Policies and agreements

Privacy Policy

Aretevo Privacy Policy

Aretevo Privacy Policy last updated 28, June, 2026.

Thank you for using Aretevo. We respect your privacy and want you to understand how we collect, use, and share data about you. This Privacy Policy explains our data collection practices and describes your rights regarding your personal data.

Unless we link to a different policy or state otherwise, this Privacy Policy applies when you visit or use our websites, mobile interfaces, learning platform, plugins, communications, or related services (the “Services”). It also applies to prospective learners, instructors, partners, and customers who interact with our Services.

By using the Services, you agree to the terms of this Privacy Policy. You should not use the Services if you do not agree with this Privacy Policy or any other agreement that governs your use of the Services.

Table of Contents

What Data We Get
How We Get Data About You
What We Use Your Data For
Who We Share Your Data With
Security
Your Rights
Jurisdiction-Specific Rules
Updates & Contact Info

1. What Data We Get

We collect certain data from you directly, such as information you enter yourself, data about your participation in courses and learning activities, and data from third-party services you connect with our platform. We also collect some data automatically, such as information about your device and how you interact with the Services. All data listed in this section may be subject to processing activities including collecting, recording, organizing, structuring, storing, adapting, retrieving, consulting, using, transmitting, pseudonymizing, restricting, erasing, or destroying.

1.1 Data You Provide to Us

We may collect different data from or about you depending on how you use the Services. The following examples are intended to help you understand the categories of data we may collect.

When you create an account and use the Services, including through a third-party service, we may collect data you provide directly

Category of Personal Data: Account Data

Description:
To use certain features, such as logging in, accessing courses, receiving grades, or participating in forums, you need to create a user account. We may collect and store your name, username, email address, password, profile preferences, language, time zone, and account settings. Depending on how our site is configured, we may also collect additional information such as but not limited to: phone number, city, country, or learner category. We may assign you a unique internal user number associated with your account.

Legal Basis for Processing:
Performance of contract
Legitimate interests (service delivery, identity verification, fraud prevention, communication, platform administration)
Consent, where required by law

Category of Personal Data: Learning and Academic Data

Description:
When you enroll in or access learning content, we may collect information such as courses viewed, course enrollments, attendance records, lessons completed, quiz attempts, assessment submissions, grades, certificates, badges, learning pathways, workshop submissions, feedback responses, progress records, and communications with instructors, teaching assistants, and other learners within the Services.

Legal Basis for Processing:
Performance of contract
Legitimate interests (service provision, course administration, academic integrity, support, platform improvement)

Category of Personal Data: Profile Data

Description:
You may choose to provide profile data such as a profile photo, biography, job title, interests, website link, social media profiles, country, or other information. Depending on the site configuration, some profile information may be visible to teachers, administrators, classmates, or other users.

Legal Basis for Processing:
Performance of contract
Legitimate interests (enhanced platform functionality, user identification, academic collaboration)

Category of Personal Data: Learning and Academic Data

Legal Basis for Processing:
Performance of contract
Legitimate interests (service provision, course administration, academic integrity, support, platform improvement)

Category of Personal Data: User Content and Shared Content

Description:
Parts of the Services may allow you to post, submit, upload, or share content with others. This may include forum posts, messages, assignment files, comments, survey responses, workshop peer reviews, wiki edits, glossary entries, chat messages, database activity, and other content you choose to submit. Depending on the feature and permissions, this content may be visible to instructors, classmates, administrators, or other authorized users.

Legal Basis for Processing:
Performance of contract
Legitimate interests (service provision, collaboration, education delivery, moderation)

Category of Personal Data: Communications and Support Data

Description:
If you contact us for support, submit a complaint, request technical help, ask a privacy question, or otherwise communicate with us, we may collect and store your contact details, correspondence, attachments, and any information you choose to provide in relation to your issue.

