Privacy Policy of BARTEC Academy (Europe)

Effective Date: 06/03/2025

Welcome to our website, and thank you for your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with applicable personal data protection legislation, in particular the GDPR and our country-specific implementation laws, which provide comprehensive information about the processing of your personal data by BARTEC and your rights.

Personal data is any information that makes it possible to identify a natural person. This includes, in particular, your name, date of birth, address, telephone number, email address, and IP address. Anonymous data means that no personal reference to the individual/user can be made. 

Responsible body and data protection officer

Company Name: BARTEC US Corporation

Company Address: 650 Century Plaza Drive, Suite D-120, Houston, TX 77073, United States.

Contact Information:

Telephone: +1 (281) 214-8542

Email (General): [email protected]

Email (Data Protection): [email protected]

Website: https://www.bartecacademy.com 

 

Your rights as a data subject

We would first like to notify you of your rights as a data subject. These rights are set out in Articles 15 - 22 GDPR, and include: 

To exercise these rights, please contact: [email protected].The same applies if you have any questions regarding data processing in our company or when you withdraw your consent. You also have a right of appeal to the relevant data protection supervisory authority. 

 

Right to object 

Please note the following with respect to your right to object: 

If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without providing the reasons for such objection. This also applies to profiling insofar as it is associated with direct marketing.
 
If you object to the processing for direct marketing, we will no longer process your personal data for such purposes. The objection is free of charge and can be made informally, where appropriate to: [email protected].

Should we process your data to protect legitimate interests, you may object to such processing at any time for reasons that arise from your specific situation; this also applies to profiling based on these provisions.

We will then cease to process your personal information unless we can demonstrate compelling legitimate grounds for processing such information that outweigh your interests, rights and freedoms, or the processing is intended to assert, exercise or defend legal claims.

 

 

Purposes and legal bases of data processing

The processing of your personal data complies with the provisions of the GDPR and all other applicable data protection regulations. Legal bases for data processing arise in particular from Art. 6 GDPR.

We use your data to initiate business relationships, to fulfill contractual obligations (such as registering for online courses, managing accounts, processing payments, issuing certificates, and providing technical support), and to comply with legal requirements (including tax documentation, regulatory reporting, and recordkeeping obligations). We also process personal data to conduct and manage ongoing contractual relationships (such as user progress tracking, customer service, and learner communications), to offer and deliver our digital products and services (such as webinars, learning modules, and downloadable content), and to strengthen customer relationships through service updates, satisfaction surveys, and support. Additionally, we use data for marketing and direct marketing purposes, including sending relevant information about new courses, updates, promotions, and events, provided that such processing is based on our legitimate interest or, where required, on your explicit consent. 

Your consent also constitutes a legal basis for data processing. In this respect, we will inform you of the purposes of data processing and the right to withdraw your consent. If the consent also relates to the processing of special categories of personal data, we will explicitly notify you in the consent process.

Processing of special categories of personal data within the meaning of Art. 9 (1) GDPR may only take place where necessary on the grounds of legal regulations. There is no reason to assume that your legitimate interests should prevail to the exclusion of processing such data.

Data transfers / Disclosure to third parties

We will only transmit your data to third parties within the scope of the given statutory provisions or based on consent. In all other cases, information will not be transferred to third parties unless we are obliged to do so owing to mandatory legal regulations (disclosure to external bodies, including the supervisory authorities or law enforcement authorities).

Data recipients/categories of recipients

In our organisation, we ensure that only individuals who are required to process the relevant data to fulfil their contractual and legal obligations are authorised to handle personal data.

Where appropriate, personal data may be transferred within the BARTEC Group of companies to support administrative functions, platform maintenance, customer service, or compliance requirements. For example, user registration and account data collected by BARTEC US Corp may be accessed by BARTEC GmbH (Germany) or other affiliated companies within the BARTEC Group to provide technical support, issue course certificates, or manage invoicing and tax compliance across jurisdictions. These internal transfers are carried out under strict access controls and are governed by intercompany data processing agreements that ensure compliance with GDPR and applicable local data protection laws.

