Skip to main content

Legal

Privacy Policy

Last Updated: March 14, 2026

1. Introduction & Controller Identity

This Privacy Policy explains how Building Materials Sales Academy (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit this website and when you contact us through our registration form. Our website provides educational content and training materials focused on building materials sales, including product knowledge, customer relations, wholesale operations, and retail sales techniques.

For the purposes of the General Data Protection Regulation (GDPR) and similar laws, the data controller is Qadntriva Learning Ltd, registered at Strašov 130, 533 16 Strašov, Czech Republic. You can contact us about privacy matters at [email protected].

Effective Date: March 14, 2026.

2. Personal Data We Collect

We collect personal data that you choose to provide, as well as limited technical information needed to operate the site securely. The categories below describe what we may collect, depending on how you interact with the website.

  • Identity and contact data: first name, last name, email address, and (if you contact us outside the form) other details you choose to share.
  • Form content: your learning goals and any additional information you include in your message about role context (for example wholesale, distribution, or retail counter work), topics of interest, or training needs.
  • Technical data: IP address, browser type, device/operating system, language settings, approximate location derived from IP, and timestamps of requests.
  • Usage data: pages viewed, time spent on pages, referring pages, and click paths, where enabled through analytics cookies.
  • Cookies and identifiers: cookie preferences and session cookies, plus optional analytics and marketing cookies when you consent. Details are explained in Section 4 and in our Cookie Policy.
  • Conversion events: information that indicates a form submission took place (for example a successful registration request), when measurement tools are enabled via consent.

We do not intentionally collect special-category data (such as health data, religious or political views), financial account details, or government-issued identifiers through our standard registration form. Please do not include such information in your message.

3. Why We Process Your Data & Legal Basis (GDPR Art. 6)

We use personal data only for clear, limited purposes tied to delivering an educational service and maintaining a secure website. Where GDPR applies, we rely on the legal bases below.

Registration and enquiries

When you submit the registration form, we process your data to respond, understand your learning goals, and communicate about appropriate next steps. Legal basis: GDPR Art. 6(1)(b) (steps prior to entering into a contract) and, where required, Art. 6(1)(a) (consent) for being contacted.

Analytics

If you consent to analytics cookies, we may measure how the website is used so we can improve content structure, clarify course explanations, and identify pages that need better guidance. Legal basis: GDPR Art. 6(1)(a) (consent).

Marketing and advertising measurement

If you consent to marketing cookies, we may use advertising measurement tools to understand the effectiveness of campaigns and to show more relevant messages to audiences who have expressed interest in training. Legal basis: GDPR Art. 6(1)(a) (consent).

Security and fraud prevention

We process limited technical data (such as IP address and request metadata) to keep the website secure, prevent abuse, and ensure service availability. Legal basis: GDPR Art. 6(1)(f) (legitimate interests), balanced against your rights and expectations.

Legal obligations

Where applicable, we may process data to comply with legal obligations (for example accounting and record-keeping if services are contracted). Legal basis: GDPR Art. 6(1)(c).

Automated decision-making (Art. 22)

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects.

4. Cookies & Tracking

Cookies are small text files stored on your device. Some cookies are essential for the site to function; others are optional and require your consent. In addition to cookies, some providers may use pixel tags or server-side event collection where enabled by consent.

Essential cookies (always active)

Essential cookies support core site functions such as session continuity and storing your cookie preferences. These do not require consent. Typical retention is session-based up to 12 months, depending on the cookie.

  • _site_session: maintains basic site session continuity.
  • cookie_consent: stores your cookie preference selection.
  • Security/CSRF protection: where used to protect form submissions and site integrity.

Analytics cookies (consent required)

If you opt in, we may use Google Analytics 4 (GA4) to understand how visitors use the site. IP anonymization is enabled where supported. Example cookies include _ga (2 years) and _ga_XXXXXXXXXX (2 years). Analytics data retention is typically 14 months.

Marketing cookies (consent required)

If you opt in, marketing cookies may be used to measure advertising performance and support remarketing audiences. Examples include _gcl_au (Google Ads, 90 days), _fbp (Meta, 90 days), and _fbc (90 days when click identifiers are present). Where implemented, these tools can associate site interactions with advertising campaigns and conversions.

For more detailed information about cookies and how to manage them, please read our Cookie Policy.

5. Consent (EEA/UK)

Users in the EEA and the UK receive a consent notice under GDPR/UK GDPR. Analytics and marketing cookies activate only after explicit, informed, freely given consent (GDPR Art. 6(1)(a)). Your choice is recorded in the cookie_consent cookie (typically 12 months).

You can withdraw consent at any time by using “Manage cookie preferences” in the site footer or by clearing cookies in your browser. Withdrawal does not affect the lawfulness of processing based on consent before it was withdrawn.

6. Sharing With Advertising & Service Partners

We use reputable service providers to operate and improve the website. Depending on your cookie choices and technical settings, certain data may be shared with the providers below.

