Legal & Compliance

Privacy Policy

How freeEDU.fi collects, uses, and protects your personal data.

Last updated: June 1, 2025
Applies to all freeEDU.fi users
GDPR Compliant
Your privacy matters to us. freeEDU.fi ("we," "our," or "us") is committed to protecting your personal information. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights under applicable law — including the EU General Data Protection Regulation (GDPR) and Finnish data protection legislation. By using our platform, you agree to the practices described in this document.
01

Who We Are

freeEDU.fi is an educational technology platform headquartered in Finland, offering free AI education and globally recognized certificates. The data controller responsible for your personal data is:

OrganizationfreeEDU.fi
CountryFinland, European Union
Websitefreeedu.fi

02

Data We Collect

We collect personal data only to the extent necessary to provide our services. The categories of data we may collect include:

CategoryExamplesWhen Collected
Identity DataFull name, usernameRegistration / sign-up
Contact DataEmail addressRegistration, contact form
Account DataPassword (hashed), profile settingsAccount creation
Learning DataCourse progress, quiz scores, certificates earnedPlatform use
Usage DataPages visited, features used, time on platformAutomatic (analytics)
Technical DataIP address, browser type, device infoAutomatic (server logs)
Communication DataMessages sent to supportContact form / email
We do not collect sensitive personal data such as racial or ethnic origin, political opinions, health data, biometric data, or financial payment information.

03

How We Use Your Data

We use your personal data for the following purposes:

  • Providing the platform — Creating and managing your account, delivering course content, and issuing certificates.
  • Communication — Sending service notifications, course updates, and responding to support requests.
  • Platform improvement — Analyzing aggregated usage patterns to improve content quality and user experience.
  • Marketing (with consent) — Sending newsletters or promotional content about new courses, only where you have explicitly opted in.
  • Legal compliance — Fulfilling obligations under applicable Finnish and EU law.
04

Legal Basis for Processing

Under GDPR Article 6, we process your personal data on the following legal bases:

  • Contract performance (Art. 6(1)(b)) — Processing necessary to provide you with the services you have registered for.
  • Legitimate interests (Art. 6(1)(f)) — Improving platform performance, preventing fraud, and ensuring platform security.
  • Consent (Art. 6(1)(a)) — Marketing emails and optional analytics cookies. You may withdraw consent at any time.
  • Legal obligation (Art. 6(1)(c)) — Compliance with Finnish law and EU regulations.

05

Cookies & Tracking Technologies

We use cookies and similar technologies to operate and improve the platform. Cookies are small text files placed on your device.

TypePurposeConsent Required
EssentialLogin sessions, security, CSRF protectionNo — required for the site to function
AnalyticsUnderstand page usage and improve UXYes — opt-in
PreferencesLanguage and display settingsNo — functional
MarketingRetargeting and campaign measurementYes — opt-in

You can manage or withdraw cookie consent at any time via our Cookie Settings panel. For full details, see our Cookie Policy.


06

Data Sharing & Third Parties

We do not sell your personal data. We may share data with trusted third parties only where necessary:

  • Service providers — Cloud hosting, email delivery, and analytics providers operating under data processing agreements (DPAs) in compliance with GDPR.
  • Partner universities & institutions — For ECTS credit verification or certificate validation, only with your knowledge.
  • Legal authorities — Where required by law, court order, or regulatory obligation.
All third-party processors are contractually bound to handle your data securely and only for the purposes we specify.

We do not transfer personal data outside the European Economic Area (EEA) unless appropriate safeguards are in place (e.g., Standard Contractual Clauses).

07

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

  • Account data — Retained for the duration of your account plus 2 years after deletion, to comply with legal obligations.
  • Learning records & certificates — Retained indefinitely to allow verification of credentials, unless you request deletion.
  • Support communications — Retained for 3 years.
  • Server logs & technical data — Retained for up to 12 months.
  • Marketing data — Retained until you unsubscribe or withdraw consent.

Upon account deletion, we anonymize or erase your personal data within 30 days, subject to any legal retention requirements.


08

Your Rights

Under GDPR, you have the following rights regarding your personal data. You may exercise any of these by contacting us at [email protected].

  • Right of access (Art. 15) — Request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16) — Request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17) — Request deletion of your personal data ("right to be forgotten"), where legally permissible.
  • Right to restriction (Art. 18) — Request that we limit processing of your data in certain circumstances.
  • Right to data portability (Art. 20) — Receive your data in a structured, machine-readable format.
  • Right to object (Art. 21) — Object to processing based on legitimate interests, including direct marketing.
  • Right to withdraw consent — Where processing is based on consent, withdraw it at any time without affecting prior processing.
We will respond to all legitimate requests within 30 days. If you are unhappy with our response, you have the right to lodge a complaint with the Finnish Data Protection Ombudsman (tietosuoja.fi).

09

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encrypted data transmission via HTTPS/TLS
  • Hashed password storage (never stored in plain text)
  • Role-based access controls limiting staff access to personal data
  • Regular security reviews and vulnerability assessments
  • Data minimization principles applied throughout our systems

While we take security seriously, no online platform can guarantee absolute security. In the event of a data breach that poses a risk to your rights, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR.

10

Contact & Data Protection Officer

If you have any questions about this Privacy Policy, wish to exercise your rights, or have a concern about how we handle your data, please contact us:

General Inquiries[email protected]
Response TimeWithin 30 days

This Privacy Policy may be updated from time to time. When we make material changes, we will notify you by email or via a prominent notice on our platform. The "Last updated" date at the top of this page always reflects the most current version.

WELCOME BACK

Continue Your AI Journey

🌟

Welcome Back!

Fill in your credentials below to continue where you left off.

By logging in, you agree to our Terms of Service and Privacy Policy.

🌟

Create Your Account

Fill in your details below to get started for free.

By creating an account you agree to our Terms of Service and Privacy Policy.

Join the freeEDU Movement

Claim Your Free Scholarship

Welcome Back

Continue learning where you left off.

Your data is secure and encrypted.

freeEDU Scholarship

Sign up in under a minute and get full access to all AI courses.

100% free — no credit card, no hidden costs.