In many cases, service providers assist our specialist departments in fulfilling their tasks. The necessary data protection contracts (Data Processing Agreements, or DPAs) have been concluded with all such service providers in accordance with Article 28 GDPR. These service providers include, for example, Thinkific Labs Inc. as our learning platform provider, which hosts and processes course registration, user progress, and certification data; payment service providers such as Stripe and PayPal, which handle secure payment transactions and billing; email service providers for communication with learners and customers; and cloud infrastructure providers, which support hosting and content delivery. Additionally, we use HubSpot as our customer relationship management (CRM) and marketing automation platform, through which we manage learner inquiries, campaign communications, and contact segmentation. In each case, we ensure that data is only processed as necessary and in accordance with the specified purpose, under strict confidentiality and security requirements.

Transfers of personal data to third countries  

A transfer of personal data to third countries (outside the European Union or the European Economic Area) shall only take place if such transfer is required by law, necessary for the performance of a contract with you, or based on your explicit consent.

We transfer personal data to service providers and affiliated companies outside the European Economic Area, including but not limited to the following countries: Canada and the United States of America.

In particular, we use the services of Thinkific Labs Inc., a company based in Canada, which provides the platform for our online learning academy. The European Commission recognizes Canada as a country providing an adequate level of data protection under an adequacy decision pursuant to Article 45 GDPR.

Additionally, we use services provided by companies located in the United States—such as Google LLC, HubSpot Inc., PayPal Inc., and other providers—whose servers may process your data outside the EEA. Although data transfers to the USA cannot be entirely ruled out, we take all necessary steps to ensure an appropriate level of data protection, including the use of Standard Contractual Clauses (SCCs) approved by the European Commission, supplementary security measures, and contractual guarantees.

Where required, we will request your explicit consent prior to such transfers or provide notice when the transfer is necessary for service functionality. We continuously monitor compliance with applicable data protection standards in third countries.

 

Period of data storage

We store your data for as long as such is required for the relevant processing purposes. Please note that numerous retention statutory periods require that data must be stored for a specific period of time. This relates in particular to retention obligations for commercial or fiscal purposes (e.g., commercial code, tax code, etc.). The data will be routinely deleted after use unless a further period of retention is required.

We may also retain data if you have given us your permission to do so, or in the event of any legal disputes, and we use the evidence within the statutory limitation period, which may be up to 30 years; the standard limitation period is 3 years.

Secure transfer of data

We implement appropriate technical and organisational security measures in accordance with Article 32 GDPR to protect your personal data from accidental or intentional manipulation, loss, destruction, or unauthorized access. These measures include, among others, role-based access controls, regular security audits, encrypted data storage, secure backup procedures, firewall protection, and intrusion detection systems. Our data protection and IT security frameworks are regularly reviewed and adapted in collaboration with external security experts to ensure compliance with the latest technological standards.

The data exchange to and from our website is encrypted using Transport Layer Security (TLS) protocols. We provide HTTPS as the standard transfer protocol for all user-facing pages and transactions. This ensures that all personal data, including login credentials, registration details, and payment information, is transmitted in a secure and tamper-proof manner. We use modern encryption algorithms, such as TLS 1.3, and ensure reputable certificate authorities issue our certificates.

For sensitive communications, or in case users prefer not to use electronic means, it is also possible to contact us via alternative communication channels, such as postal mail, where appropriate.

Obligation to provide data

The categories of personal data we process depend on the context in which you interact with us. This may include course registration, contact requests, support inquiries, or participation in surveys or assessments. The scope and source of data are determined by the features you use on our website or platform.

Please note that, where required by law or for the sake of transparency, we may also provide additional context-specific data privacy notices (e.g. on specific contact or registration forms).

We collect and process the following data when you visit our website:

This data is collected automatically by our system for technical security purposes (e.g. to defend against cyberattacks, detect system errors, or optimize performance) in accordance with Article 6(1)(f) GDPR. Anonymisation of IP addresses occurs no later than seven days after collection by truncating the IP address, ensuring it can no longer be linked to any individual user.

