Privacy Policy
Last Updated: January 15, 2025
At Legitimax, we're committed to protecting your personal information. This policy explains how we collect, use, and safeguard your data when you interact with our investing education platform. We operate in full compliance with Canadian privacy legislation, including PIPEDA (Personal Information Protection and Electronic Documents Act).
Information We Collect
We collect different types of information depending on how you engage with our services. Some data you provide directly, while other information is gathered automatically as you navigate our platform.
Personal Information You Provide
- Contact details including name, email address, phone number, and mailing address
- Account credentials when you create a learner profile
- Payment information for course enrollment (processed securely through third-party providers)
- Educational background and investing experience levels
- Communication preferences and feedback you share with us
- Any information included in correspondence with our support team
Automatically Collected Data
When you visit legitimax.pro, our systems automatically gather technical information to improve your experience and maintain platform security. This includes your IP address, browser type, device information, pages visited, time spent on different sections, and referral sources.
How We Use Your Information
Your data serves specific purposes that directly support your learning experience and our operational needs. We don't collect information just to have it — everything we gather has a practical function.
| Purpose | How We Use It |
|---|---|
| Course Delivery | Managing your enrollment, tracking progress, providing learning materials, and issuing certificates |
| Communication | Sending course updates, responding to inquiries, and sharing relevant educational content |
| Platform Improvement | Analyzing usage patterns to enhance course content and user experience |
| Security | Preventing fraud, protecting accounts, and maintaining system integrity |
| Legal Compliance | Meeting regulatory requirements and responding to lawful requests |
We will never sell your personal information to third parties. Your trust matters more to us than any potential revenue from data sales.
Data Sharing and Third Parties
While we keep most of your information internal, certain situations require us to share data with trusted partners. Here's when and why that happens.
Service Providers
We work with companies that help us deliver our educational services. These include payment processors, email service providers, cloud hosting platforms, and analytics tools. Each partner is contractually bound to protect your data and can only use it for the specific services they provide to us.
Legal Requirements
Sometimes we're legally obligated to disclose information. This might happen if we receive a valid court order, need to comply with Canadian financial regulations, or must protect someone's safety. We'll always review such requests carefully and share only what's legally required.
Business Transfers
If Legitimax is acquired or merges with another company, your information would likely transfer to the new entity. We'd notify you before this happens and explain any changes to how your data is handled.
Your Privacy Rights
Under Canadian privacy law, you have significant control over your personal information. These aren't just theoretical rights — we've built systems to make exercising them straightforward.
Access Your Data
Request a copy of all personal information we hold about you. We'll provide this in a readable format within 30 days.
Correct Inaccuracies
Update or fix any incorrect information in your profile. Most details you can change yourself through your account settings.
Delete Your Account
Request complete deletion of your data. We'll remove everything except information we're legally required to retain.
Withdraw Consent
Stop us from using your data for optional purposes like marketing emails. Essential service communications will continue.
Data Portability
Receive your information in a structured format that you can transfer to another service provider.
Lodge Complaints
File a complaint with the Office of the Privacy Commissioner of Canada if you're concerned about our practices.
To exercise any of these rights, email us at contact@legitimax.pro with your request. We'll verify your identity and respond within the timeframes required by law — typically 30 days for most requests.
Data Security Measures
We take security seriously because we understand what's at stake. Our approach combines technical safeguards with operational policies designed to protect your information from unauthorized access.
- Industry-standard encryption for data transmission and storage
- Regular security audits and vulnerability assessments
- Strict access controls limiting who can view personal information
- Secure backup systems with encrypted off-site storage
- Employee training on privacy best practices and data handling
- Incident response procedures for addressing potential breaches quickly
While no system is completely impervious to attacks, we continuously update our security infrastructure to address emerging threats. If we ever detect unauthorized access to your data, we'll notify you promptly and explain what happened and what we're doing about it.
Data Retention Periods
We don't keep your information indefinitely. Different types of data have different retention schedules based on legal requirements and practical needs.
Active Account Data
While your account remains active, we retain all associated information to provide ongoing services. This includes your profile, course progress, certificates earned, and communication history.
Inactive Accounts
If you haven't logged in for three years, we'll email you asking whether you want to keep your account. Without a response, we'll delete non-essential data while preserving basic records for compliance purposes.
Financial Records
Canadian tax law requires us to maintain payment records for seven years. After that period, we securely destroy all financial transaction details.
Marketing Communications
If you unsubscribe from our educational updates, we'll immediately stop sending promotional content. We'll keep a record of your unsubscribe request to ensure we don't accidentally contact you again.
Cookies and Tracking Technologies
Our website uses cookies and similar technologies to remember your preferences and understand how people interact with our platform. You can control most cookies through your browser settings.
Essential Cookies
These are necessary for the website to function properly. They handle things like keeping you logged in, remembering items in your cart, and maintaining security. You can't opt out of these without breaking core functionality.
Analytics Cookies
We use these to understand which course topics generate the most interest, where people get stuck in the enrollment process, and how we can improve navigation. The data is aggregated and doesn't identify you personally.
Preference Cookies
These remember your settings like language preferences, display options, and notification choices so you don't have to reconfigure things each visit.
Children's Privacy
Legitimax's investing education programs are designed for adults. We don't knowingly collect information from anyone under 18. If you're a parent who discovers that your child has provided us with personal information, please contact us immediately and we'll delete it from our systems.
International Data Transfers
While Legitimax operates in Canada, some of our service providers maintain servers in other countries. When your data is transferred internationally, we ensure those providers offer adequate protection through contractual agreements that meet Canadian privacy standards.
Your information may be processed in the United States or European Union through our cloud hosting and email service providers. These transfers comply with PIPEDA requirements for cross-border data flows.
Changes to This Policy
Privacy practices evolve, and so will this policy. When we make significant changes, we'll notify you by email and post a prominent notice on our website for at least 30 days before the new terms take effect.
Minor updates — like clarifying existing language or adding new examples — might happen without formal notification. We recommend reviewing this policy periodically, especially before enrolling in new courses.
Questions and Concerns
If something in this policy isn't clear, or if you have concerns about how we handle your information, we want to hear from you. Privacy questions shouldn't go unanswered.
Our team reviews every privacy inquiry carefully. While we aim to respond within 48 hours, complex questions might take longer as we consult with our legal advisors to provide accurate information.