Privacy Policy for Giacosoft d.o.o.

Last Updated: 19.3.2026

Giacosoft d.o.o. ("we," "our," or "us") values your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our online courses platform at learning.giacosoft.com, create an account, purchase courses, or otherwise interact with us.

1. Information We Collect

1.1 Information You Provide Directly

  • Account Information: When you register for an account, we collect your username, email address, and password (stored in hashed form). We do not collect your first or last name during registration.
  • Payment Information: When you purchase a course, payment is processed by Stripe. We store your Stripe customer ID, checkout session ID, payment intent ID, currency, total amount, and any discount codes applied. We do not store your credit card details — these are handled entirely by Stripe.
  • Course Progress Data: We record which chapters you have completed and when, to track your learning progress.
  • Team and Multi-Seat Purchase Data: If you purchase a multi-seat license, we collect team name, team member email addresses, and seat allocation information.
  • Newsletter Subscription: If you opt in to our newsletter, we collect your email address. Newsletter delivery is managed by MailerLite.
  • Contact Form: When you contact us via our website, we collect your email address, name, and the message content you provide.

1.2 Automatically Collected Information

  • Cookies and Tracking Technologies: We use Google Analytics and Meta Pixel to track website activity and gather usage statistics.
  • Data Collected Includes:
    • IP address
    • Browser type
    • Device type
    • Pages visited
    • Time spent on pages

2. How We Use Your Information

  • To create and manage your account and provide access to purchased courses.
  • To process payments and manage your orders.
  • To track your course progress and provide a personalized learning experience.
  • To manage team and multi-seat purchases, including seat allocation.
  • To respond to inquiries submitted via the contact form.
  • To send newsletters and promotional emails, only if you have opted in.
  • To analyze website traffic and improve user experience via Google Analytics.
  • To provide personalized advertisements via Meta Pixel.

3. How We Share Your Information

We do not sell or rent your personal data. However, we may share your data with third parties for the following purposes:

  • Stripe: To process payments securely. Stripe receives the payment information necessary to complete your transaction. See the Stripe Privacy Policy.
  • MailerLite: To deliver newsletters to subscribers. MailerLite receives your email address when you subscribe. See the MailerLite Privacy Policy.
  • Google Analytics: To analyze website traffic and usage. See the Google Analytics Privacy Policy.
  • Meta Pixel: To create targeted advertisements and measure campaign performance. See the Meta Privacy Policy.

4. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Essential website functionality (authentication, session management).
  • Analytics and performance tracking.
  • Marketing and personalization.

For full details, see our Cookie Policy.

4.1 Managing Cookies

When you first visit our website, you will see a cookie banner where you can:

  • Accept all cookies.
  • Reject non-essential cookies.

You can also manage your cookie settings in your browser. Note that rejecting cookies may impact your user experience.

5. Data Storage and Security

  • Account Data: Retained for as long as your account is active. You may request account deletion at any time.
  • Payment Records: Retained as required by applicable tax and accounting laws (typically up to 10 years under Slovenian law).
  • Course Progress Data: Retained while you are enrolled and have an active account.
  • Team Data: Retained while the team subscription is active.
  • Newsletter Data: Managed by MailerLite. Retained until you unsubscribe, after which it will be deleted in accordance with MailerLite's data retention practices.
  • Contact Form Data: Retained for 12 months.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

6. Legal Basis for Processing

Under Article 6 of the GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance (Article 6(1)(b)): For account creation, course access, payment processing, progress tracking, and team management — processing that is necessary to fulfill our contractual obligations to you.
  • Consent (Article 6(1)(a)): For marketing cookies (Google Analytics, Meta Pixel) and newsletter subscriptions. You provide consent through our cookie banner or by opting in to receive newsletters.
  • Legitimate Interest (Article 6(1)(f)): For essential website functionality and security measures necessary to operate our platform.
  • Legal Obligation (Article 6(1)(c)): For retaining payment and transaction records as required by tax and accounting regulations.

7. International Data Transfers

Some of the third-party services we use may transfer your personal data outside the European Economic Area (EEA):

  • Stripe: Stripe, Inc. is based in the United States. Stripe participates in the EU-U.S. Data Privacy Framework and uses Standard Contractual Clauses (SCCs) for data transfers.
  • MailerLite: MailerLite is based in Lithuania (EU). Your newsletter data generally remains within the EEA.
  • Google Analytics: Google may transfer data to servers located in the United States. Google participates in the EU-U.S. Data Privacy Framework.
  • Meta Pixel: Meta may transfer data to servers located in the United States. Meta relies on Standard Contractual Clauses (SCCs) approved by the European Commission for such transfers.

We ensure that any international transfers of your personal data are protected by appropriate safeguards in compliance with GDPR requirements.

8. Your Rights

Under the General Data Protection Regulation (GDPR), you have the following rights:

  • Access: Request access to your personal data.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data ("right to be forgotten").
  • Withdrawal of Consent: Opt out of marketing emails or revoke consent for data collection at any time.
  • Data Portability: Request to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
  • Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority. For Slovenia, this is the Information Commissioner of the Republic of Slovenia (Informacijski pooblaščenec), available at www.ip-rs.si.

To exercise your rights, contact us at support@giacosoft.com.

9. Third-Party Links

Our website may contain links to external sites. We are not responsible for the privacy practices of these sites. Please review their privacy policies when visiting them.

10. Updates to This Policy

We may update this Privacy Policy periodically. Changes will be reflected with a "Last Updated" date at the top of this page.

11. Contact Us

If you have any questions about this Privacy Policy or your personal data, please contact us at support@giacosoft.com.