Depending on the interaction you initiate, we may also collect personal data directly from you, including:

When submitting a contact request:

When registering or subscribing to a course:

When making a purchase:

From third-party sources:

We may receive personal data from trusted partners or platforms such as Thinkific (course platform), HubSpot (CRM and marketing communications), or payment providers (e.g., PayPal, Stripe), in accordance with applicable privacy agreements and your interaction with those platforms.

We do not knowingly collect data from third-party data brokers or public databases. All processing is limited to what is necessary for the delivery of our services and within the scope of the GDPR.

Thinkific

Our online courses and learning platform are hosted by Thinkific Labs Inc. (“Thinkific”), a Canadian-based service provider. Thinkific provides the technological infrastructure that allows us to design, publish, manage, and deliver online courses to users. The processing of personal data through Thinkific is based on Article 6(1)(f) GDPR, as it is necessary for the pursuit of our legitimate interest in offering professional digital learning services.

Your data is stored securely in Thinkific’s infrastructure, which includes cloud-based databases and application services protected by modern security measures, including secure servers, encryption, and firewall systems.

Thinkific collects and processes the following categories of personal data on our behalf:

As Thinkific is located in Canada, a country for which the European Commission has issued an adequacy decision, data transfers to Thinkific are considered to offer an adequate level of protection in accordance with Article 45 GDPR. A corresponding data processing agreement (DPA) has been concluded between BARTEC and Thinkific to ensure full compliance with GDPR requirements.

For more information about how Thinkific processes personal data, you may consult Thinkific’s Privacy Policy directly at: https://www.thinkific.com/privacy-policy/

 

Contact via email (Article 6 (1) lit a, b GDPR)

If you contact us by email, we will process your email address and the personal information provided in the email solely for the purpose of processing your request.

Purchasing online courses (Article 6 (1) lit b GDPR)

We process the personal data you provide through the course registration or order form exclusively for the purpose of executing and fulfilling the contractual relationship between you and BARTEC Academy. This includes processing your registration, granting access to the purchased course(s), managing your learning account, issuing certificates, and providing customer service related to your enrollment.

The principle of data minimisation and data avoidance is strictly observed. We only collect the data necessary to fulfill our contractual obligations, such as:

In specific cases, we may also be required to collect and retain data to comply with legal obligations under tax, accounting, or commercial laws. For example, we may maintain invoice details or verify your identity where legally required for compliance (e.g., anti-fraud or VAT reporting purposes).

Additionally, your IP address will be processed at the time of purchase for technical reasons (e.g,. service delivery continuity) and legal protection, including fraud prevention and transaction verification.

If you do not provide the required personal data, we will not be able to enter into or fulfill the contract, and course access may be denied or suspended. You may, however, choose to provide optional additional information (such as your job title or professional interests) to personalize your learning experience or receive tailored recommendations.

Registration / Create an account (Article 6 (1) lit a, b GDPR)

Users may provide personal data to register on our website and create a learner or customer account. Registration allows users to benefit from enhanced functionality, such as managing their course enrollments, tracking learning progress, accessing certificates, and viewing past orders.

Registration is necessary for the performance of a contract (e.g., accessing a paid course) or for the implementation of pre-contractual measures (e.g., setting up a user profile in preparation for course enrollment). Alternatively, guest access may be made available where applicable.

In accordance with the principles of data minimisation and data avoidance under Article 5(1)(c) GDPR, we collect only the information that is necessary for the provision of our services. The only fields currently required for registration are:

All other fields, including Company, Professional Title, and Country, are optional and should not be marked as required unless a specific legal or functional need exists (e.g., issuing country-specific certificates or complying with export control laws). These optional fields are used only to personalize the user experience or support statistical evaluations in an anonymized form.

When placing an order, additional information such as billing address and payment details will be required, but only at the point of purchase.

Your IP address, along with the date and time of registration, is automatically recorded for technical security purposes, in line with our legitimate interest under Article 6(1)(f) GDPR.

Passwords are securely encrypted and cannot be accessed by BARTEC personnel. If you forget your password, please use the “Forgot password” function to reset it. For security reasons, no employee is authorized to request or retrieve your password.

