Privacy Policy

Introduction

At Cotrai, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website and services.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the European Union and the Netherlands.

Data Controller

The data controller responsible for your personal data is:

Information We Collect

Information You Provide

When you contact us through our website forms, we collect the following personal information:

• • Full Name: To address you properly and identify your inquiry
• • Email Address: To respond to your inquiries and communicate about our services
• • Phone Number (optional): For direct communication if preferred
• • Message Content: Your specific inquiries, training needs, or feedback
• • Course Interest: Which training course you're inquiring about (if applicable)

Information We Do NOT Collect

We do not use cookies, analytics tracking, or any third-party tracking technologies. We do not collect:

• • Browsing behavior or website usage data
• • IP addresses or device information
• • Marketing or advertising data from third parties
• • Social media tracking or profiling information

How We Use Your Information

We use your personal data only for the following purposes:

• • Responding to inquiries: To answer your questions about our training services
• • Providing services: To deliver the training services you request
• • Service communication: To send information about your training sessions, schedules, and materials
• • Administrative purposes: To process payments, issue certificates, and maintain records

Legal basis: We process your data based on your consent (when you submit the contact form) and for the performance of a contract (when we provide training services).

Data Storage and Security

How We Store Your Data

Your personal data is stored securely on servers located within the European Union. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

Security Measures

We employ industry-standard security measures including:

• • Encrypted data transmission (HTTPS/SSL)
• • Secure server infrastructure
• • Access controls and authentication
• • Regular security updates and monitoring

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. Contact form submissions are typically retained for up to 2 years unless you request earlier deletion. Training participant data may be retained longer for certificate issuance and compliance purposes.

Sharing Your Information

We do not sell, rent, or trade your personal information to third parties. We may share your data only in the following limited circumstances:

• • Service providers: Trusted third-party service providers who assist us in operating our website or conducting our business (e.g., email hosting, payment processing), under strict confidentiality agreements
• • Legal requirements: When required by law, court order, or government regulation
• • Business transfers: In connection with any merger, acquisition, or sale of company assets, with notice to affected users

All third-party service providers are required to maintain appropriate data protection standards and use your data only for the specified purposes.

Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

• • Right of Access: You can request a copy of the personal data we hold about you
• • Right to Rectification: You can request correction of inaccurate or incomplete data
• • Right to Erasure: You can request deletion of your personal data ("right to be forgotten")
• • Right to Restrict Processing: You can request that we limit how we use your data
• • Right to Data Portability: You can request your data in a machine-readable format
• • Right to Object: You can object to our processing of your personal data
• • Right to Withdraw Consent: You can withdraw your consent at any time

To exercise any of these rights, please contact us at info@cotrai.com. We will respond to your request within 30 days.

Cookies and Tracking

Our website does not use cookies or any tracking technologies. We do not collect any information about your browsing behavior, and we do not use analytics tools, advertising pixels, or third-party tracking scripts.

This means you can browse our website without being tracked, and we do not create profiles of your online activity.

International Data Transfers

Your personal data is processed and stored within the European Economic Area (EEA). We do not transfer your data to countries outside the EEA unless necessary for service delivery, in which case we ensure appropriate safeguards are in place as required by GDPR.

Children's Privacy

Our services are directed to businesses and professionals. We do not knowingly collect personal information from individuals under 16 years of age. If you believe we have collected information from a child, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on this page with a new "Last updated" date. We encourage you to review this policy periodically.

Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay, as required by GDPR.