Legal Basis for Processing:
Legitimate interests (customer support, technical troubleshooting, fraud prevention, compliance)
Legal obligation, where applicable

Category of Personal Data: Payment and Billing Data

Description:
If our platform offers paid courses, subscriptions, or other paid Services, we may collect limited information related to your purchase, such as your name, billing address, postal code, transaction history, and payment status. Payment card information is typically processed directly by our third-party payment providers and not stored in full on our systems. We may receive limited payment-related details from those providers, such as payment confirmation, the last four digits of a card, transaction identifiers, and refund status.

Legal Basis for Processing:
Performance of contract
Legal obligation
Legitimate interests (payment administration, fraud prevention, accounting)

Category of Personal Data: Instructor or Content Provider Data

Description:
If you act as a teacher, trainer, course creator, or content provider, we may collect additional information necessary to manage your role on the platform, including your display name, biography, qualifications, payment details where applicable, taxation details where legally required, and communications relating to the courses you manage.

Legal Basis for Processing:
Performance of contract
Legal obligation
Legitimate interests (platform administration, payment processing, compliance)

Category of Personal Data: Data from Connected Services

Description:
If you sign in through or connect our Services with a third-party service such as Google, Linked In, or another authentication provider, we may receive information such as your name, email address, language, unique account identifier, and profile image, depending on the permissions granted and the third party’s configuration.

If you access our Services through a third-party platform, your use may also be subject to that third party’s privacy policy and terms.

Legal Basis for Processing:
Performance of contract
Legitimate interests (authentication, user convenience, account matching)

Category of Personal Data: Surveys, Promotions, and Research

Description:
We may invite you to complete surveys, evaluations, questionnaires, pilot programs, or promotional activities. If you participate, we may collect the data you provide, such as your name, email address, responses, demographic information, and any information relevant to the activity. If a third party administers the survey or promotion on our behalf, that third party may process your data according to its own terms in addition to ours.

Legal Basis for Processing:
Consent, where required
Performance of contract
Legitimate interests (research, service improvement, communications, promotion administration)

1.2 Data We Collect through Automated Means

When you access the Services, including browsing courses or viewing public pages, we may collect certain data automatically, including:

Category of Personal Data: System Data

Description:
Technical data about your device or browser, such as your IP address, browser type, browser language, operating system, device type, unique device identifiers, login timestamps, error logs, app version, referral URL, and network or connection data.

Legal Basis for Processing:
Performance of contract
Legitimate interests (service delivery, technical support, security, abuse prevention, platform improvement)

Category of Personal Data: Usage Data

Description:
Information about how you interact with the Services, such as pages visited, time spent on pages, links clicked, search terms, course navigation, activity completion behavior, login frequency, session duration, feature usage, video progress where enabled, and interactions with course tools and communications.

Legal Basis for Processing:
Legitimate interests (service provision, analytics, product improvement, fraud prevention, academic administration)

Category of Personal Data: Approximate Geographic Data

Description:
An approximate location derived from your IP address, such as your country, city, or region.

Legal Basis for Processing:
Legitimate interests (localization, fraud prevention, compliance, service optimization)

Category of Personal Data: Log and Security Data

Description:
Server logs, authentication records, failed login attempts, password reset events, account lockouts, suspicious activity alerts, and audit trail entries generated by the platform for security, integrity, and administrative purposes.

Legal Basis for Processing:
Legal obligation, where applicable
Legitimate interests (security, incident response, fraud prevention, compliance)

The data listed above may be collected through server log files, cookies, local storage, pixels, scripts, tags, or similar technologies as described in Section 2 below. Depending on your settings and applicable law, some of this data may be associated with your account.

1.3 Session and Interaction Monitoring

We may use tools that record limited interaction data, such as clicks, navigation paths, scroll activity, form interactions, or error events, in order to understand usability issues, diagnose technical problems, and improve the user experience. Where such tools are used, we take steps designed to avoid capturing highly sensitive fields such as passwords and full payment card information. Where required by law, these tools will only be used after appropriate consent.

1.4 Data From Third Parties

We may obtain information from third parties such as authentication providers, payment processors, analytics providers, spam prevention services, partners, or organizations that authorize or sponsor access to the Services.

2. Methods of Data Collection (Moodle-Specific Technologies)

We collect data using server logs, web forms, and automated technologies. Because our platform is built on Moodle, we specifically use Moodle's native cookie and storage mechanisms rather than generic tracking technologies.

