Skip to main content

Privacy Policy

Version 1.0 | Last updated: January 4, 2026

DiscoverNow Ltd ("we", "us", or "our") operates the DNLearn learning management platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our services.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

The data controller for your personal data is:

DiscoverNow Ltd

Email: privacy@dnlearn.org

Website: https://dnlearn.org

If you access DNLearn through an educational institution (your university or organization), that institution may also be a data controller for certain data processing activities.

2. Personal Data We Collect

2.1 Account Information

  • Full name
  • Email address
  • Profile photo (optional)
  • University/institution name
  • Department
  • Academic level/year
  • Expected graduation date (optional)

2.2 Educational Records

  • Course enrollments
  • Grades and scores
  • Assignment submissions and content
  • Quiz attempts and responses
  • Discussion posts and comments
  • Attendance records
  • Learning progress and completion data

2.3 Communication Data

  • Messages sent through our chat system
  • File attachments in messages
  • Discussion forum posts

2.4 Technical Data

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Session data and login timestamps

2.5 Assessment Integrity Data (Proctored Quizzes)

When you take proctored assessments, we may collect additional data to ensure academic integrity:

  • Tab/window switching events
  • Browser focus loss events
  • Screen resolution
  • IP address changes during the assessment
  • Timestamps of suspicious activities

Note: You will be asked for explicit consent before taking any proctored assessment. You may decline, and alternative assessment arrangements may be available through your institution.

2.6 Billing Information (Organizations Only)

  • Organization billing contact name and email
  • Billing address
  • Tax identification numbers

4. How We Use Your Data

We use your personal data to:

  • Provide our services: Deliver courses, track progress, manage assessments, and enable communication
  • Maintain academic integrity: Monitor assessments for suspicious activity (with consent)
  • Improve our platform: Analyze usage patterns to enhance features and user experience
  • Communicate with you: Send important notifications about your courses, grades, and account
  • Ensure security: Detect and prevent fraud, unauthorized access, and abuse
  • Comply with legal obligations: Maintain records as required by education and tax laws

5. Data Sharing and Third Parties

5.1 Your Institution

If you access DNLearn through an educational institution, your institution's administrators and instructors may access your data as necessary for educational purposes.

5.2 Service Providers

We use trusted third-party service providers to operate our platform:

ProviderPurposeLocation
HetznerInfrastructure hostingGermany (EU)
NeonDatabase hostingEU/US
AWS S3File storageEU
ResendEmail deliveryUSA
ZoomVideo conferencingUSA

All service providers are bound by Data Processing Agreements (DPAs) that require them to protect your data in accordance with GDPR requirements.

5.3 Legal Requirements

We may disclose your data if required by law, court order, or to protect our legal rights.

6. International Data Transfers

Our primary infrastructure is located in the European Union (Germany). However, some service providers may process data in the United States.

For transfers to the US, we ensure adequate protection through:

  • EU-US Data Privacy Framework certification where applicable
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Additional technical and organizational measures

7. Data Retention

We retain your personal data only for as long as necessary:

Data TypeRetention Period
Active account dataDuration of service + 30 days
Inactive accounts2 years after last login
Academic records (grades)7 years after course completion
Assignment submissions3 years after course end
Messages3 years or until deletion request
Proctoring data1 year after assessment
Session/login data30 days
Billing records7 years (legal requirement)

8. Your Rights

Under GDPR, you have the following rights:

8.1 Right to Access (Article 15)

You can request a copy of all personal data we hold about you. Use the "Download My Data" feature in your account settings, or contact us.

8.2 Right to Rectification (Article 16)

You can update your personal information through your profile settings, or contact us for data that cannot be directly edited.

8.3 Right to Erasure (Article 17)

You can request deletion of your account and personal data. Note that some data may be retained where we have legal obligations or legitimate grounds.

8.4 Right to Restrict Processing (Article 18)

You can request that we limit how we use your data in certain circumstances.

8.5 Right to Data Portability (Article 20)

You can request your data in a machine-readable format (JSON) for transfer to another service.

8.6 Right to Object (Article 21)

You can object to processing based on legitimate interests, including profiling.

8.7 Automated Decision-Making (Article 22)

Our quiz integrity scoring uses automated processing. You have the right to request human review of any decisions that significantly affect you.

Exercising Your Rights

To exercise any of these rights, use the Privacy Center in your account settings or email us at privacy@dnlearn.org. We will respond within 30 days.

Right to Lodge a Complaint

If you believe we have not handled your data properly, you have the right to lodge a complaint with a supervisory authority in the EU member state where you reside, work, or where the alleged infringement occurred.

9. Cookies and Tracking

9.1 Essential Cookies

We use essential cookies that are necessary for the platform to function:

  • Session cookie (aiuta.session): Maintains your login session

These cookies cannot be disabled as they are required for the service to work.

9.2 Analytics Cookies

We may use analytics cookies to understand how users interact with our platform. These are only set with your explicit consent.

9.3 Managing Cookies

You can manage cookie preferences through the cookie consent banner or your browser settings. Note that disabling essential cookies will prevent you from using the platform.

10. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit: All data is transmitted over HTTPS/TLS
  • Encryption at rest: Sensitive credentials are encrypted using AES-256-GCM
  • Access controls: Role-based access with principle of least privilege
  • Audit logging: All significant actions are logged for security monitoring
  • Infrastructure security: Hosted on ISO 27001-certified infrastructure
  • Regular security reviews: We conduct periodic security assessments

11. Children's Privacy

DNLearn is designed for use by educational institutions. We do not knowingly collect personal data from children under 16 without parental or institutional consent.

If you believe we have collected data from a child without appropriate consent, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting a notice on our platform
  • Sending an email to your registered address
  • Updating the "Last Updated" date at the top of this policy

Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Us

For privacy-related questions or to exercise your rights, contact us:

Email: privacy@dnlearn.org

Subject: Privacy Request - [Your Request Type]

Response time: Within 30 days

Privacy Policy | DNLearn