Effective Date: January 1, 2026

Last Updated: November 12, 2025

Melsoft International School (formerly Melsoft Academy), a division of Melsoft Academy (Pty) Ltd ("Melsoft," "we," "us," or "our"), is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you access our website (melsoft.org), mobile apps, online platforms, courses, programs, and related services (collectively, the "Services"). We operate as a global online education institution, with a focus on building Africa's and the Middle East's tech workforce through innovation and accessible training.

This Policy complies with applicable data protection laws, including the Protection of Personal Information Act (POPIA) in South Africa, the General Data Protection Regulation (GDPR) for EU residents where applicable, and other relevant regulations in regions like the UAE and Africa. By using the Services, you consent to the practices described herein. If you do not agree, please do not use the Services. For users under 18 (or the age of majority in your jurisdiction), a parent or guardian must review and consent to this Policy, and they are responsible for your data.

1. Information

We Collect We collect information to provide, improve, and personalize the Services. Categories include: Personal Information: Data that identifies you, such as name, email address, phone number, date of birth, nationality, ID/passport details (for enrollment/verification), payment information (e.g., credit card details via secure processors), academic history, and employment details (for learnerships or job guarantees). For minors, we may collect guardian details.

Usage and Device Information: Automatically collected data like IP address, browser type, device ID, operating system, access times, pages viewed, interactions (e.g., course progress, quiz responses), and location data (approximate, for personalization). Educational and Interaction Data: Course enrollments, assignments, forum posts, webinar attendance, mentorship sessions, and feedback. Marketing and Communication Data: Preferences for newsletters, event registrations, or inquiries via WhatsApp/forms. Sensitive Information: In limited cases (e.g., for diversity initiatives or learnerships), we may collect data on gender, ethnicity, or disability with explicit consent, in compliance with POPIA/GDPR.

Third-Party Data: From partners (e.g., HubSpot CRM for leads, Stripe/Paystack for payments, or social logins), or public sources for verification. We do not collect more data than necessary and avoid sensitive categories unless required (e.g., for SAQA accreditation).

2. How We Collect Information

Directly from You: When you register, enroll, submit forms, participate in courses, or contact us (e.g., via WhatsApp or support@melsoft.org). Automatically: Via cookies, pixels, logs, and analytics tools (e.g., Google Analytics, Meta Pixels) for usage patterns. See our Cookie Policy for details. From Third Parties: Integrations like Calendly (bookings), Circle (community), or payment processors; or from sponsors/partners for learnerships.

Public Sources: For verification or marketing (e.g., LinkedIn profiles with consent).

3. How We Use Your Information

We use data for legitimate purposes, including: Providing Services: Enrollment, course access, mentorship, certifications, job placements, and support. Personalization: Tailoring content, recommendations, and communications (e.g., program suggestions based on progress). Operations: Billing, payments, analytics for improvements, fraud prevention, and compliance (e.g., SAQA reporting). Marketing: Sending newsletters, promotions, or event invites (opt-out available). We may use aggregated data for impact reports. Research and Development: Anonymized data to enhance programs or measure outcomes (e.g., graduate placement rates).

Legal Compliance: Responding to requests from authorities, or for audits under POPIA/GDPR. Security: Monitoring for threats, ensuring data integrity. For sensitive data, we obtain explicit consent and use it only for specified purposes (e.g., diversity metrics).

4. Sharing Your Information

We share data only when necessary: Service Providers: With trusted vendors (e.g., HubSpot for CRM, Stripe for payments, AWS for hosting) under strict contracts ensuring confidentiality. Partners and Affiliates: For collaborations (e.g., learnership sponsors, co-branded programs) or accreditations (e.g., QCTO/SAQA/MICT SETA). Legal Requirements: If required by law, subpoena, or to protect rights/safety (e.g., fraud investigations). Business Transfers: In mergers/acquisitions, with notice and safeguards. Aggregated/Anonymous Data: For reports or research, without identifying individuals. We do not sell your personal data. International transfers (e.g., to UAE hubs) use safeguards like standard contractual clauses.

5. Cookies and Tracking Technologies We use cookies, pixels, and similar tech for functionality, analytics, and marketing: Essential Cookies: For site operation (e.g., login sessions). Performance Cookies: Track usage (e.g., GA4 for metrics). Marketing Cookies: For targeted ads (e.g., Meta/TikTok Pixels). Manage Preferences: Via cookie banner; browser settings to block. Note: Disabling may limit functionality.

6. Data Security

We implement WCAG 2.1 AA accessibility, encryption (SSL), access controls, and regular audits to protect data. However, no system is 100% secure; report incidents to support@melsoft.org. We comply with POPIA's breach notification requirements.

7. Your Rights and Choices

Depending on your location (e.g., POPIA/GDPR rights): Access/Correction: Request your data or updates. Deletion: Erase data (subject to legal retention, e.g., accreditation records for 5 years). Objection/Withdrawal: Opt-out of marketing or processing (e.g., unsubscribe links). Portability: Receive data in portable format. Complaints: Lodge with SA Information Regulator (inforeg@justice.gov.za) or equivalent. Exercise rights via support@melsoft.org; we respond within 30 days (extendable). For children: Guardians manage rights.

8. Children's Privacy

Services are not for children under 13 without consent. For 13-18, parental consent required for data collection. We comply with COPPA equivalents; contact us for details.

9. Data Retention

We retain data as needed for Services (e.g., course access during enrollment) or legal purposes (e.g., financial records for 7 years). Anonymized data may be kept indefinitely for analytics.

10. International Data Transfers

Data may be processed in SA, UAE, or US (e.g., cloud servers). We ensure adequate protections via contracts/models.

11. Changes to This Policy

We may update; significant changes notified via email/site (30 days advance). Continued use constitutes acceptance.