2.1 Moodle Core Cookies

Our platform uses a limited set of first-party cookies that are essential for the Moodle learning environment to function. These are not used for cross-site tracking, advertising, or behavioral profiling. The specific Moodle cookies we use include:

Cookie Name	Type	Purpose	Duration
MoodleSession	Strictly Necessary	This cookie maintains your authenticated session while you navigate between pages. It contains a unique session identifier that allows the server to recognize your browser after login. Without this cookie, you would be repeatedly prompted to log in on each page.	Session (expires when browser is closed or user logs out).
MOODLEID1	Functionality	This cookie stores a random identifier if you select "Remember username" on the login page. It auto-fills your username field on subsequent visits. It never stores your password.	Persistent (typically 90 days, configurable by administrator).
lang	Preference	This cookie remembers your selected language preference for the interface (e.g., en, es, fr). It overrides the browser's default language detection.	Persistent (1 year or until changed).
cookiecontrol	Consent Management	If we deploy a cookie consent tool (where required by law), this cookie records your acceptance or rejection of non-essential cookies. It prevents the consent banner from reappearing on every page load.	Persistent (6–12 months, configurable).

2.2 Moodle Local Storage and Session Storage

In addition to cookies, the Moodle platform uses HTML5 local storage and session storage for specific functional purposes:

Quiz Timer: If you take a timed quiz, your remaining time may be stored in local storage to prevent time loss due to accidental page refreshes or browser crashes.
Text Editor Drafts: Content you compose in the Atto or TinyMCE text editors may be auto-saved to local storage to recover drafts if you navigate away accidentally.
Accessibility Preferences: Certain accessibility settings (e.g., font size, high contrast mode) may be stored locally to persist across sessions without requiring server-side storage.

Important Limitation: Our Moodle-based Services do not use advertising cookies, third-party tracking cookies (e.g., from Google Analytics or Facebook Pixel), or any cookies designed for cross-site behavioral advertising. Where we use analytics, we rely on server-side, aggregated log analysis or privacy-preserving tools that operate without persistent tracking identifiers.

2.3 Why We Use These Data Collection Tools

We use the Moodle-native data collection tools for the following categories of purposes:

Strictly Necessary: Authentication, session management, navigation, course access, security controls, and prevention of abusive activity. The Services cannot function without these.
Functional: Remembering preferences such as language, accessibility settings, and dashboard configurations.
Performance and Analytics: Measuring server load, understanding broad usage patterns (at aggregate level), identifying technical errors, and testing platform improvements. We do not use individual-level tracking for analytics without explicit consent where required by law.
Quiz Integrity: Maintaining quiz timer accuracy and preventing submission failures due to connectivity issues.

You can control cookies through your browser settings. Disabling strictly necessary cookies (e.g., MoodleSession) will prevent the platform from functioning. For users in jurisdictions requiring consent (e.g., EU under GDPR), we provide a cookie consent banner that allows you to accept or decline non-essential cookies before they are set.

3. What We Use Your Data For

We use your data to provide, maintain, and improve the Services; manage accounts and course participation; communicate with you; respond to requests; ensure security; comply with law; and support the educational, technical, and administrative functions of the platform. We retain your data only for as long as necessary for the purposes for which it was collected, unless a longer retention period is required or permitted by law, for dispute resolution, recordkeeping, or safety and integrity purposes.

We may use the data we collect through your use of the Services to:

