RAPKAT

Privacy Policy

Last Updated: January 28, 2026

1. Information We Collect

We collect information that you provide directly to us, including:

  • Name and contact information (email address, phone number)
  • Information about your interest in our programs
  • Any additional information you choose to provide in forms or communications

2. How We Use Your Information

We use the information we collect to:

  • Respond to your inquiries and provide information about our programs
  • Send you updates and communications about our services (with your consent)
  • Improve our services and user experience
  • Comply with legal obligations

3. Information Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your information only:

  • With your explicit consent
  • To comply with legal obligations or respond to legal requests
  • To protect our rights, privacy, safety, or property

4. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

5. Your Privacy Rights by Region

GDPR Rights (European Union/UK)

If you are located in the EU or UK, you have the following rights:

  • Right of Access: Request access to your personal data and receive a copy
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data under certain circumstances
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Object to processing of your personal data, including for direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

CCPA Rights (California Residents)

If you are a California resident, you have the following rights:

  • Right to Know: Request disclosure of categories and specific pieces of personal information collected, used, and shared
  • Right to Delete: Request deletion of personal information we have collected (subject to exceptions)
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Exercise your rights without discrimination
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Limit Use: Request limitation of use of sensitive personal information

Other Regional Rights

  • Canada (PIPEDA): Right to access, correct, and challenge compliance; right to file complaints with Privacy Commissioner
  • Brazil (LGPD): Rights to confirmation, access, correction, anonymization, portability, deletion, information, and revocation of consent
  • Australia (Privacy Act): Rights to access, correction, and complaint to Office of the Australian Information Commissioner
  • Other Jurisdictions: We respect applicable privacy rights in all jurisdictions where we operate

To exercise any of these rights, please contact us. We will respond to your request within the timeframes required by applicable law (typically 30-45 days).

6. Cookies and Tracking

We may use cookies and similar tracking technologies to enhance your experience on our website. You can control cookie preferences through your browser settings.

7. Children's Privacy (COPPA Compliance)

Our services are designed for educational purposes and may collect information from parents and guardians on behalf of children. We are committed to compliance with the Children's Online Privacy Protection Act (COPPA).

  • Parental Consent: We require verifiable parental consent before collecting, using, or disclosing personal information from children under 13 years of age.
  • Parental Rights: Parents have the right to review, delete, and refuse further collection of their child's personal information at any time.
  • Limited Collection: We only collect information from children that is reasonably necessary for the educational services requested.
  • No Disclosure: We do not sell, rent, or otherwise disclose personal information collected from children to third parties without verifiable parental consent, except as required by law.
  • Contact: If you believe we have collected information from a child under 13 without proper consent, please contact us immediately.

8. Educational Records (FERPA Compliance)

RAPKAT complies with the Family Educational Rights and Privacy Act (FERPA), which protects the privacy of student educational records.

  • Educational Records: Information collected through our interest forms and program inquiries may constitute educational records under FERPA when associated with a student.
  • Parental Access: Parents have the right to access their child's educational records maintained by RAPKAT.
  • Directory Information: We do not disclose directory information without prior written consent, except as permitted by FERPA.
  • Record Amendment: Parents may request amendment of educational records they believe are inaccurate or misleading.
  • Consent for Disclosure: We obtain written consent before disclosing personally identifiable information from educational records, except as permitted by FERPA.
  • FERPA Complaints: Parents have the right to file complaints with the U.S. Department of Education regarding alleged FERPA violations.

9. Email Collection and Marketing Communications

When you provide your email address through our forms, you consent to receive communications from RAPKAT. We are committed to responsible email practices.

  • Consent-Based: We only send marketing emails to individuals who have provided explicit consent through our forms.
  • Opt-Out Rights: You may unsubscribe from marketing communications at any time using the unsubscribe link in our emails or by contacting us directly.
  • Transactional Emails: We may send necessary transactional emails (e.g., program updates, service notifications) even if you have opted out of marketing communications.
  • CAN-SPAM Compliance: Our email practices comply with the CAN-SPAM Act, including accurate sender information and clear opt-out mechanisms.
  • CASL Compliance: For Canadian recipients, we comply with Canada's Anti-Spam Legislation (CASL) and obtain express consent before sending commercial electronic messages.
  • GDPR Email Rights: EU residents have the right to object to processing of their email for marketing purposes at any time.

