Privacy Policy

Valorys.co and associated platforms

Last updated: January 2026

1. INTRODUCTION

This Privacy Policy (hereinafter "Policy" or "Notice") describes how TEMA Digital LLC, a company with registered office in Sharjah Media City, Sharjah, United Arab Emirates (hereinafter "Company", "We", "Our", "Valorys", "Data Controller"), collects, uses, stores, protects, and shares personal information of users (hereinafter "User", "You", "Your") who access or use the website valorys.co and any other website, subdomain, landing page, sales funnel, platform, application, or related service (collectively "Sites" or "Services").

This Policy applies to all information collected through our Sites, Services, applications, platforms, emails, communications, and any other channel through which the User interacts with Valorys.

BY ACCESSING OR USING OUR SERVICES, THE USER DECLARES TO HAVE READ, UNDERSTOOD, AND ACCEPTED THIS PRIVACY POLICY. IF THE USER DOES NOT ACCEPT THIS POLICY, THEY ARE KINDLY REQUESTED NOT TO ACCESS OR USE OUR SERVICES.

This Policy should be read in conjunction with our Terms and Conditions and Cookie Policy, available on our Site.

2. DATA CONTROLLER

Data Controller: TEMA Digital LLC

Registered Office: Sharjah Media City, Sharjah, United Arab Emirates

Website: www.valorys.co

Privacy Email: support@valorys.co

For any questions, requests, or complaints regarding the processing of personal data, the User may contact the Data Controller at the addresses indicated above.

3. DEFINITIONS

3.1 "Personal Data": any information concerning an identified or identifiable natural person, directly or indirectly, including but not limited to: name, surname, email address, IP address, device identifiers, location data, online identifiers, and any other data that can be used to identify a person.

3.2 "Processing": any operation or set of operations performed on Personal Data, with or without the aid of automated processes, such as collection, recording, organization, structuring, storage, adaptation, modification, extraction, consultation, use, communication, dissemination, deletion, or destruction.

3.3 "Data Subject": the natural person to whom the Personal Data relates.

3.4 "Data Processor": the natural or legal person who processes Personal Data on behalf of the Data Controller.

3.5 "Cookies": small text files stored on the User's device when visiting a website.

3.6 "Tracking Tools": any technology (Cookies, pixels, beacons, tags, scripts, unique identifiers) that allows tracking Users by collecting or storing information on their device.

3.7 "Usage Data": information collected automatically through the Services, including IP addresses, browser type, operating system, pages visited, time spent, actions performed, and other diagnostic data.

4. TYPES OF DATA COLLECTED

4.1 Data Provided Directly by the User

We collect Personal Data that the User voluntarily provides to us, including:

  • (a) Identification data: name, surname, date of birth, country of residence;
  • (b) Contact data: email address, phone number, postal address;
  • (c) Account data: username, password (in encrypted form), account preferences;
  • (d) Financial data: payment information (processed through secure third-party payment processors), purchase history;
  • (e) Communication data: email content, support messages, feedback, survey responses;
  • (f) Form data: information entered in contact forms, registration forms, surveys, quizzes, and sales funnels;
  • (g) User-generated content: comments, posts, content shared in communities or forums.

4.2 Data Collected Automatically

When the User accesses or uses our Services, we automatically collect certain information:

  • (a) Device data: device type, operating system, unique device identifiers, browser used, language, screen resolution;
  • (b) Connection data: IP address, Internet Service Provider (ISP), connection type;
  • (c) Browsing data: pages visited, time spent on each page, navigation path, entry and exit pages, links clicked;
  • (d) Interaction data: actions performed on the Sites, clicks, scrolls, interactions with page elements, videos viewed;
  • (e) Location data: approximate geographic location based on IP address;
  • (f) Temporal data: date and time of access, session duration, visit frequency;
  • (g) Referral data: website or source from which the User arrived, advertising campaigns of origin.