Provide, operate, administer, and maintain the Services, including user authentication, course access, learning activity tracking, assessments, certificates, badges, and communication tools;
Process enrollments, course participation, certificates, attendance, and related academic or training records;
Process purchases, refunds, subscriptions, or payments where paid Services are offered;
Respond to your requests, questions, technical issues, complaints, and support inquiries;
Send you administrative notices, service announcements, policy updates, login alerts, enrollment confirmations, and course-related communications;
Send you information about new courses, features, events, reminders, or promotional content where lawful and consistent with your preferences;
Personalize your experience, including course suggestions, dashboard content, learning pathways, reminders, and language or accessibility settings;
Facilitate teacher-student interaction, peer interaction, assignment submission, grading, forum participation, and collaborative learning tools;
Monitor academic integrity, protect against cheating, abuse, unauthorized access, spam, fraud, and technical misuse of the platform;
Verify eligibility, identity, or account ownership where reasonably necessary;
Conduct analytics, measure engagement, improve course design, and develop new features or services;
Administer surveys, evaluations, promotions, research activities, and feedback initiatives;
Comply with legal obligations, accounting rules, educational reporting requirements, tax obligations, lawful requests from public authorities, court orders, or other applicable legal processes;
Enforce our Terms of Use, institutional rules, academic policies, and platform standards;
Protect the safety, rights, property, and integrity of users, administrators, instructors, third parties, and the Services;
Create aggregated, statistical, or de-identified information that no longer directly identifies you, which we may use for reporting, service evaluation, or improvement.

4. Who We Share Your Data With

We share certain data about you with instructors, administrators, service providers, institutional partners, and other authorized recipients where this is necessary to operate the Services, deliver learning experiences, comply with legal obligations, or protect the platform. We may also share data where you direct us to do so, where you consent, or where the data has been aggregated or de-identified.

We may share your data with third parties under the following circumstances:

With Instructors, Trainers, or Course Managers: We may share data relevant to course delivery and administration, such as your name, profile information, progress, participation, submissions, grades, attendance, and activity within the courses they manage, to enable them to teach, assess, support, and improve learning experiences.
With Other Users: Depending on your settings and the course configuration, your profile data and contributions may be visible to other users, such as classmates, teachers, or group members. For example, your name, profile image, forum posts, workshop submissions, comments, messages, or collaborative edits may be visible to those authorized to participate in the same learning context.
With Service Providers, Contractors, and Agents: We may share your data with third-party companies that provide services on our behalf, such as website hosting, cloud storage, authentication, email delivery, payment processing, analytics, support tools, accessibility tools, survey delivery, security monitoring, spam detection, and backup or infrastructure support. These providers may access personal data only as necessary to provide services to us and are required to protect it appropriately.
With Payment Providers and Financial Service Providers: If you make payments through the Services, payment-related information may be processed by third-party processors, banks, or financial institutions to complete transactions, issue refunds, prevent fraud, or comply with legal obligations.
With Analytics and Research Providers: We may share certain data, including usage data or pseudonymized identifiers, with analytics or reporting providers to understand how the Services are used and improve functionality. Where required, we will seek consent before using non-essential analytics technologies.
With Communication and Survey Providers: We may share your contact details and related interaction information with vendors that help us send platform notices, newsletters, surveys, or service messages on our behalf.
With Social Login or Integration Providers: If you choose to sign in or interact through a third-party service, that third party may receive information about your use of the feature, and your interactions with those features may be governed by that third party’s privacy policy.
For Security and Legal Compliance: We may disclose your data to courts, regulators, law enforcement, administrative authorities, auditors, legal counsel, insurers, or other third parties if we believe in good faith that disclosure is necessary to:
- comply with a legal obligation, lawful request, court order, or regulatory process;
- investigate, prevent, or address fraud, abuse, security incidents, or illegal activity;
- enforce our terms, institutional rules, or other agreements;
- protect the rights, property, safety, or integrity of the platform, users, staff, service providers, or the public.
During a Business or Organizational Change: If Aretevo is involved in a merger, acquisition, reorganization, restructuring, transfer of activities, insolvency event, or sale of assets, your data may be shared, transferred, or disclosed as part of that process.
After Aggregation or De-identification: We may use or share aggregated or de-identified information for research, reporting, statistics, compliance, service improvement, or other lawful purposes.
With Your Permission: We may share your data with third parties outside the scope of this Privacy Policy where you request or clearly authorize us to do so.

If you click a link to a third-party site or service, your interactions with that third party will be governed by its own privacy policy and terms.

5. Security

We use reasonable and appropriate technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, loss, or destruction. These measures may include access controls, role-based permissions, encryption in transit where appropriate, secure authentication processes, logging, monitoring, backups, software updates, and administrative safeguards.