After registration, you may log into your account using your email address and password to update your profile, manage courses, and access past purchases or certificates. You can update your details, request corrections, or delete your account at any time. Account deletion requests can be made via your profile settings or by contacting [email protected]

Please note that certain data may be retained as required by applicable legal obligations.

 

Payment systems / credit check (Article 6 (1) lit a, b, f GDPR)

You can choose to pay by credit card or PayPal when purchasing online courses on our platform. In order to process your payment, the necessary payment-related data will be collected and securely transmitted to the respective payment service provider. The processing of this data is necessary for the performance of the purchase contract (Art. 6(1)(b) GDPR) and for the protection of our legitimate interests in secure and efficient payment processing (Art. 6(1)(f) GDPR).

The payment systems used implement SSL/TLS encryption to protect your personal and financial information during transmission. Your IP address is also processed at the time of purchase for fraud prevention and technical security purposes.

The principle of data minimization is observed. We only collect the data necessary for payment execution and legal recordkeeping. If you do not provide the required information, the transaction cannot be completed.

Note on Stripe:
We use Stripe, Inc. as one of our payment processors. Stripe processes your credit card information and associated transaction data (e.g., name, billing address, email address, card type, last four digits, IP address) securely via its PCI-DSS-certified systems. BARTEC Academy does not store full card details on its servers.

For more information on Stripe’s privacy practices, see:
https://stripe.com/privacy

Note on PayPal:
PayPal, Inc., located at 2211 N 1st St, San Jose, CA 95131, USA, is also available as a payment method. If you select PayPal, your relevant personal and transaction data (e.g. name, email, billing address, IP address, order reference) will be transferred to PayPal to complete the payment.

PayPal’s privacy policy is available at:
https://www.paypal.com/us/legalhub/paypal/privacy-full

We do not conduct credit checks or store sensitive payment information ourselves. All transactions are managed securely through our trusted third-party providers in accordance with applicable data protection laws.

Marketing purposes (Article 6 (1) lit f GDPR)

BARTEC aims to build and maintain strong relationships with learners, customers, and partners. For this reason, we may process your personal data to send you relevant information and offers related to our digital learning experiences, certification programs, online courses, webinars, product updates, promotions, and industry insights.

This processing is based on our legitimate interest in conducting direct marketing activities, in accordance with Article 6(1)(f) GDPR. The data used for this purpose typically includes your name, email address, company affiliation (if provided), and your engagement history with our courses or communications. These messages may be tailored based on your preferences or past activity, but will never involve fully automated decision-making.

You have the right to object at any time to the use of your personal data for direct marketing purposes. This also applies to any profiling associated with such marketing. If you object, we will cease processing your data for these purposes without delay.

If your marketing preferences were collected based on consent (e.g., newsletter sign-up), you may withdraw that consent at any time—free of charge and without providing any reason. To object or withdraw your consent, you may contact us through any of the following methods:

Email: [email protected] or [email protected] 

Phone: (281) 214-8542

Postal mail: BARTEC US Corp, Attn: Data Protection Officer, 650 Century Plaza Dr, Ste D120, Houston, TX 77073, USA.

 You may also unsubscribe at any time by clicking the “unsubscribe” link included in our marketing emails.

Automated decisions in individual cases 

We do not use any form of purely automated decision-making processes that produce legal effects or similarly significant consequences for data subjects, in accordance with Article 22 GDPR.

This means that decisions such as course access, user verification, or payment acceptance are not made solely by automated systems without human review. Where automated processes support our services (e.g., platform logic to unlock modules after quiz completion or to detect duplicate transactions), these are operational tools and do not result in binding decisions without manual oversight.

If this changes in the future, we will inform you in advance, provide the required legal information under GDPR, and ensure that your rights, including the right to human intervention, are fully respected.

Cookies
(Art. 6 Para. 1 S. 1 lit. a, f GDPR, Section 25 Para. 1, 2 TDDDG – The German Federal Telecommunications Digital Services Data Protection Act)

Our website uses cookies to make our content more user-friendly, effective, and secure. Cookies are small text files that are stored locally in your browser on your device. They typically contain only pseudonymous data and help improve your browsing experience.