  • Google LLC (Google Analytics 4, Google Ads, Google Tag Manager, remarketing): cookie identifiers, usage data, and conversion events where enabled by consent. Privacy information: https://policies.google.com/privacy.
  • Meta Platforms, Inc. (Pixel, Custom/Lookalike Audiences, Conversion API where configured): page views, conversion events, and audience membership where enabled by consent. Privacy information: https://www.facebook.com/privacy/policy.
  • Cloudflare (CDN and security): IP-based threat detection and delivery optimizations to improve performance and protect the site. Privacy information: https://www.cloudflare.com/privacypolicy/.

We do not sell personal data. These providers act as service providers or processors for the purposes described above and may not use site data for their own independent commercial purposes.

7. International Transfers

Some providers process data outside the EEA/UK, including in the United States. Where international transfers occur, we rely on appropriate safeguards such as the EU-US Data Privacy Framework (and the UK Extension, where applicable) or Standard Contractual Clauses (EU 2021/914) as a fallback. Where required, we also use UK-specific transfer mechanisms such as the UK IDTA.

You can request more details about the safeguards we use by contacting us at [email protected].

8. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, plus any period needed for legitimate operational needs or legal obligations. Typical retention periods are:

  • Registration form submissions: up to 2 years from the last interaction, unless a longer period is needed for an ongoing relationship.
  • Email correspondence: for the duration of the relationship plus 1 year, unless a longer period is necessary for dispute handling or compliance.
  • Server security logs: typically up to 90 days, unless needed longer to investigate abuse or security incidents.
  • Analytics data: typically 14 months (where enabled by consent).
  • Marketing cookies: according to cookie lifetime (for example 90 days) and only where enabled by consent.
  • Cookie consent records: up to 3 years for auditability of consent handling.
  • Legal and tax records: as required by applicable law (often 6 to 10 years for invoices and accounting records).

9. Your Rights (GDPR & UK GDPR)

If GDPR or UK GDPR applies, you have rights regarding your personal data, including:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)
  • Right to withdraw consent at any time (Art. 7(3))
  • Right to lodge a complaint with a supervisory authority (Art. 77)

To exercise your rights, email [email protected]. We aim to respond within 30 days. For complex requests, this may be extended by up to 60 additional days as permitted by law.

Supervisory authority resources: EU guidance at https://edpb.europa.eu and UK guidance at https://ico.org.uk.

10. Children

This site is not directed at individuals under 16. We do not knowingly collect personal data from minors. If we learn that we have collected personal data from a child under 16 without verifiable parental consent, we will delete it promptly.

11. Do Not Track

This website does not respond to “Do Not Track” (DNT) browser signals. Third-party providers may have their own DNT handling and opt-out mechanisms.

12. Account & Data Deletion Requests

We do not offer user accounts on this website. If you want us to delete your personal data that you have provided through the registration form or email, contact [email protected] with the subject line “Data Deletion Request”. We may ask for information to verify your identity before completing the request.

We aim to complete deletion requests within 30 days of verification, except where retention is required by law or necessary to establish, exercise, or defend legal claims.

13. Business Transfers

In a merger, acquisition, asset sale, financing, restructuring, or insolvency event, personal data may be transferred to a successor entity as part of the transaction. If such a transfer materially changes how data is used, we will provide a notice on the website.

14. California (CCPA / CPRA)

This section applies to California residents where the California Consumer Privacy Act (CCPA), as amended by the CPRA, is applicable.

In the past 12 months, we may have collected the following categories of personal information: identifiers (such as name, email, IP address, device identifiers), internet or other electronic network activity (such as browsing interactions), and inferences (such as interests inferred from site interactions) where marketing cookies are enabled.

We do not sell personal information as defined by CCPA. We may share personal information for cross-context behavioral advertising when you enable marketing cookies. California residents can opt out of such sharing via the cookie preferences panel accessible from the footer link “Manage cookie preferences”.

Subject to legal limitations, California residents may request to know, delete, or correct personal information, and may opt out of sale/sharing. To submit a request, email [email protected] with the subject “California Privacy Request”. We may need to verify your identity. Authorized agents must provide proof of authorization.

We will not discriminate against you for exercising your CCPA rights.

15. Virginia (VCDPA)

Where applicable, Virginia residents may have rights to access, correct, delete, and obtain a copy of personal data, and to opt out of targeted advertising. To submit a request, email [email protected] with the subject “Virginia Privacy Request”.

We do not sell personal data or engage in profiling that produces legal or similarly significant effects. If we deny a request, you may appeal by emailing the subject “Appeal of Refusal — Privacy Request”. We will respond to appeals within 60 days as required by law. If an appeal is denied, you may contact the Virginia Attorney General.

16. Nevada

Nevada residents may submit a verified opt-out request by emailing [email protected] with the subject “Nevada Do Not Sell Request”. We do not currently sell personal information under Nevada Revised Statutes Chapter 603A.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or the educational services we provide. Material changes will be announced via a site notice at least 14 days before taking effect when required. The “Last Updated” date at the top of this page indicates the most recent revision.

18. Contact

If you have questions about this Privacy Policy or how we handle personal data, contact:

Qadntriva Learning Ltd
Strašov 130
533 16 Strašov, Czech Republic

Email: [email protected]
Phone: +420 466 504 118