Call Now

+92 312 0490601

Effective Date: 10 – Feb 2026

iTechNets (“we”, “us”, “our”) operates the website itechnets.com and associated mobile applications, online platforms, and services (collectively, the “Services”) providing IT certification training courses, including but not limited to CCNA, Microsoft Azure, AWS, DevOps, CISSP, CISM, Fortinet, and related hands-on labs and resources. We are committed to safeguarding your privacy and processing Personal Identifiable Information (PII) and other personal data responsibly in accordance with applicable laws, including:

  • Pakistan’s data protection framework (e.g., principles under the Prevention of Electronic Crimes Act and emerging data protection legislation).
  • The EU General Data Protection Regulation (GDPR) and UK GDPR for users in the European Economic Area (EEA) and United Kingdom.
  • The California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) for California residents.
  • Other relevant consumer privacy laws in jurisdictions where our users reside.

This Privacy Policy describes how we collect, use, disclose, store, protect, and enable access to your personal data when you visit our website, create an account, enroll in courses, participate in live sessions, submit inquiries, or otherwise interact with our Services.

1. Information We Collect

We collect various categories of personal data to provide and improve our Services.

1.1 Information You Provide Directly

  • Account registration: Full name, email address, phone number (optional), country/region, username, password.
  • Enrollment and profile: Billing address, job title, professional background, certification goals (voluntary).
  • Communications: Messages to support, forum posts, feedback, live chat transcripts.
  • Payment-related: We do not collect or store full credit/debit card details. These are processed exclusively by third-party gateways (e.g., Stripe, PayPal, JazzCash, or others). We receive transaction IDs, amounts, and limited confirmation data.
  • Special categories (if provided): Accessibility needs or health-related accommodations for course adjustments (processed only with explicit consent).

1.2 Automatically Collected Information

  • Device and technical: IP address, browser type/version, operating system, device identifiers, referral source, pages visited, time spent, clickstream data.
  • Usage: Course progress, video watch time, quiz scores, certificate issuance, login timestamps.
  • Cookies and similar technologies: Essential cookies for site functionality, analytics cookies (e.g., Google Analytics), marketing cookies (with consent where required). See our separate Cookie Policy.

1.3 Information from Third Parties

  • Payment processors: Confirmation of successful transactions.
  • Social logins (if implemented): Basic profile data from Google, LinkedIn, etc.
  • Analytics partners: Aggregated insights on user behavior.

2. How We Use Your Personal Data (Purposes and Legal Bases)

We process personal data for the following purposes, with legal bases under GDPR/UK GDPR (and equivalents):

  • Performance of contract: Providing course access, delivering content, issuing certificates, processing enrollments/payments.
  • Legitimate interests: Improving Services, fraud prevention, security, analytics, direct marketing (non-sensitive, opt-out available).
  • Consent: Marketing emails/newsletters, non-essential cookies, special category data.
  • Legal obligations: Tax/compliance reporting, responding to legal requests.  

Specific uses include account management, personalized recommendations, support, course analytics, certificate verification, and aggregated research (anonymized).

3. Data Protection and Security Measures

We implement appropriate technical and organizational measures, including:

  • Encryption (TLS 1.3 for transit, AES-256 at rest where applicable).
  • Access controls (role-based, multi-factor authentication for admin).
  • Regular security audits, vulnerability scanning.
  • Data minimization and pseudonymization where feasible.
  • Breach notification protocols (within 72 hours to supervisory authorities under GDPR if high risk, to affected users as required). No system is 100% secure. We cannot guarantee absolute security but commit to industry standards.

4. Third-Party Sharing and International Transfers

We share data only as necessary:  

  • Service providers: Cloud hosting (e.g., AWS, Google Cloud), email (e.g., SendGrid), analytics (Google Analytics), payment processors. All are bound by data processing agreements (DPAs) with GDPR-standard clauses.
  • Legal requirements: Courts, regulators, law enforcement in Pakistan or elsewhere.
  • Business transfers: In mergers/acquisitions (with notice where feasible).  

We do not sell personal data (no “sale” under CCPA/CPRA).

International transfers: As a Pakistan-based company, data may transfer outside EEA/UK (e.g., to US-based providers). For GDPR/UK GDPR compliance:

  • Adequacy decisions where available.
  • Standard Contractual Clauses (SCCs 2021) or UK International Data Transfer Addendum.
  • Supplementary measures (e.g., encryption, pseudonymization).  

CCPA users: Categories disclosed for business purposes (e.g., analytics providers) in past 12 months include identifiers, commercial info, internet activity.

5. Data Retention

We retain data as long as necessary for purposes:  

  • Active accounts: Duration of relationship plus reasonable period post-termination.
  • Inactive accounts: Data retained up to 6 months after last activity (login/enrollment). After 6 months of no activity, upon your request, we will erase personal data (subject to backups/legal holds). Automatic deletion may apply where not legally required to retain.
  • Legal/tax: 7 years or as mandated.
  • Anonymized data: Indefinitely for analytics.

6. Your Privacy Rights  

Depending on jurisdiction:  

  • All users: Access, correction, deletion requests via support@itechnets.com. 
  • GDPR/UK GDPR: Right to be informed, access, rectification, erasure (“right to be forgotten”), restriction, portability, object, withdraw consent, no automated decisions with legal effect.
  • CCPA/CPRA: Right to know (categories/sources/collected/sold/shared), delete, correct, opt-out of sales/sharing (we do not sell/share for cross-context behavioral ads), limit sensitive data use, non-discrimination. Submit via email and verify identity.
  • Response time: 1 month (GDPR), 45 days (CCPA), extendable. No fee unless manifestly unfounded/excessive.

To exercise rights: Email support@itechnets.com with proof of identity.

7. Children’s Privacy  

Services are not directed at children under 18 (or 16 or younger in some jurisdictions). We do not knowingly collect data from children. If discovered, we delete promptly.

8. Cookies and Tracking Technologies

Essential cookies support functionality. Others require consent (banner). Manage preferences and use opt-out links for analytics.

9. Changes to This Policy

We may update this policy. Material changes will be notified via email or site banner. Continued use constitutes acceptance.

10. Contact Us

Data Protection Officer (if designated): (Insert if applicable)  

Email: support@itechnets.com  

Address: (Insert Lahore, Pakistan registered address)