Last updated: 2026-04-15

Privacy Policy

Bitloom operates the website https://bitloom.pro and the certification platforms branded as Bitloom. This policy explains what personal data we collect, why, how long we keep it, and how to exercise the rights you have under the GDPR.

What we collect

From visitors to this site: IP address, user agent, page views, referrer (for analytics).

From contacts: name, email, company, the message you sent, and any attachments.

From learners on platforms we operate for clients: name, email, course progress, exam attempts, issued certificates. We process this on behalf of our client (the certification body) under a Data Processing Agreement.

Lawful basis

Legitimate interest for analytics and incoming sales contact. Contractual necessity for learner data on platforms we operate. Consent for marketing emails (you opt in; you can opt out at any time via the link in every email).

Where it's stored

EU data centres only — Frankfurt and Amsterdam by default. Backups are encrypted at rest and held within the EU. We do not transfer personal data outside the EEA without an explicit DPA addendum.

How long we keep it

Sales contact: 24 months from the last interaction.

Analytics: 14 months at session level, aggregated thereafter.

Learner data on operated platforms: per the client's retention schedule, typically the regulatory minimum (often 5 or 7 years for compliance certifications) plus a defined deletion process.

Your rights

You have the right to access, correct, delete, or export your personal data, and to object to processing. To exercise any right, write to privacy@bitloom.pro. We respond within 30 days.

Contact

Privacy contact: privacy@bitloom.pro