Privacy Policy
Our commitment to protecting your personal data and privacy rights
Last updated: August 20, 2025
Introduction and Data Protection Commitment
Fiscal Edge is committed to protecting your privacy and personal data. This privacy policy explains how we collect, use, and protect your information when you interact with our financial analysis education services.
We work with leading advertising platforms including Google, Facebook (Meta), and Microsoft to deliver relevant educational content and measure the effectiveness of our outreach efforts. This policy provides transparent information about these practices and your rights regarding your personal data.
As a Netherlands-based educational provider, we comply with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy laws to ensure your data is handled with the highest standards of protection.
Data Collection by Advertising Platforms
Google Services Data Collection
Google Analytics Data Points:
Page views, session duration, bounce rates, geographic location (country/region), device information, browser type, operating system, referring website, and user flow through our website.
Google Ads Information:
Conversion data from form submissions, remarketing audiences based on pages visited, interest categories derived from browsing behavior, and campaign interaction metrics.
Cross-Device Tracking:
When you're signed into Google services, your activity may be linked across devices to create unified user profiles for advertising purposes.
Data Retention: Google Analytics retains your data for 26 months by default. Advertising data may be stored for up to 2 years unless deleted sooner upon request.
Facebook/Meta Data Collection
Facebook Pixel Tracking:
Page visits, button clicks, form interactions, time spent on pages, scroll depth, and specific user actions like course inquiries and enrollment submissions.
Custom Audiences Creation:
Email matching with Facebook users, website visitor segments, engagement-based audiences, and lookalike audience development based on existing students.
Cross-Platform Integration:
Your website activity may be linked with your Facebook, Instagram, and WhatsApp activity to create comprehensive behavioral profiles for advertising targeting.
Data Retention: Facebook retains remarketing data for 180 days. Broader advertising data is retained according to Meta's data policy, typically for the duration of your Facebook account plus 90 days.
Microsoft/Bing Data Collection
Universal Event Tracking (UET):
Website visits, conversion events, goal completions, user actions, demographic information, and search query relationships when arriving from Bing search results.
Remarketing Lists:
Visitor segmentation based on pages viewed, courses of interest, engagement level, and behavioral patterns for targeted advertising delivery.
Microsoft Account Integration:
If you're signed into Microsoft services, your browsing data may be linked with Outlook, LinkedIn, and other Microsoft ecosystem data for enhanced targeting.
Data Retention: Microsoft retains advertising data for up to 390 days, with some data types subject to longer retention periods as outlined in their privacy policy.
How We Use Your Data
Purposes of Processing
- Service Delivery: Providing requested course information, enrollment processing, and educational content delivery
- Marketing Optimization: Improving advertising effectiveness, targeting relevant audiences, and measuring campaign performance
- Analytics and Insights: Understanding website usage, user preferences, and educational content effectiveness
- Security and Fraud Prevention: Protecting against unauthorized access, spam submissions, and malicious activities
- Legal Compliance: Meeting regulatory requirements, tax obligations, and legal record-keeping duties
Legal Basis for Processing
- Consent: For marketing cookies, advertising tracking, and promotional communications
- Legitimate Interest: For website analytics, security monitoring, and fraud prevention activities
- Contract Performance: For delivering requested educational services and processing enrollments
- Legal Obligation: For tax reporting, regulatory compliance, and legal record maintenance
- Vital Interests: For emergency situations requiring immediate contact or intervention
Marketing Activities and Communications
Educational Content Marketing:
Promoting relevant financial analysis courses, sharing educational resources, announcing new programs, and providing industry insights through various channels.
Remarketing Campaigns:
Displaying targeted advertisements to previous website visitors across Google, Facebook, and Microsoft advertising networks to maintain engagement and encourage enrollment.
Email Communications:
Course information responses, enrollment confirmations, educational newsletters, and promotional offers sent only to individuals who have provided consent or inquired about our services.
Data Sharing with Third Parties
Advertising Partners and Service Providers
Primary Partners:
- • Google LLC (Analytics, Ads, Tag Manager)
- • Meta Platforms Inc. (Facebook Pixel, Conversions API)
- • Microsoft Corporation (Bing Ads, Clarity Analytics)
- • Programmatic advertising networks
- • Retargeting and remarketing platforms
Service Providers:
- • Web hosting and cloud infrastructure
- • Email service and automation platforms
- • Payment processing and billing systems
- • Customer support and communication tools
- • Security monitoring and backup services
International Data Transfers
Transfer Safeguards:
When transferring data outside the European Economic Area, we ensure adequate protection through EU-US Data Privacy Framework participation, Standard Contractual Clauses (SCCs), and adequacy decisions.