10. International Data Transfers and Global Compliance

Your information may be transferred to and processed in countries other than your country of residence. We implement appropriate safeguards to protect your data globally.

  • GDPR (European Union): We comply with GDPR requirements for EU residents, including lawful basis for processing, data minimization, and cross-border transfer safeguards.
  • UK GDPR: We comply with UK data protection laws post-Brexit, ensuring equivalent protections for UK residents.
  • CCPA (California): California residents have specific rights under the California Consumer Privacy Act, including the right to know, delete, and opt-out of sale of personal information.
  • PIPEDA (Canada): We comply with Canada's Personal Information Protection and Electronic Documents Act for Canadian residents.
  • LGPD (Brazil): We respect the rights of Brazilian residents under the Lei Geral de Proteção de Dados.
  • Privacy Shield: Where applicable, we rely on appropriate transfer mechanisms including Standard Contractual Clauses (SCCs) for international data transfers.
  • Data Localization: We respect data localization requirements in jurisdictions that mandate data storage within specific geographic boundaries.

11. Data Retention and Deletion

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Email Subscriptions: We retain email addresses for as long as you remain subscribed or until you request deletion
  • Interest Forms: We retain form submissions for up to 3 years from the date of submission, or until you request deletion
  • Legal Requirements: We may retain certain information longer if required by law, regulation, or legal process
  • Educational Records: Educational records are retained in accordance with FERPA requirements and applicable state laws
  • Deletion Requests: Upon request, we will delete your personal information unless we have a legal obligation to retain it

12. Data Breach Notification

In the event of a data breach that may affect your personal information, we will:

  • Notify affected individuals without undue delay, as required by applicable law (typically within 72 hours under GDPR)
  • Notify relevant supervisory authorities within required timeframes
  • Provide clear information about the nature of the breach, likely consequences, and measures taken
  • For educational records, comply with FERPA breach notification requirements
  • For children's data, notify parents as required by COPPA

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will:

  • Post the updated Privacy Policy on this page with an updated "Last Updated" date
  • Notify you of material changes via email (if you have provided your email address) or prominent notice on our website
  • Obtain your consent for material changes where required by applicable law
  • Allow you to review changes before they take effect for significant modifications

Your continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy, unless withdrawal of consent is required by law.

10. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us.

14. Comprehensive Legal Compliance

This Privacy Policy and our data practices are designed to comply with applicable data protection and privacy laws worldwide, including but not limited to:

United States

  • FERPA (Family Educational Rights and Privacy Act): Protection of student educational records
  • COPPA (Children's Online Privacy Protection Act): Protection of children's online privacy
  • CCPA (California Consumer Privacy Act): California resident privacy rights
  • CPRA (California Privacy Rights Act): Enhanced California privacy protections
  • VCDPA (Virginia Consumer Data Protection Act): Virginia resident privacy rights
  • CPA (Colorado Privacy Act): Colorado resident privacy rights
  • CTDPA (Connecticut Data Privacy Act): Connecticut resident privacy rights
  • CAN-SPAM Act: Commercial email regulations
  • State Student Privacy Laws: Various state-specific student data protection laws

European Union & United Kingdom

  • GDPR (General Data Protection Regulation): EU-wide data protection regulation
  • UK GDPR: UK data protection law post-Brexit
  • ePrivacy Directive: EU electronic communications privacy

Other Global Regulations

  • PIPEDA (Canada): Personal Information Protection and Electronic Documents Act
  • LGPD (Brazil): Lei Geral de Proteção de Dados
  • Privacy Act (Australia): Australian Privacy Principles
  • PDPA (Singapore): Personal Data Protection Act
  • PDPA (Thailand): Personal Data Protection Act
  • POPIA (South Africa): Protection of Personal Information Act
  • CASL (Canada): Canada's Anti-Spam Legislation
  • Other Applicable Laws: We comply with data protection laws in all jurisdictions where we operate or collect data

We regularly review and update our practices to ensure ongoing compliance with evolving privacy laws and regulations worldwide.