Who We Are and What This Covers

Oymnex operates out of Tenerife, Spain, and we provide educational resources for people learning mobile game development. This policy applies when you visit our website, sign up for courses, or communicate with us through email or contact forms.

Under Spanish and EU law (specifically GDPR), we're required to tell you exactly what data we collect and why. We take that seriously, but we'll skip the corporate jargon where we can.

Information We Collect

Let's break this down by what actually happens when you use our site. Different interactions mean different data collection.

Information You Give Us Directly

When you fill out forms or email us, you're choosing to share:

• Your name and email address (required for course enrollment and communication)
• Phone number if you provide it (we don't require this for most things)
• Any project details, questions, or feedback you send through contact forms
• Payment information when enrolling in paid courses (processed through third-party payment processors, not stored on our servers)

Information We Collect Automatically

When you browse our website, standard web technology collects:

• IP address and general location data (city level, not your exact address)
• Browser type and device information
• Pages you visit and how long you spend on them
• Referral source (how you found us)

This happens through cookies and analytics tools. Most websites do this. You can block cookies through your browser settings, though some features might not work as smoothly.

Information From Third Parties

If you enroll through a partner platform or payment processor, they may share basic enrollment details with us. We don't buy data from data brokers or marketing lists. That's not our style.

How We Use Your Information

We use the data we collect for specific, practical purposes. Here's the honest breakdown:

Purpose	What We Do	Legal Basis (GDPR)
Course Delivery	Sending course materials, updates, and support responses	Contract performance
Communication	Responding to your questions, feedback, or support requests	Legitimate interest
Website Improvement	Analyzing how people use the site to make it better	Legitimate interest
Legal Compliance	Meeting tax, accounting, and regulatory requirements	Legal obligation
Marketing (Optional)	Sending updates about new courses or resources if you opt in	Consent

Your Rights Under GDPR

Because we operate in Spain and serve EU residents, you have specific rights under the General Data Protection Regulation. These aren't just theoretical—you can actually exercise them.

To exercise any of these rights, email us at support@oymnex.com with your request. Include enough detail so we can verify it's actually you (we won't fulfill data requests from random people claiming to be you).

Data Security and Storage

We store your data on secure servers with encryption and access controls. That's table stakes for any modern web service. But let's be realistic—no system is 100% secure.

What we do to protect your information:

• All data transmission uses SSL/TLS encryption (the lock icon in your browser)
• Access to student data is limited to staff who need it for their work
• We use reputable hosting providers with strong security practices
• Regular backups ensure we can recover data if something goes wrong
• Payment information is handled by PCI-compliant payment processors, not stored on our servers

How Long We Keep Your Data

We don't keep information forever. Here's our retention approach:

• Active students: Your course materials and progress data remain accessible throughout enrollment and for two years after completion
• Contact inquiries: Deleted after three years unless there's an ongoing relationship
• Financial records: Kept for seven years to comply with Spanish tax and accounting laws
• Marketing opt-ins: Maintained until you unsubscribe or after three years of inactivity
• Website analytics: Aggregated and anonymized after 26 months

If you request deletion, we'll remove your data earlier unless we're legally required to keep it (like financial transaction records).

Cookies and Tracking

Our website uses cookies. Most sites do. Here's what's actually happening:

Essential Cookies

These make the website function. They remember your login status and preferences. Without them, you'd have to re-authenticate every time you clicked a link. These aren't optional if you want to use the site properly.

Analytics Cookies

We use analytics tools to understand how people use the site. This helps us figure out what's confusing or broken. The data is aggregated and doesn't identify you personally. You can opt out through your browser settings or privacy extensions.

No Advertising Cookies

We don't use cookies for targeted advertising or tracking you across other websites. We're not in the ad business.

Third-Party Services

We work with external services to run our platform. When you interact with our site, some of your data may be processed by:

• Payment processors: For handling course enrollment payments securely
• Email service providers: For sending course materials and updates
• Hosting providers: Where our website and databases live
• Analytics platforms: For understanding site usage patterns

All third-party services we use are GDPR-compliant and have their own privacy policies. We don't share your data with these services unless it's necessary for providing the service you signed up for.

International Data Transfers

Our primary servers are located in the EU. Sometimes data passes through services with international infrastructure (like cloud platforms), which may involve transfers outside the EU.

When this happens, we ensure adequate safeguards are in place through:

• Standard Contractual Clauses approved by the European Commission
• Selecting providers with strong data protection commitments
• Contractual guarantees about data handling and security

If you're uncomfortable with this, contact us to discuss options. In some cases, we may be able to accommodate specific data residency requirements.

Children's Privacy

Our courses are designed for adults and people age 16 and older. We don't knowingly collect information from children under 16 without parental consent, as required by GDPR.

If you're under 16 and interested in our courses, have a parent or guardian contact us. We'll work with them to ensure proper consent and compliance with youth data protection requirements.

If we discover we've inadvertently collected data from someone under 16 without proper consent, we'll delete it promptly.

Changes to This Policy

We update this policy occasionally when our practices change or laws require it. When we make significant changes, we'll notify active students by email and post an updated version here with a new effective date.

Minor clarifications or formatting changes might not trigger a notification, but you can always check back here to see the current version. The effective date at the top tells you when it was last updated.

Complaints and Regulatory Contact

If you believe we're mishandling your data or violating GDPR, you can file a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos).

But honestly, try talking to us first. Most issues can be resolved faster through direct communication. We're responsive and we genuinely care about handling data properly.