Geographic Locations:
Your data may be processed in the United States, European Union, and other jurisdictions where our service providers operate, always with appropriate legal safeguards in place.
Data Localization:
We comply with local data residency requirements and maintain records of all international transfers as required by applicable privacy laws.
Categories of Data Shared
Behavioral and Technical:
- • Website browsing patterns and page views
- • Click-through rates and interaction metrics
- • Device information and browser specifications
- • IP address and approximate geographic location
- • Session duration and engagement levels
Conversion and Business:
- • Form submissions and course inquiries
- • Enrollment and registration activities
- • Communication preferences and opt-ins
- • Payment and transaction data (anonymized)
- • Customer service interactions and feedback
Your Rights and How to Exercise Them
GDPR Rights (EU/UK Residents)
Right to Access
Request a copy of all personal data we hold about you, including data processing purposes and recipient information.
Right to Rectification
Correct any inaccurate or incomplete personal data we have stored in our systems.
Right to Erasure
Request deletion of your personal data when processing is no longer necessary or consent is withdrawn.
Right to Restrict Processing
Limit how we use your personal data while maintaining it in our systems for specific purposes.
Right to Data Portability
Receive your data in a structured, machine-readable format for transfer to another service provider.
Right to Object
Opt-out of marketing, profiling, and direct marketing activities based on legitimate interests.
CCPA Rights (California Residents)
Right to Know
Learn what personal information is collected, how it's used, and which third parties receive it.
Right to Delete
Request deletion of personal information we have collected, subject to certain legal exceptions.
Right to Opt-Out
Prevent the sale or sharing of personal information for cross-context behavioral advertising.
Right to Non-Discrimination
Receive equal service and pricing regardless of whether you exercise your privacy rights.
Right to Correct
Request correction of inaccurate personal information maintained in our records.
Right to Limit Use
Restrict our use and disclosure of sensitive personal information to essential business purposes.
Platform-Specific Privacy Controls
Google My Ad Center
Control Google advertising preferences, view ad topics, and manage personalization settings
Facebook Privacy Center
Manage Facebook data collection, advertising preferences, and cross-platform tracking
Microsoft Privacy Dashboard
Access Microsoft privacy controls, data collection settings, and advertising preferences
How to Exercise Your Privacy Rights
Contact Methods:
Submit requests through our website contact form, use platform-specific privacy settings, or configure browser privacy controls. All requests are processed within 30 days.
Identity Verification:
We may request additional information to verify your identity before processing privacy rights requests to protect your personal data from unauthorized access.
Response Timeline:
Most requests are completed within 30 days. Complex requests may require up to 60 days with advance notification of any delays and reasons for extension.
Data Retention and Deletion
Data Retention Periods
| Data Category | Retention Period | Legal Basis |
|---|---|---|
| Course Inquiry Forms | 3 years from last interaction | Business relationship maintenance |
| Website Analytics Data | 26 months (Google Analytics) | Performance optimization |
| Marketing Communications | Until consent withdrawn or 2 years inactive | Consent-based marketing |
| Financial Records | 7 years from transaction | Tax and legal compliance |
| Security and Access Logs | 90 days from creation | Security monitoring |
Data Deletion Procedures
Automatic Deletion:
- • Scheduled deletion after retention periods expire
- • Automated anonymization of analytics data
- • Regular purging of temporary files and logs
- • Third-party platform data cleanup coordination
Manual Deletion:
- • On-request deletion for privacy rights exercises
- • Immediate removal upon consent withdrawal
- • Backup system purging (30-90 days)
- • Cross-platform deletion coordination
Exceptions to Deletion:
Data may be retained beyond standard periods for legal obligations, legitimate business purposes, security and fraud prevention, freedom of expression, public interest, or scientific research purposes, always in compliance with applicable law.
Data Security Measures
Technical Security Measures
- Encryption: SSL/TLS encryption for data in transit and AES encryption for sensitive data at rest
- Access Controls: Multi-factor authentication, role-based access, and principle of least privilege enforcement
- Monitoring: 24/7 security monitoring, intrusion detection systems, and automated threat response
- Infrastructure: Secure cloud hosting with regular security audits and vulnerability assessments
- Backup Security: Encrypted backups with secure storage and tested disaster recovery procedures
Organizational Security Measures
- Staff Training: Regular data protection training and security awareness programs for all team members
- Access Management: Strict access controls with need-to-know basis and regular access reviews
- Incident Response: Comprehensive breach response plan with notification procedures and remediation steps
- Vendor Management: Due diligence assessments and contractual security requirements for all service providers
- Compliance Monitoring: Regular policy reviews, compliance audits, and security posture assessments