4.3 Data Collected from Third Parties

We may receive information about the User from third-party sources, including:

  • (a) Advertising and marketing partners;
  • (b) Social media platforms (when the User interacts with our content);
  • (c) Analytics service providers;
  • (d) Publicly available sources.

5. PURPOSES OF PROCESSING

The User's Personal Data is collected and processed for the following purposes:

5.1 Service Provision

  • (a) Create and manage the User's account;
  • (b) Provide access to courses, educational content, and Platform;
  • (c) Process orders and transactions;
  • (d) Provide customer support and respond to requests;
  • (e) Personalize user experience.

5.2 Communications

  • (a) Send service-related communications (order confirmations, account updates, security notifications);
  • (b) Send marketing and promotional communications (with consent);
  • (c) Send newsletters and educational updates (with consent).

5.3 Analysis and Improvement

  • (a) Analyze Service usage to improve them;
  • (b) Understand User preferences and behaviors;
  • (c) Develop new features and content;
  • (d) Conduct research and aggregate statistical analysis.

5.4 Marketing and Advertising

  • (a) Display personalized advertising on our Sites and on third-party platforms;
  • (b) Measure advertising campaign effectiveness;
  • (c) Create lookalike audiences for advertising purposes.

5.5 Security and Compliance

  • (a) Protect Service security and prevent fraud;
  • (b) Verify User identity when necessary;
  • (c) Comply with legal and regulatory obligations;
  • (d) Respond to requests from competent authorities.

6. LEGAL BASIS FOR PROCESSING

The processing of Personal Data is based on the following legal bases:

6.1 Contract performance: processing is necessary for the performance of a contract to which the User is party or for the execution of pre-contractual measures adopted at the User's request.

6.2 Consent: the User has given consent to the processing of their Personal Data for one or more specific purposes (e.g., marketing, newsletters).

6.3 Legitimate interest: processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the User.

6.4 Legal obligation: processing is necessary for compliance with a legal obligation to which the Controller is subject.

7. TRACKING TOOLS AND TECHNOLOGIES USED

We use various tracking tools and technologies to collect and analyze information about the use of our Services. Below is a detailed description:

7.1 Google Analytics 4

Provider: Google LLC (USA)

Purpose: Statistical analysis of site usage, performance measurement, understanding user behavior.

Data collected: Usage data, navigation data, device data, IP address (anonymized), session statistics, number of users, events and conversions.

Provider's Privacy Policy: https://policies.google.com/privacy

7.2 Amplitude

Provider: Amplitude, Inc. (USA)

Purpose: User behavior analysis, product analytics, engagement measurement, cohort analysis.

Data collected: Usage data, events, user actions, user properties, device data, sessions.

Provider's Privacy Policy: https://amplitude.com/privacy

7.3 Meta Pixel (Facebook Pixel)

Provider: Meta Platforms, Inc. (USA)

Purpose: Conversion tracking, audience creation for advertising, remarketing, advertising campaign optimization on Facebook, Instagram, and Meta Audience Network.

Data collected: Usage data, events, conversions, device data, aggregate demographic information.

Provider's Privacy Policy: https://www.facebook.com/privacy/policy/

7.4 Google Ads (Google Advertising)

Provider: Google LLC (USA)

Purpose: Conversion tracking, remarketing, advertising campaign optimization on Google Search, Display Network, and YouTube.

Data collected: Usage data, conversions, device data, ad interactions.

Provider's Privacy Policy: https://policies.google.com/privacy

7.5 X (Twitter) Pixel

Provider: X Corp. (USA)

Purpose: Conversion tracking, remarketing, advertising campaign optimization on X (Twitter).

Data collected: Usage data, conversions, device data.

Provider's Privacy Policy: https://twitter.com/privacy

7.6 Native Advertising Platforms

We use pixels and tracking tools from various native advertising platforms (including but not limited to Taboola, Outbrain, and other similar platforms) to:

  • (a) Monitor conversions from native advertising campaigns;
  • (b) Optimize campaign performance;
  • (c) Create audiences for remarketing.

