Privacy Policy

Effective date: September 1, 2025
Entity: CoCreX LLC (“CoCreX,” “we,” “our,” “us”)
Scope: This policy explains how we collect, use, and share personal information when you use cocreu.comcocreu.com/moodle, and related subpages (the “Services”).

1. Information We Collect

You provide:

  • Account details (name, email, password).
  • Billing details (billing address; payment tokens via Stripe).
  • Course interactions (submissions, quiz responses, completion).
  • Communications (support emails, feedback forms).
  • Scheduling info (if you book with us via Calendly).

Collected automatically:

  • Device and usage data (IP address, browser, pages viewed, approximate location).
  • Cookies and similar technologies (see §8).

From third parties:

  • Payment confirmations from Stripe.
  • Email delivery events from Amazon SES (deliveries, bounces, complaints).
  • Learning platform events from Moodle (enrolment/completion metadata).
  • Scheduling metadata from Calendly.

We do not store full payment card numbers; Stripe processes them on our behalf.

2. How We Use Information

  • To provide, secure, and improve the Services (account provisioning, SSO to Moodle, enrolment, course delivery).
  • To process transactions and send transactional emails (receipts, access instructions, completion notices).
  • To provide support and respond to inquiries.
  • To operate live sessions (e.g., BigBlueButton) and manage event invites.
  • To analyze usage and performance (aggregate, de-identified analytics).
  • To send optional product updates or promotions (you can opt out at any time).

3. Legal Bases (EEA/UK where applicable)

  • Contractual necessity (to provide the Services you purchase).
  • Legitimate interests (security, improvement, limited analytics, optional B2B outreach).
  • Consent (where required for marketing emails or non-essential cookies).
  • Legal obligations (tax, accounting, compliance).

4. Sharing & Disclosure

We share information with service providers strictly to operate the Services—examples include:

  • Stripe (payments), Amazon SES (email), Moodle (learning), Edwiser (WP↔Moodle bridge), BigBlueButton(live sessions), Calendly (scheduling), WordPress/WooCommerce (store).
    These providers process data under agreements with us. We may also share information to comply with law, enforce our terms, or protect rights, safety, and security (see §10).

We do not sell personal information.

5. Data Retention

We retain personal data for as long as needed to provide the Services and for legitimate business or legal purposes (e.g., tax/accounting records). Typical retention:

  • Order/transaction records: 7 years (accounting).
  • Course records (enrolment/completion): for the life of your account or as required for certification verification.
  • Support correspondence: as long as needed to address your request.

6. Security

We implement administrative, technical, and physical safeguards (HTTPS, access controls, least-privilege, monitoring). No method of transmission or storage is 100% secure; you use the Services at your own risk.

7. International Transfers

Our servers and some providers may be located outside your country (including the United States). Where required, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) for cross-border transfers.

8. Cookies & Tracking

We use necessary cookies for authentication, SSO, and checkout. We may use optional analytics or performance cookies; you can manage preferences via your browser or any cookie banner we provide. Disabling cookies may impair functionality (e.g., checkout, SSO).

9. Your Choices

  • Account: You can update your profile or request deletion (subject to retention needs).
  • Marketing: You can unsubscribe via any marketing email footer; transactional emails will still be sent.
  • Do Not Track: We do not respond to DNT signals. Use browser settings or opt-out tools to manage cookies.

10. Your Rights (Jurisdiction-Specific)

Depending on your location, you may have rights to access, correct, delete, port, or restrict processing of your personal data, and to object to certain processing.

  • EEA/UK: You may also withdraw consent and lodge a complaint with your local authority.
  • California: You may have rights under the CCPA/CPRA (access, deletion, correction, opting out of certain processing). We do not sell personal information.

To exercise rights, email legal at cocrex.com. We may request verification.

11. Children’s Privacy

The Services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided data, contact legal at cocrex.com and we will take appropriate steps.

12. Third-Party Links

The Services may link to third-party sites (publishers, partners). We are not responsible for their content or privacy practices.

13. Changes to this Policy

We may update this Policy periodically. Changes take effect when posted with a revised “Effective date.” Your continued use indicates acceptance.

14. Contact

Privacy inquiries: legal at cocrex.com
Legal notices: legal at cocrex.com
Support: support at cocrex.com

...
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None