Privacy policy
Last updated: 1 July 2026
DeepLearnPath ("we," "us," or "our") operates deeplearnpath.one and delivers professional education programmes from our Vancouver studio at 1130 West Pender Street, Suite 624. This privacy policy explains how we collect, use, disclose, and safeguard personal information in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable British Columbia privacy expectations.
1. Accountability
We are responsible for personal information under our control. Questions about this policy or our privacy practices may be directed to [email protected] or +1 (604) 555-7382. We designate internal staff to receive privacy complaints, investigate concerns, and coordinate remediation when appropriate.
2. Identifying purposes
We collect personal information only for purposes that a reasonable person would consider appropriate in the circumstances. Primary purposes include:
- Responding to contact form submissions, pathway advisory requests, and corporate training enquiries;
- Processing cohort registrations, invoicing, and attendance records;
- Delivering instruction, assessing milestones, and issuing participation certificates;
- Maintaining studio security, including visitor logs when required;
- Improving programmes through anonymised feedback analysis;
- Complying with legal obligations, such as tax and business record requirements;
- Protecting our rights and the safety of participants and staff.
We will identify the purpose at or before the time of collection whenever feasible. If we intend to use information for a new purpose, we will obtain consent unless the law permits otherwise.
3. Consent
Consent may be express or implied depending on sensitivity and context. Our contact form requires an explicit checkbox acknowledging this policy before submission. Enrolment agreements include additional consents for coursework data handling. You may withdraw consent for optional activities—such as marketing emails or analytics cookies—without affecting core educational services you have already purchased, though withdrawal may limit our ability to provide related optional features.
For children under the age of majority in British Columbia, we do not knowingly market programmes to minors without guardian involvement. If we learn that we collected information from a minor without appropriate authority, we will delete it promptly.
4. Limiting collection
We collect only information reasonably necessary for identified purposes. Examples include your name, email address, telephone number, employer (if supplied), billing address, programme selections, lab submissions, and technical support notes. We do not require social insurance numbers for standard enrolment. Honeypot fields on forms help deter automated spam and should remain empty.
5. Limiting use, disclosure, and retention
We use personal information only for the purposes described unless we obtain further consent or the law requires otherwise. We may disclose information to:
- Service providers who host our website, process payments, or deliver email—bound by contractual confidentiality and data-handling terms;
- Professional advisors such as accountants or lawyers when necessary;
- Government authorities when required by valid legal process;
- Emergency responders when necessary to protect life, health, or safety.
We do not sell personal information to recruiters, data brokers, or advertising networks. Corporate clients receive aggregated attendance reports—not unrelated employee data from other organisations.
Retention periods vary: enrolment records are kept for seven years to meet tax and audit norms; contact form messages are deleted within twenty-four months unless an active relationship continues; server logs rotate on a shorter cycle described in our cookie policy.
6. Accuracy
We rely on you to provide accurate contact details. You may request corrections to enrollment records by emailing [email protected]. We will amend verified inaccuracies promptly and notify service providers where corrections must propagate.
7. Safeguards
We implement administrative, technical, and physical safeguards proportionate to sensitivity. Measures include access controls for staff systems, encrypted transport (HTTPS) for website traffic, password policies for learning platforms, and locked storage for paper registers at our West Pender studio. No method of transmission or storage is perfectly secure; we encourage strong passwords and prompt reporting of suspected incidents.
8. Openness
This policy is publicly available at deeplearnpath.one/privacy.php. We provide plain-language summaries on our contact form and enrolment materials. Material updates will be posted with a revised "Last updated" date; significant changes may also be communicated by email to active participants.
9. Individual access
You may request access to personal information we hold about you, subject to limited legal exceptions. We will respond within thirty days in most cases, verify identity before disclosure, and explain any denials with reference to applicable law. Access requests should be sent to [email protected] with sufficient detail for us to locate records.
10. Challenging compliance
If you believe we handled your information inconsistently with this policy, contact us first. We will investigate and propose remediation when warranted. You may also contact the Office of the Privacy Commissioner of Canada if concerns remain unresolved, though we hope to address issues cooperatively.
