We are committed to processing all personal data lawfully, fairly, transparently, and in full compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Belgian data protection laws.

1. Who We Are (Data Controller)
Anna Empower Wealth School
We.Empower
Square Ambiorix 23
1000 Bruxelles
Kingdom of Belgium
VAT: BE0735696993
For all privacy-related matters, you may contact us at:
📧 [insert email]
📞 [insert phone number]
We act as the data controller, meaning we determine the purposes and means of processing your personal data.

2. Personal Data We Collect
We may collect and process the following categories of personal data:
2.1. Account and Contact Information
• Full name
• Email address
• Telephone number
• Country/City of residence
• Telegram username/User ID
• Login data/account access identifiers
2.2. Learning and Participation Data
• Quiz responses
• Program selections
• Course progress and completion records
• Notes, assignments, or forms you choose to submit
• Participation in webinars, mentorship sessions, or alumni groups
2.3. Communications
• Messages sent to our support team
• Emails and feedback
• Interactions through Telegram bots or channels
2.4. Payment and Billing Data
Handled securely by certified thirdparty providers (e.g., Stripe).
We do not store full credit card numbers on our servers.
2.5. Technical & Website Data
• IP address
• Device identifiers
• Cookies and tracking technologies
• Browser type, pages visited, session duration, and user behaviour analytics
A detailed explanation is provided in our separate Cookie Policy.

3. Purposes and Legal Bases of Processing
We process personal data strictly for legitimate purposes under the GDPR.
3.1. Service Delivery (GDPR Art. 6(1)(b))
To create and manage your account, grant course access, deliver training, issue certificates, and administer community participation.
3.2. Customer Support & Communication (GDPR Art. 6(1)(b)/(f))
To respond to inquiries, provide assistance, and maintain business-related communication.
3.3. Payments, Invoicing & Compliance (GDPR Art. 6(1)(c))
To process transactions, meet Belgian tax, bookkeeping, and consumer law obligations.
3.4. Security, Fraud Prevention & Platform Integrity (GDPR Art. 6(1)(f))
To ensure system reliability, prevent misuse, and secure our digital infrastructure.
3.5. Marketing with Consent (GDPR Art. 6(1)(a))
We send email newsletters, promotional messages, or educational updates only when you give explicit consent.
You may withdraw consent at any time.
3.6. Analytics & Website Optimization (GDPR Art. 6(1)(a)/(f))
Non-essential cookies and analytics are activated only with user consent.

4. Cookies and Tracking Technologies
We use:
• Strictly necessary cookies – required for website operation (no consent needed).
• Non-essential cookies (preferences, statistics, marketing) – require explicit prior consent.
A detailed list and user controls are available in our Cookie Policy and cookie banner.

5. Sharing of Personal Data
We may share personal data only with trusted thirdparty service providers under strict confidentiality and data protection agreements. These include:
5.1. Payment Processors
e.g., Stripe — for secure payment execution and fraud prevention.
5.2. Hosting & IT Infrastructure Providers
For website hosting, databases, cloud storage, and system reliability.
5.3. Communication & Community Platforms
e.g., Telegram — operating as an independent controller under its own privacy policy.
5.4. Curators, Mentors & Administrative Contractors
Engaged under confidentiality and data processing clauses.
5.5. Regulators & Legal Authorities
Only when required by applicable Belgian/EU law.
We do not sell personal data under any circumstances.

6. International Transfers
Certain service providers may process personal data outside the European Economic Area (EEA).
Where such transfers occur, we rely on appropriate safeguards, including:
• Standard Contractual Clauses (SCCs)
• Data Privacy Framework (DPF) (if applicable)
• Additional technical and organizational measures
We ensure that all data transfers comply with articles 44–49 GDPR.

7. Data Retention
We retain personal data only for as long as necessary for the purposes outlined above, including:
• Account & learning data: retained for the duration of your relationship with us and up to 3 years thereafter
• Financial & tax documentation: retained for legally required periods under Belgian law
• Cookies: retained according to their specific expiration periods (details in Cookie Policy)
After expiry, data is securely deleted or anonymised.

8. Your Rights Under GDPR
As a data subject, you have the following rights:
• Right of access
• Right to rectification
• Right to erasure (“right to be forgotten”)
• Right to restriction of processing
• Right to object to certain processing activities
• Right to data portability
• Right to withdraw consent at any time
You also have the right to lodge a complaint with the Belgian Data Protection Authority (APD/GBA):
https://www.dataprotectionauthority.be/

9. Security Measures
We apply industrystandard technical and organizational safeguards, including:
• Encryption of data in transit
• Access control and authentication
• Activity logging and monitoring
• Principle of least privilege
• Secure server environments
• Regular audits and updates
Despite our efforts, no online system can be guaranteed 100% secure.

10. Telegram Bots & Alumni Community
Participation in our Telegram bots, channels, or alumni groups is voluntary.
Important notes:
• Telegram acts as a separate, independent data controller.
• Your Telegram data is subject to Telegram’s own Privacy Policy.
• Our processing of your Telegram interactions is limited to: 
• verifying community access
• delivering quiz results
• providing educational communications
• managing membership
We do not collect any more Telegram data than necessary.

11. Updates to This Policy
We may amend this Privacy Policy from time to time to reflect legal updates or operational changes.
All updates will be posted on our website with the “Last Updated” date.
Material changes may be communicated directly to you.