7.7 Other Advertising Platforms

We may use pixels and tracking tools from other advertising platforms (including but not limited to LinkedIn Ads, TikTok Ads, Pinterest Ads, Snapchat Ads, Microsoft Advertising/Bing Ads) for purposes similar to those described above. For detailed information on each platform, the User is invited to consult the respective privacy policies.

8. TECHNOLOGICAL INFRASTRUCTURE AND SERVICE PROVIDERS

8.1 Platform and Hosting

Our Platform is built using modern technologies and reliable hosting services. In particular, we use:

8.1.1 Lovable/Supabase

Provider: Supabase, Inc. (USA)

Purpose: Database, user authentication, storage, backend functions, real-time subscriptions.

Data processed: Account data, authentication data, data stored by the User in the Platform, system logs.

Provider's Privacy Policy: https://supabase.com/privacy

8.2 Other Service Providers

We may use other service providers for:

  • (a) Hosting and Content Delivery Network (CDN);
  • (b) Email services (transactional and marketing email delivery);
  • (c) Payment processing (Stripe, PayPal, or other processors);
  • (d) Customer support services;
  • (e) Video hosting and streaming services;
  • (f) Security and anti-fraud protection services.

9. SHARING OF PERSONAL DATA

9.1 Non-Sharing Principle

WE DO NOT SELL, RENT, TRADE, OR DISCLOSE USERS' PERSONAL DATA TO THIRD PARTIES FOR SUCH THIRD PARTIES' OWN COMMERCIAL PURPOSES.

The protection of Users' Personal Data is a fundamental priority for us. We are committed to not sharing, selling, or transferring Personal Data to third parties for direct marketing purposes of such third parties or for any other purpose not strictly connected to the provision of our Services.

9.2 Limited and Necessary Sharing

Personal Data may be shared exclusively in the following limited circumstances:

  • (a) Service providers: with our service providers (Data Processors) who process data exclusively on our behalf and according to our instructions, for the purposes described in this Policy (e.g., hosting, analytics, email, payments). These providers are contractually obligated to protect the data and not use it for their own purposes.
  • (b) Legal obligations: when required by law, a court order, a governmental authority, or to protect our legal rights.
  • (c) Protection and security: to protect the security of our Services, our Users, or the public, to prevent fraud or illegal activities.
  • (d) Business transactions: in case of merger, acquisition, reorganization, or sale of assets, Personal Data may be transferred as part of the transaction, subject to notice to Users.
  • (e) User consent: with the explicit consent of the User for specific purposes.

9.3 Third-Party Tools

The third-party analytics and advertising tools described in Section 7 (Google Analytics, Amplitude, Meta Pixel, etc.) collect data directly through their tracking tools. These providers process data according to their own privacy policies. We invite the User to consult the respective privacy notices to understand how such third parties process the collected data.

10. INTERNATIONAL DATA TRANSFER

The User's Personal Data may be transferred to and processed in countries other than the User's country of residence, including countries that may not guarantee the same level of data protection as the User's country of residence.

In particular, data may be transferred to:

  • (a) United Arab Emirates (where the Company is headquartered);
  • (b) United States of America (where many of our service providers are headquartered);
  • (c) Other countries where our service providers operate.

When we transfer data outside the European Economic Area (EEA) or the United Kingdom, we take appropriate measures to ensure that the data is adequately protected, including:

  • (a) Standard contractual clauses approved by the European Commission;
  • (b) Adequacy decisions by the European Commission;
  • (c) Other appropriate safeguards provided for by applicable regulations.

11. DATA RETENTION

Personal Data is retained for the time strictly necessary to achieve the purposes for which it was collected, and in any case within the limits provided by applicable regulations.

In general:

  • (a) Account-related data is retained for the duration of the contractual relationship and for the subsequent period required by law;
  • (b) Transaction-related data is retained for the period required by tax and accounting regulations (generally 10 years);
  • (c) Data collected for marketing purposes is retained until consent is withdrawn or deletion is requested;
  • (d) Browsing data and logs are generally retained for limited periods (from 30 days to 24 months, depending on the purpose);
  • (e) Data may be retained longer if necessary to assert or defend legal rights.

