CodeLinja>_

Privacy Policy

Last updated: April 19, 2026

Introduction

CodeLinja Oy ("we," "us," or "our") operates the CodeLinja learning platform. This Privacy Policy explains how we collect, use, and protect your personal information.

We comply with the EU General Data Protection Regulation (GDPR), the ePrivacy Directive, and India's Digital Personal Data Protection Act, 2023.

Data Controller

CodeLinja Oy (Business ID: 3562133-3), Helsinki, Finland contact@codelinja.com

Information We Collect

  • Account Information:

    Name, email address, password (hashed)

  • Mobile Number:

    Optional — only if you choose to provide it and consent to SMS/phone marketing. Not required to use the service.

  • Usage Data:

    Information about how you use our services, course progress, and learning activities

  • Technical Data:

    IP address, browser type, device information, cookies (with your consent)

  • Payment Information:

    Processed securely through third-party payment providers. We do not store credit card details.

How We Use Your Information

  • Service Delivery:

    Account management, course access, payment processing, progress tracking

  • Marketing Communications:

    Only with your explicit consent, separately by channel (email and SMS/phone). Consent is optional and withdrawable at any time via account settings or by contacting us.

  • Service Improvement:

    Analytics and usage patterns (only with analytics consent)

  • Legal Compliance:

    Tax obligations, fraud prevention, legal requests

Legal Basis for Processing

  • Consent

    • Email marketing communications — consent (Article 6(1)(a))

    • SMS/phone marketing communications — consent (Article 6(1)(a))

    • Analytics cookies — consent (Article 6(1)(a))

  • Contract:

    Service delivery, account management, payment processing

  • Legal Obligation:

    Tax compliance, legal requests

  • Legitimate Interest:

    Fraud prevention, security, essential service improvements

Cookies

Manage your cookie preferences through our cookie consent tool.

  • Necessary Cookies:

    Essential for functionality (always active)

  • Analytics Cookies:

    Usage statistics (requires consent)

  • Marketing Cookies:

    Personalized marketing (requires consent)

Data Sharing

We do not sell your personal data.

We share information only with:

  • Service providers (hosting, payment processing, email delivery)

  • Legal authorities when required by law

  • Business partners with your explicit consent

All third-party providers are GDPR compliant and bound by strict data protection agreements.

Some processors are based in the United States or operate globally distributed infrastructure. Transfers to such providers are covered by appropriate safeguards including SCCs or applicable adequacy frameworks.

Data Security

We use industry-standard security measures including encryption (TLS/SSL), secure password hashing, access controls, and regular security audits.

Data Retention

  • Account Data:

    Deleted within 30 days of account closure

  • Marketing Data:

    Marketing preference/consent records retained up to 3 years after withdrawal for compliance evidence. Suppression records kept as needed to honor opt-out.

  • Transaction Records:

    Retained for 7 years (Finnish tax law requirement)

  • Consent Records:

    Retained for 3 years (GDPR compliance)

Your Rights

You have the right to:

  • Access your personal data

  • Correct inaccurate information

  • Delete your data (right to be forgotten)

  • Export your data in a portable format

  • Object to processing

  • Withdraw consent at any time

  • Lodge a complaint with supervisory authorities

Exercise Your Rights: Email contact@codelinja.com (we respond within 30 days)

Supervisory authority in Finland: Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto), tietosuoja.fi.

International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. We ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) for all international transfers.

Where required, we carry out transfer impact assessments before commencing transfers to third countries.

India processing note: CodeLinja does not conduct routine marketing-data transfers to India. If India-based processing is introduced, we will implement applicable safeguards and update this Policy before such processing begins.

Data Storage: Primarily EU servers (GDPR compliant)

Children's Privacy

Our services are not intended for anyone under 16. We do not knowingly collect personal information from children.

India DPDP Notice

Where applicable, processing involving India may also be subject to India's Digital Personal Data Protection Act, 2023. CodeLinja acts as Data Fiduciary for such processing. For grievances related to personal data, contact: contact@codelinja.com. We will address requests within applicable legal timelines.

Changes to This Policy

We will notify you of material changes via prominent website notice. Continued use after changes constitutes acceptance.