11. Website and electronic communications
When you browse deeplearnpath.one, our servers may log IP addresses, browser types, referring pages, and timestamps for security and troubleshooting. Optional analytics cookies—used only with consent—help us understand aggregate traffic patterns. See our cookie policy for details and opt-out mechanisms.
Email communications may include programme updates, scheduling notices, and policy changes. You may unsubscribe from non-essential marketing messages while continuing to receive transactional messages necessary to deliver purchased education.
12. International considerations
Our primary operations and storage are in Canada. If you participate in virtual sessions while travelling abroad, your connection may cross networks outside Canada. Hybrid tools we use may process data in other jurisdictions under their own terms; we select vendors with reasonable contractual protections where feasible and minimise extraneous data sharing.
13. Coursework and lab submissions
Assignments you submit for assessment may include code, written reflections, and peer feedback. Instructors and graders access submissions for educational purposes. We instruct participants not to include personal health information, secrets, or employer-confidential data in exercises unless a corporate agreement explicitly covers handling. Shared notebooks are reset between cohorts unless alumni purchase lab access under separate terms.
14. Corporate training clients
When employers sponsor private cohorts, we may share attendance and milestone completion with designated learning-and-development contacts. We do not share individual performance comparisons across unrelated companies. Contracts may specify additional data-processing terms that supplement this policy.
15. Changes to this policy
We review this policy at least annually and whenever we launch material new services. Continued use of our website after updates constitutes acceptance of the revised policy for website interactions; enrolled participants receive direct notice when changes affect ongoing processing.
Contact: DeepLearnPath, 1130 West Pender Street, Suite 624, Vancouver, BC, Canada. Email: [email protected]. BN 832583769BC0001.
16. Automated decision-making
We do not make enrolment decisions solely through automated processing without human review. Pathway placement quizzes inform advisor conversations; they do not automatically deny registration.
17. Breach notification
If a security incident poses a real risk of significant harm, we will notify affected individuals and regulators as required by Canadian law, documenting timelines and remediation steps.
18. Data minimisation in marketing
Newsletter subscriptions are optional and require separate consent. We do not purchase mailing lists from brokers. Unsubscribe links appear in non-transactional emails.
19. Children's privacy
Programmes target adults in professional development contexts. We do not knowingly collect information from children under 14 without guardian authorisation.
20. Processor agreements
Vendors processing data on our behalf must implement safeguards consistent with this policy. We review contracts annually and limit subprocessors where feasible.
21. Research and improvement
We may analyse anonymised completion patterns to improve module ordering. Individual identities are removed before aggregate reporting.
22. Cross-border service providers
Email and video vendors may process data in the United States or other jurisdictions. We select providers with standard contractual clauses and conduct periodic reviews.
23. Employee access
Staff access personal information on a need-to-know basis. Instructors view enrolment rosters and submissions for courses they teach. Access is revoked when employment ends.
24. De-identification
When feasible we de-identify datasets used in optional research on pedagogy. Re-identification is prohibited by internal policy and employment agreements signed by all staff with data access.
25. Contacting the Privacy Commissioner
You may contact the Office of the Privacy Commissioner of Canada at priv.gc.ca if concerns remain unresolved after contacting us directly. We document complaints, response timelines, and remediation steps in internal records reviewed by leadership annually.
26. Marketing attribution
We do not purchase contact lists from brokers. If you arrive via a referral link from a partner organisation, we record only the partner name and timestamp for commission accounting where applicable—never unrelated third-party profiling.
27. Security incident communications
When incidents affect enrolment or payment data, we will communicate in plain language describing what occurred, what information was involved, and steps we are taking. We will not use incidents as marketing opportunities.
28. Data portability
Upon request, we can provide copies of your enrolment records and contact details in a commonly readable format, subject to identity verification and legal exceptions. Lab submissions may be exported where technically feasible.
29. Questions about this policy
Privacy questions should be directed to [email protected] with the subject line Privacy request. We aim to acknowledge messages within five business days and resolve straightforward access requests within thirty days as described in section nine. Written responses explain any applicable legal limitations clearly and without unnecessary delay when possible.