At the end of the retention period, Personal Data will be deleted or irreversibly anonymized.

12. DATA SECURITY

We adopt appropriate technical and organizational security measures to protect Personal Data from unauthorized access, loss, destruction, alteration, or disclosure. These measures include:

  • (a) Encryption of data in transit (HTTPS/TLS);
  • (b) Encryption of sensitive data at rest;
  • (c) Role-based access controls;
  • (d) Secure authentication and password management;
  • (e) Activity monitoring and logging;
  • (f) Regular data backups;
  • (g) Firewalls and protection against cyber attacks;
  • (h) Staff training on security best practices.

Despite our security measures, no system is completely secure. The User is responsible for protecting their own login credentials and the security of their device.

13. USER RIGHTS

In accordance with applicable data protection regulations, the User may exercise the following rights:

13.1 Right of access: obtain confirmation as to whether or not Personal Data concerning them is being processed and, where that is the case, access to the data and information relating to the processing.

13.2 Right to rectification: obtain the rectification of inaccurate Personal Data and the completion of incomplete data.

13.3 Right to erasure: obtain the erasure of Personal Data concerning them, in the cases provided for by applicable regulations.

13.4 Right to restriction: obtain the restriction of processing in the cases provided for by applicable regulations.

13.5 Right to portability: receive Personal Data in a structured, commonly used, and machine-readable format, and transmit such data to another data controller.

13.6 Right to object: object to the processing of Personal Data on grounds relating to their particular situation, including processing for direct marketing purposes.

13.7 Right to withdraw consent: withdraw consent at any time for specific processing purposes, without affecting the lawfulness of processing based on consent before its withdrawal.

13.8 Right to lodge a complaint: lodge a complaint with the competent supervisory authority for data protection in their country of residence.

To exercise their rights, the User may contact us at the email address indicated in Section 2. We will respond to the request within the time limits provided by applicable regulations (generally within 30 days).

14. MINORS

Our Services are not intended for persons under the age of 18. We do not knowingly collect Personal Data from minors. If we become aware that we have collected Personal Data from a minor without verifiable parental or guardian consent, we will take steps to delete such information from our systems.

If a parent or guardian believes that their child has provided us with Personal Data, they are kindly requested to contact us immediately.

15. OPT-OUT FROM INTEREST-BASED ADVERTISING

The User can opt out of interest-based advertising through the following tools:

  • (a) Google: https://adssettings.google.com
  • (b) Meta/Facebook: https://www.facebook.com/settings/?tab=ads
  • (c) Network Advertising Initiative: https://optout.networkadvertising.org
  • (d) Digital Advertising Alliance: https://optout.aboutads.info
  • (e) Your Online Choices (Europe): https://www.youronlinechoices.eu

Additionally, the User can manage Cookie preferences through the preferences panel available on our Site or through their browser settings.

16. COOKIES AND SIMILAR TECHNOLOGIES

For detailed information on the use of Cookies and similar technologies, the User is invited to consult our Cookie Policy, available on the Site.

17. LINKS TO EXTERNAL SITES

Our Services may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of such third parties. We invite the User to read the privacy notices of each website visited.

18. CHANGES TO THE PRIVACY POLICY

We reserve the right to modify this Privacy Policy at any time. Changes will be effective from the moment of publication on the Site. In case of substantial changes, we will provide a more prominent notice (for example, via email or notification on the Site).

Continued use of the Services after publication of the changes constitutes acceptance of the modified Privacy Policy. It is the User's responsibility to periodically check this page for any updates.

19. CONTACTS

For any questions, requests, or complaints regarding this Privacy Policy or the processing of Personal Data, the User may contact us at:

Data Controller: TEMA Digital LLC

Registered Office: Sharjah Media City, Sharjah, United Arab Emirates

Website: www.valorys.co

Privacy Email: support@valorys.co