GDPR Compliance Policy

Last updated: April 29, 2025

1. Introduction

This GDPR Compliance Policy explains how AI Smart Learn Hub (“we”, “our”, or “us”) handles personal data of individuals in the European Economic Area (EEA) in accordance with the General Data Protection Regulation (EU 2016/679), commonly known as GDPR.

2. Data Controller Information

  • Company: AI Smart Learn Hub
  • Address: 172 Papineau Avenue, Montreal, Quebec, H2K 4J5, Canada
  • Email: contact@aismartlearnhub.com
  • Phone: +1 514-261-9037
  • Business Number (BN): 829374501RC0001

3. Lawful Basis for Processing

We process personal data only when there is a legal basis under GDPR, including:

  • Consent – When you explicitly opt in (e.g., cookie usage, newsletters)
  • Contractual necessity – To deliver courses, support, and payment processing
  • Legal obligation – Where required by Canadian or international law
  • Legitimate interest – For security, analytics, and service improvement

4. Your GDPR Rights

You have the following rights under the GDPR:

  • Right to access – You may request a copy of your personal data
  • Right to rectification – You may correct inaccurate or incomplete data
  • Right to erasure – Also known as the “right to be forgotten”
  • Right to restrict processing
  • Right to data portability
  • Right to object – Especially to marketing or profiling
  • Right to withdraw consent at any time (for consent-based processing)

5. Data Transfers Outside the EEA

As a Canadian company, we may transfer your data outside the EEA. These transfers are done in accordance with GDPR, using mechanisms such as Standard Contractual Clauses (SCCs) or transfers to countries deemed adequate by the European Commission (e.g., Canada).

6. Data Retention

We retain your personal data only as long as necessary to provide services, fulfill legal obligations, or for legitimate interests such as fraud prevention or security. You can request deletion at any time unless data is required for compliance.

7. Automated Decision-Making

We do not use personal data for automated decision-making or profiling that produces legal or significant effects on users.

8. Supervisory Authority Contact

If you are an EU/EEA resident and believe your data rights have been violated, you may contact your local Data Protection Authority. A list is available at edpb.europa.eu.

9. Contact for GDPR Requests

To exercise any of your rights under GDPR, please contact:

10. Updates to This Policy

We reserve the right to update this policy at any time. Significant changes will be posted on this page and, where applicable, notified via email.