However, no method of transmission over the internet or method of electronic storage is completely secure. While we work to protect your data, we cannot guarantee that communications between you and our Services or data stored by us will always remain free from unauthorized access, loss, misuse, or alteration.

Your password is an important part of our security system, and you are responsible for keeping it confidential. You should not share your password with others. If you believe your account or credentials have been compromised, you should change your password promptly and contact us immediately.

6. Your Rights

Depending on where you are located, you may have rights regarding your personal data, including the right to access, correct, delete, or transfer certain data, and the right to withdraw consent where processing is based on consent.

6.1 Your Choices About the Use of Your Data

You can choose not to provide some data, but doing so may prevent you from using certain features of the Services.

Promotional communications: You can opt out of promotional emails by using the unsubscribe link in the email or by changing your communication preferences where available. Even if you opt out of promotional messages, we may still send transactional or administrative messages, such as account notices, enrollment confirmations, policy updates, security alerts, and support responses.
Cookies and similar technologies: Where applicable, you can manage cookies through your browser or device settings. Disabling certain cookies may affect the operation of some parts of the Services.
Account settings: You may be able to review and edit certain personal data directly through your profile or account settings page.
Third-party tools: If we use third-party analytics or advertising tools, you may also be able to exercise choices through those providers’ privacy tools, browser settings, or applicable consent mechanisms.

If you have questions about your data or your rights, you can contact us using the contact details in Section 8.

6.2 Accessing, Updating, and Deleting Your Personal Data

You can generally access and update certain information in your account profile directly through the Services.

· Update or correct your data: Log into your account and update your profile or relevant account fields where available.

Delete your account or request erasure: You may request account deletion or erasure of personal data by contacting us at support@aretevo.com .

Please note that even after account deletion or closure, we may retain certain data where we have a lawful basis to do so, including for educational recordkeeping, legal compliance, security, dispute resolution, fraud prevention, backup retention cycles, and enforcement of agreements. In addition, content you shared with others, such as forum posts, messages, peer reviews, or collaborative contributions, may remain visible to other authorized users where appropriate, although we may de-identify or anonymize it where feasible.

6.3 Our Policy Concerning Children

Our Services are not intended for use by children below the minimum age required under applicable law to consent to online services, unless access is provided through and under the authority of a parent, guardian, school, or other legally authorized institution, as permitted by law.

If we learn that we have collected personal data from a child in a manner not permitted by law, we will take reasonable steps to delete that information or otherwise bring the processing into compliance. Parents, guardians, or authorized institutions that believe a child has provided personal data unlawfully may contact us at support@aretevo.com .

7. Jurisdiction-Specific Rules

Users in certain jurisdictions may have additional rights or disclosures under local law. This section applies to the extent required by applicable law.

7.1 European Economic Area (EEA) and United Kingdom

If you are located in the EEA or UK, the following additional terms apply under the General Data Protection Regulation (GDPR) or UK GDPR..

7.2 United States

We do not sell personal data as defined by the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), or other state privacy laws.

7.3 International Users

Your data may be processed in countries other than your own, including the United States or other jurisdictions where we or our service providers operate. These countries may have data protection laws that differ from your country. By using the Services, you acknowledge that your data may be transferred to such countries subject to safeguards described in Section 7.1.

8. Updates & Contact Info

When we make material changes to this Privacy Policy, we may notify users by email, through the platform, or by another method required by law. Changes become effective on the date stated in the updated policy unless otherwise required.

8.1 Modifications to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal obligations, or service offerings. Unless stated otherwise, changes will become effective when posted.

8.2 Interpretation

Any capitalized terms not defined in this Privacy Policy have the meanings given to them in our Terms of Use or other governing agreements. If this Privacy Policy is translated into another language, the version designated by us as controlling will prevail in the event of conflict, to the extent permitted by law.

8.3 Questions and Contact Details

If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or our privacy practices, you may contact us at:

Email: support@aretevo.com

I agree to the Privacy Policy.

Accessibility

Reset All

Background Colour