• Monday - Saturday, 08am - 05pm
Facebook-f X-twitter Linkedin Instagram Youtube
  • Monday - Saturday, 08am - 05pm
Facebook-f X-twitter Linkedin Instagram Youtube

Personal Data Protection Policy (GDPR)

1. Purpose

This Personal Data Protection Policy (the “Policy”) aims to inform any person accessing or using the IAACC platform (visitors, candidates/learners, instructors/trainers) of the conditions under which their personal data is collected, processed, stored, and protected.

This Policy is established in accordance with:

  • the General Data Protection Regulation (GDPR – EU Regulation 2016/679);

  • applicable national data protection laws, including those in Africa;

  • internationally recognized principles of privacy and personal data protection.

2. Data Controller

The data controller responsible for the processing of personal data is:IAACC
Email: support@iaacc.io
Websites: www.iaacc.io / www.iaacc.net / www.iaaccs.net / www.iaacc.com.tn / www.iaacc.tn

3. Scope of Application

This Policy applies to all personal data collected and processed in connection with:

  • access to, browsing, and use of the IAACC platform;

  • user registration and account management;

  • online training programs, academic and professional consultations;

  • use of the blog, chatbot, AI-powered agents, and all tools, features, services, and technologies made available on the IAACC platform, including automated and artificial intelligence–based services.

4. Categories of Personal Data Collected

IAACC may collect and process the following categories of personal data:

4.1 Identification Data

  • First and last name

  • Email address

  • Phone number

  • Country of residence

4.2 Academic and Professional Data

  • CV / résumé

  • Academic and professional background

  • Skills, qualifications, and areas of expertise

  • Information relating to courses attended or delivered

4.3 Technical and Usage Data

  • IP address

  • Login credentials and access logs

  • Platform usage data and interaction history

5. Purposes of Data Processing

Personal data is collected and processed exclusively for the following purposes:

  • creation, management, and security of user accounts;

  • access to training programs, educational services, and paid consultations;

  • publication , management of profiles and CVs in the IAACC CV Instructors database;

  • matching and interaction between candidates and instructors;

  • pedagogical monitoring and continuous improvement of services;

  • administrative, educational, and professional communication;

  • compliance with legal, contractual, and regulatory obligations.

6. Legal Basis for Processing (GDPR – Article 6)

The processing of personal data is based on one or more of the following legal grounds:

  • explicit consent of the data subject;

  • performance of a contract or pre-contractual measures;

  • compliance with legal obligations;

  • legitimate interests pursued by IAACC, including platform security, service optimization, and fraud prevention.

7. Confidentiality and Security Measures

IAACC implements appropriate technical and organizational measures to ensure:

  • confidentiality, integrity, and availability of personal data;

  • protection against unauthorized access, loss, alteration, or disclosure;

  • secure operation of IT systems, servers, and databases.

Access to personal data is strictly limited to authorized persons subject to confidentiality obligations.

8. Data Sharing and Disclosure

Personal data is neither sold nor rented.

It may be disclosed only:

  • to technical service providers or partners acting on behalf of IAACC and bound by GDPR-compliant contractual obligations;

  • where required by law, regulation, or a competent authority.

9. International Data Transfers

Personal data may be hosted or processed outside the user’s country of residence.

IAACC ensures that such transfers comply with the GDPR through appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs);

  • recognized data protection mechanisms;

  • enhanced security measures.

10. Data Retention Period

Personal data is retained only for the period strictly necessary to achieve the purposes for which it was collected, unless a longer retention period is required by law.

Inactive or obsolete accounts may be deleted after a defined retention period.

11. Rights of Data Subjects (GDPR – Chapter III)

In accordance with the GDPR, users have the following rights:

  • right of access to their personal data;

  • right to rectification of inaccurate or incomplete data;

  • right to erasure (“right to be forgotten”);

  • right to restriction of processing;

  • right to object to processing;

  • right to data portability.

Requests may be submitted at any time to: support@iaacc.io

12. Personal Data of Minors

The IAACC platform is intended for individuals 18 years of age or older.

Any processing of personal data relating to a minor requires the explicit consent of a parent or legal guardian, in accordance with the GDPR and applicable laws.

13. Cookies and Similar Technologies

IAACC may use cookies or similar technologies to:

  • improve user experience;

  • analyze platform usage and performance;

  • enhance security and prevent fraudulent activity.

Users may manage cookie preferences through their browser settings.

14. Policy Updates

IAACC reserves the right to amend this Policy at any time.

Users will be informed of any material changes. Continued use of the platform constitutes acceptance of the updated Policy.

15. Legal Integration

This Personal Data Protection Policy forms an integral part of the IAACC Terms of Use.

In the event of any inconsistency, this Policy shall prevail.

16. Acceptance

By accessing or using the IAACC platform, the user acknowledges having read, understood, and accepted this GDPR-compliant Personal Data Protection Policy.

IAACC