Some cookies are temporary and are deleted automatically after your session ends (known as “session cookies”), while others remain stored on your device for a longer period (known as “persistent cookies”), such as those used to remember your consent settings. Persistent cookies are deleted automatically after their predefined expiration period, typically after six months.

In addition to our own cookies, we may also use third-party cookies. These are set by external service providers and may be used to display relevant content or track your browsing activity across websites.

We use technically necessary cookies based on our legitimate interest (Art. 6 Para. 1 S. 1 lit. f GDPR) to ensure the proper functionality and security of the website. In accordance with § 25 Para. 2 TDDDG, such cookies are permitted without requiring your consent if their sole purpose is to enable the transmission of a message over an electronic communications network or to provide a service you have explicitly requested.

We use the following technically required cookies:

Domain

Cookie Name

Functionality

Retention Period

cdn.thinkific.com

thinkific_session

Maintains user session

Session

cdn.thinkific.com

XSRF-TOKEN

Protects against CSRF attacks

Session

cloudflare.com

__cf_bm

Bot protection and load balancing

30 minutes

cloudflare.com

__cfruid

Request routing via Cloudflare

Session

thinkific.com

cookieconsent_status

Records cookie consent banner status

6 months

wistia.com

wistia-video-progress

Remembers video playback position

Persistent

google.com (Analytics)

_ga

Tracks user behavior via Google Analytics

2 years

google.com (Analytics)

_gid

Temporary user identifier for Analytics

24 hours

google.com (Analytics)

_gat

Throttle request rate to Analytics

1 minute

google.com (Fonts)

N/A

Used to load web fonts (no cookies stored)

N/A

jsdelivr.net

N/A

Delivers static assets via CDN (no cookies stored)

N/A

 

With your consent, additional cookies may be used, allowing us—and selected third parties—to analyze how our services are utilized. This enables us to tailor our content to better align with user preferences. These cookies may also measure the effectiveness of specific advertisements and display them based on users’ interests in particular topics. The legal basis for this data processing is your explicit consent pursuant to Art. 6 Para. 1 S. 1 lit. a GDPR and § 25 Para. 1 TDDDG.

You can revoke your consent at any time with future effect. Additionally, you can modify your cookie settings at any time via our consent banner. Please note, any changes must be made individually for each device you use.

[Access the Consent Tool]

 

If you're logged into third-party services while visiting our website, the data collected through cookies may link to your user account with those third parties. You can prevent this linkage by declining or withdrawing your consent to the respective cookies or by logging out of your third-party accounts before visiting our site.

Most browsers automatically accept cookies. However, you can manually disable, restrict, or delete cookies at any time through your browser settings or by using specific software tools. Please note that disabling certain cookies may limit the functionality of our website or entirely prevent its use.


For more information on the specific cookies used on our site, please refer to the relevant section of our privacy policy that describes each individual service.

 

1. Cookies
(Art. 6 Para. 1 S. 1(f) GDPR, § 25 Para. 2 TDDDG)


a) Cloudflare

We use the content delivery network (CDN) service provided by Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA. Technically, your connection to our website is routed through the Cloudflare network. This allows Cloudflare to detect and mitigate potential attacks on our website, helping to ensure that our website remains available and secure for all users at all times.

When you visit our website, Cloudflare may set cookies in your browser. It also collects statistical data about access to the site.

 

The access data collected may include:

Cloudflare uses this data to perform statistical analyses for operational purposes, security, and to optimize the performance of the website. For example, this may include identifying abusive traffic patterns, such as denial-of-service (DoS) attacks, or distinguishing between legitimate users accessing from multiple devices under one IP address. These processes ensure that site visitors experience a fast, secure, and stable website.

The legal basis for the use of Cloudflare is our legitimate interest in providing a secure and efficient online presence in accordance with Art. 6 Para. 1 S. 1(f) GDPR and § 25 Para. 2 TDDDG.

We delete or anonymize data collected via Cloudflare as soon as it is no longer required for the stated purposes. This is typically the case after [insert number] days.

