homework files, voice notes, chat transcripts, Zoom recordings (when enabled) | E‑mail, WhatsApp, Zoom |
| Usage & Device | IP address, browser type, pages visited, cookies | Site analytics tools, server logs |
| Marketing Preferences | Opt‑in / opt‑out status | E‑mail marketing platform (e.g. Mailchimp, Resend) |
We do not collect sensitive categories of data (health, religion, biometric, etc.).
2. Why We Use Your Data
| Purpose | Legal Basis (GDPR) |
|---|---|
| Provide courses, schedule classes, give feedback | Contract: we need it to deliver what you purchased |
| Process payments & prevent fraud | Legitimate interest / Contract |
| Send homework feedback, lesson reminders, and important service e‑mails | Legitimate interest |
| Answer enquiries and provide support | Legitimate interest |
| Improve content, site performance, and user experience | Legitimate interest |
| Send newsletters or promotions you opted into | Consent (you may unsubscribe anytime) |
3. Sharing & Third Parties
We share only what is necessary with:
- Gumroad – payment processing and digital delivery
- Zoom – live class sessions
- WhatsApp – conversational practice
- E‑mail service provider (e.g., Mailchimp / Resend) – newsletters and transactional e‑mails
- Web hosting & analytics partners – site functionality and metrics
All vendors are chosen for their commitment to data security and, where required, have GDPR‑compliant agreements in place. We never sell or rent your personal information.
4. Cookies & Similar Tech
Our site uses essential cookies for page security and basic functionality, plus optional analytics cookies to understand page performance. You can disable non‑essential cookies via your browser settings without affecting core course access.
5. How Long We Keep Data
| Data Type | Retention Period |
|---|---|
| Purchase records | 7 years (tax & accounting rules) |
| Homework, voice notes, Zoom recordings | Up to 12 months after course completion, unless you request earlier deletion |
| Newsletter subscriber list | Until you unsubscribe |
| Server logs & analytics | 26 months or less |
When data is no longer needed, we securely delete or anonymise it.
6. Your Rights (EU / UK & Similar Jurisdictions)
You can, at any time:
- Access the personal data we hold on you
- Correct inaccurate or incomplete data
- Delete your data (where no longer required)
- Restrict or object to certain processing
- Port your data to another provider
- Withdraw consent for marketing at any time (unsubscribe link in every e‑mail)
- Lodge a complaint with a supervisory authority (usually in your country of residence)
To exercise any right, e‑mail info@learnportuguesewithsofia.com. We aim to respond within 30 days.
7. Security
- HTTPS encryption on all web pages
- Access controls and 2‑factor authentication for admin accounts
- Regular software updates and vendor security reviews
- Only the teacher and essential staff can view student materials
No system is perfect, but we take reasonable technical and organisational measures to prevent unauthorised access, loss, or misuse.
8. International Transfers
Our servers and some partners are based outside the EU/EEA. Whenever personal data leaves the European Economic Area, we rely on one of the following safeguards:
- Standard Contractual Clauses approved by the European Commission
- Partner’s certification under an adequacy framework (e.g., EU‑US Data Privacy Framework)
- Your explicit consent when required
9. Children
Our services are intended for adults (17+). We do not knowingly collect data from children. If you believe a child has provided personal information, please contact us for immediate deletion.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be announced via e‑mail or a notice on the website. The “Effective Date” at the top will always show the latest revision.
11. Contact
Questions, requests, or concerns?