Last updated: June 12, 2025

​

1. Scope

​

This Policy explains how Hebrewverse Ltd. collects, uses and protects personal information on its Site worldwide, including EU residents and children.

 

​​​

2. What We Collect

​​​​​​

​

​

​

​

​

 

 

 

​​​​​

​​

 

We do not use Google Analytics. Advertising features are disabled; IP addresses are anonymised.

 

 

3. Legal Bases

​

​

​

​

​

​

​

​

​​​​​

 

4. Parental Rights (COPPA & GDPR)

​

Parents can:

​

1. Review the child’s real name

2. Request account deletion

3. Withdraw parental consent

​

Requests honoured within 30 days via dashboard or privacy@hebrewverse.online.

​​

​

5. Third‑Party Processors

​

​

​

​

​

​

​​

​

​​

​

​

​​​

​​​​

Full, current sub‑processor lists are linked Wix list and Stripe list.

​

​

6. International Data-Transfers

​

Data may be stored on servers outside Canada, including the US and EU. We rely on contractual safeguards (SCCs) and cloud‑provider certifications (ISO 27001, SOC 2).

​

​

7. Security

​

• Encryption. Data in transit is protected by TLS 1.2 or higher. Stripe states that it encrypts sensitive data at rest using AES‑256, and Wix reports that it encrypts stored personal information with industry‑standard algorithms (AES‑256 or equivalent).

• Role‑based access; 2‑factor admin logins

​

​

8. Retention & Deletion

​

• Active accounts: retained while the parent consents.

• Inactive accounts: deleted after 3 months of inactivity. Back‑up snapshots held by our service providers are overwritten on rolling schedules. Wix reports a ≤ 30‑day snapshot window, while Stripe states it maintains encrypted back‑ups for up to 30 days (subject to change). We do not control the exact timing but deleted data should vanish from all back‑ups within roughly one month.

• Consent logs: kept 5 years (FTC standard). Billing records: kept for 7 years to satisfy tax laws.

​​

​

9. Marketing E‑mails (CASL)

​

Parents may receive welcome e‑mails, certificate links and occasional tip‑support notices. Every marketing e‑mail contains our mailing address and an unsubscribe link.

​​

 

10. Cookies & Tracking

​

​

​

​​

​

​

​​​​​​​​​​​​

 

 

 

 

​

​

​

​

​

​

​

11. Access & Correction

​​

Parents and users 16 years old and older may request access to, or correction of, their personal information by e‑mailing privacy@hebrewverse.online or by mail to Hebrewverse Ltd., P.O. Box  57094, RPO Jackson Square, Hamilton ON, L8P 4W9, Canada. We will respond within 30 days of receiving your written request. If more time is required, we may extend the deadline by up to an additional 30 days and will notify you of the reason for the extension within the original 30‑day window. 

​​

If you are a parent requesting deletion of your under‑16 child’s account, we will honour the request and purge active records as soon as possible and back‑up copies within the standard retention window.

​​

​

12. Notification by Data-Breach

​

We notify the Office of the Privacy Commissioner of Canada and affected parents within 72 hours of discovering any breach posing a real risk of significant harm.

​​

​

13. Changes to This Policy

​

We e‑mail registered parents and users 16 years old and older users 15 days before changes take effect. Continued use after that date constitutes acceptance.

​

​

2025 Hebrewverse Ltd.