Please note that this service may transmit data to countries outside the European Union / European Economic Area. Specifically, data may be transferred to the United States, which does not currently offer a level of data protection equivalent to EU standards. In such cases, there is a risk that your data may be accessed by U.S. authorities for surveillance purposes, and that you may not have access to legal remedies. However, we take all necessary measures under Art. 44 et seq. GDPR to ensure an appropriate level of protection during such transfers.

You can find further information on Cloudflare’s data processing practices in their privacy policy: https://www.cloudflare.com/de-de/privacypolicy/

b) Cloudfront

We use the Cloudfront content delivery network (CDN), a service provided by Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109-5210, USA. CloudFront replicates content from our website across a global network of Amazon Web Services (AWS) servers.

This helps reduce latency, improve load times, enhance site reliability, and protect against data loss.

When accessing our website, certain images and video content are delivered directly via CloudFront servers. During this process, information about your interaction with our website—such as your IP address—is transmitted to and processed on AWS servers. This data transfer takes place automatically upon your visit to our site.

The use of Cloudfront is based on our legitimate interest in ensuring the secure, fast, and efficient delivery of website content in accordance with Art. 6 Para. 1 S. 1(f) GDPR and § 25 Para. 2 TDDDG.

We delete or anonymize any personal data processed via CloudFront as soon as it is no longer necessary for the purposes stated. This typically occurs after [insert number] days.

Please note that data processed through CloudFront may be transferred to third countries, including the United States. While the U.S. does not offer a data protection level equivalent to that of the EU, we implement appropriate safeguards—such as Standard Contractual Clauses (SCCs) and other contractual measures—in accordance with Art. 44 et seqq. GDPR, to ensure the secure handling of personal data in such jurisdictions.

You can find more information about Amazon Web Services’ privacy practices in their official policy: https://aws.amazon.com/de/privacy/

c) jsDelivr
 
Our website uses the open-source service jsDelivr, provided by Volentio JSD Limited, Suite 2a1, Northside House, Mount Pleasant, Barnet, EN4 9EB, England. jsDelivr is a Content Delivery Network (CDN) that accelerates the delivery of website content—especially large files—by distributing it across a global network of servers.

The use of jsDelivr allows our web pages and associated content to be loaded efficiently and reliably across different devices and geographic locations. This improves the performance, availability, and security of our website and helps minimize the risk of data loss.

The use of this service is based on our legitimate interest in ensuring fast and secure content delivery in accordance with Art. 6 Para. 1 S. 1(f) GDPR.

In order to provide its functionality, jsDelivr may collect and process the following browser-related data:

jsDelivr’s infrastructure includes servers located both inside and outside the European Economic Area (EEA). As such, personal data may be transferred to third countries. jsDelivr retains data only as long as necessary for the operation of the service, compliance with legal obligations, dispute resolution, and the enforcement of agreements.

To prevent the loading of jsDelivr content—and any related data transfer—you may install a JavaScript blocker (e.g., https://noscript.net/). Please be aware, however, that this may impair website functionality and significantly slow down page loading.

For more information on data processing by jsDelivr, please refer to their privacy policy:
https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net


2. Creation of user profiles or use of cookies that are not purely functional (Art. 6 Para. 1 S. 1(a) GDPR, § 25 Para. 1 TDDDG)

a) Google Analytics

We use Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to better understand how users interact with our website and to improve its usability, functionality, and performance.

With your explicit consent, Google Analytics collects and stores the following personal data:


The legal basis for processing this data is your consent pursuant to Art. 6 Para. 1 S. 1(a) GDPR and § 25 Para. 1 TDDDG. You may revoke your consent at any time with future effect using our [cookie consent tool].

The purpose of this processing is to analyze user behavior on our site in order to optimize the structure, content, and marketing of our offerings based on aggregated insights. Google Analytics helps us understand which pages are most visited, how users navigate through the site, and where we can improve.

We retain or anonymize the data collected via Google Analytics for a maximum of 26 months, after which it is either deleted or fully anonymized.

International Data Transfers
Please note that data processed by Google Analytics may be transferred to servers in the United States, a country which does not currently provide an equivalent level of data protection as the European Union. In such cases, there is a risk that your data may be accessed by U.S. authorities for monitoring and surveillance purposes, potentially without adequate legal remedies available to you.

However, we implement all appropriate safeguards in accordance with Art. 44 et seqq. GDPR, including the use of Standard Contractual Clauses (SCCs) and other data protection mechanisms approved by the European Commission to ensure an adequate level of protection.

For more information about how Google Analytics processes your data, please refer to:
https://support.google.com/analytics/answer/6004245

b) Wistia

We use Wistia, a video hosting platform provided by Wistia Inc, 17 Tudor Street, Cambridge, Massachusetts, 02139, USA, to embed and display videos on our website. When you interact with a Wistia-hosted video, certain traffic and connection data (such as your IP address) is transmitted to Wistia.

The data is retained for a limited period and deleted once it is no longer required for the stated purpose, or after 30 days, whichever comes first.

Upon accessing a webpage containing a Wistia video—and after you have given your consent—Wistia receives information about your visit. This transmission occurs regardless of whether you have a Wistia account. If you are logged in to a Wistia account while visiting our site, your visit may be associated with that account. To prevent such association, please log out of your Wistia account before using our site. We have no control over Wistia's internal data processing operations.

The legal basis for this processing is your explicit consent, in accordance with Art. 6 Para. 1 S. 1(a) GDPR. You may withdraw your consent at any time with effect for the future by adjusting your preferences via our [cookie consent tool].

International Data Transfers
Wistia processes data in the United States. Data transfers are safeguarded by contractual clauses and mechanisms in compliance with Art. 44 et seqq. GDPR. Wistia is certified under the EU-U.S. Data Privacy Framework, ensuring an adequate level of data protection. Where necessary, data processing may also be based on your consent pursuant to Art. 49 Para. 1 S. 1(a) GDPR.

For more information on Wistia’s data processing practices, please refer to their privacy policy:
https://wistia.com/privacy

 
c) Google Fonts

We use Google Fonts, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to display fonts on our website in a visually appealing and standardized manner across all browsers and devices.

When you visit our website, the fonts are loaded through a request to Google’s servers—typically located in the United States—which may result in the following data being processed:

The legal basis for this processing is your explicit consent pursuant to Art. 6 Para. 1 S. 1(a) GDPR and § 25 Para. 1 TDDDG. You may revoke your consent at any time with future effect using our [cookie consent tool].

We delete or anonymize the collected data as soon as it is no longer necessary for our purposes. This will occur no later than XX days after collection.

International Data Transfers
 Google may process this data in the United States, a third country without an equivalent level of data protection. Where applicable, safeguards such as Standard Contractual Clauses and participation in the EU-U.S. Data Privacy Framework are used to ensure lawful data transfers under Art. 44 et seqq. GDPR.

For further information, please refer to Google’s privacy policy:
https://www.google.com/policies/privacy/

Social plugins 
(Art. 6 Para. 1 S. 1(a) GDPR, § 25 Para. 1 TDDDG)

Our website may incorporate social media plugins (“plugins”) from platforms such as Facebook (Meta), LinkedIn, X (formerly Twitter), or YouTube, which enable you to interact with these services directly from our website. These plugins are typically recognizable by their respective logos and may include “like,” “share,” “follow,” or “embed” buttons.

When you visit a page on our website that contains a social plugin, your browser may establish a direct connection to the servers of the respective social network provider. This may result in the provider receiving information about your visit to our site, including your IP address and details of your interaction with the plugin—even if you do not interact directly or are not logged in to the service.

If you are logged into your account on one of these platforms while browsing our site, your interaction with the plugin (e.g., clicking a button or playing embedded content) may be directly associated with your profile.

The use of such plugins and the processing of related data occurs only with your explicit consent, which you may give via our [cookie consent tool]. The legal basis for the data processing is your consent pursuant to Art. 6 Para. 1 S. 1(a) GDPR and § 25 Para. 1 TDDDG.

You may revoke your consent at any time with effect for the future via the [cookie consent tool], which also allows you to disable specific plugins.

Please note that social media providers may process your personal data in non-EU countries (e.g., the USA), where a level of data protection comparable to the EU may not be guaranteed. We apply appropriate safeguards as required by Art. 44 et seq. GDPR to ensure data protection compliance.

For further information about how social networks process your personal data, please refer to their respective privacy policies:

Social Media Links
(Art. 6 Para. 1 S. 1(f) GDPR)

Our website contains links to our official profiles on social media platforms such as Facebook / Meta, YouTube, and LinkedIn. These are identifiable by the respective company logos displayed on our site.

When you click on one of these icons, you are redirected to the external website of the respective social media provider. By accessing these external pages, a connection is established between your browser and the provider’s servers.

As a result, the provider may receive the following data:

If you are already logged into your account with the social media provider when you click the link, the provider may associate your visit to our website with your personal profile. This may enable the identification of your username and potentially your real name. If you wish to prevent this, please log out of your social media accounts before clicking on the respective links.

Please note: These links do not constitute embedded social plugins and do not transmit data automatically when you load our website—they only become active when you choose to click on them.

Social media platforms may process data in countries outside the European Union, including the United States, where the level of data protection may not be equivalent to that in the EU. 

We have no control over the scope or nature of data processing by these providers once you leave our website.

For more information about how these providers process personal data, please refer to their respective privacy policies:


Links to other providers
(Art. 6 Para. 1 S. 1(f) GDPR)

Our website may contain clearly recognizable links to the websites of external companies and third-party providers. These links are provided for your convenience and to offer you additional information. However, please note that we have no control over the content or privacy practices of these external websites.

Responsibility for the content of linked websites lies solely with the respective provider or operator of those sites. At the time of linking, we reviewed the linked websites for any possible legal violations and found no unlawful content. Nevertheless, we cannot guarantee the continued accuracy, legality, or integrity of the linked pages.

Continuous monitoring of the content of linked sites is not reasonable without specific indications of legal infringement. If we become aware of any such legal violations, we will immediately remove the offending link.

Please be aware that when you access an external website via a link from our site, your personal data may be processed by the external provider in accordance with their own privacy policy, which may differ from ours. We recommend that you consult the privacy statements of those third-party websites to understand how your data may be handled.

 

Privacy Policy

BARTEC Academy (United States)

Effective Date: 06/08/2025

BARTEC US Corp (“BARTEC”, “we”, “us”, or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.bartecacademy.com or interact with our educational services, digital content, online academy, or communication tools (collectively, “Services”).

This Policy applies to all users located in the United States, including those in California and other U.S. states and territories.

Information We Collect

We collect this information directly from you, automatically through cookies, or from third-party services like Thinkific, HubSpot, Stripe, and Wistia.

How We Use Your Information

We use personal information to:

Disclosures of Personal Information

We do not sell your personal information. We may share your information with:

Each service provider is contractually obligated to protect your information and not use it for unrelated purposes.

Your Rights Under U.S. Privacy Laws

If you are a U.S. resident, you may have the following rights under applicable state laws (e.g., California’s CCPA/CPRA, Virginia CDPA, Colorado CPA, etc.): 

Cookies and Tracking Technologies

We use cookies and similar tools to enhance your browsing experience, remember your preferences, analyze traffic, and deliver certain content. See our [Cookie Policy] for details and your choices. You may manage cookies via your browser or our cookie consent tool.
 

Data Retention

We retain your personal information only as long as necessary for the purposes for which it was collected, or as required by law.

Data Security

We implement reasonable technical and organizational safeguards to protect your data. However, no online service can guarantee absolute security.

Children’s Privacy

Our Services are intended for users aged 16 and over. We do not knowingly collect data from children under 13.

Third-Party Links

Our website may include links to external sites or social media platforms. We are not responsible for their privacy practices.

Changes to This Policy

We may update this Policy periodically. The revised version will be posted on this page, and the 'Effective Date' will be updated accordingly.

Contact Us`

BARTEC US Corp

650 Century Plaza Dr, Ste D120, Houston, TX 77073

Phone: +1 (281) 214-8542

Email: [email protected] or [email protected]

Website: www.bartecacademy.com