GDPR Privacy Policy
Last updated: October 17, 2025
This policy describes how Morivant ("we", "us", or "our") collects, uses, stores, and protects personal data in accordance with the General Data Protection Regulation (GDPR) and applicable data protection legislation. By using our platform at morivant.com, you acknowledge the practices described below.
1. Data Controller
Morivant acts as the data controller for personal data collected through this platform. Our registered address is 3482 Errington Ave, Chelmsford, ON P0M 1L0, Canada. For data protection enquiries, contact us at [email protected] or by telephone at +14507520781.
2. Legal Basis for Processing
We process your personal data only where a lawful basis exists under GDPR Article 6. The bases we rely on include:
- Contractual necessity — processing required to deliver the services you have requested or enrolled in.
- Legitimate interests — processing that serves our reasonable business interests, provided those interests are not overridden by your rights.
- Legal obligation — processing necessary to comply with applicable law.
- Consent — where we have obtained your freely given, specific, informed, and unambiguous consent. You may withdraw consent at any time without affecting the lawfulness of prior processing.
3. Personal Data We Collect
3.1 Data You Provide Directly
- Full name and contact details (email address, phone number)
- Account credentials and profile information
- Payment and billing information processed via our payment providers
- Communications you send to us, including support requests
- Course enrolment choices and learning preferences
3.2 Data Collected Automatically
- IP address and approximate geographic location
- Browser type, device identifiers, and operating system
- Pages visited, session duration, and navigation paths
- Cookies and similar tracking technologies (see Section 9)
3.3 Data From Third Parties
We may receive data from authentication providers if you choose to register using a third-party sign-in service, or from payment processors confirming transaction status.
4. How We Use Your Data
We use collected data to:
- Create and manage your account and course enrolments
- Deliver educational content and track learning progress
- Process payments and issue receipts or certificates
- Respond to enquiries and provide customer support
- Send service-related notifications and, where consented, marketing communications
- Improve platform functionality and user experience through aggregated analytics
- Detect, prevent, and address fraud or security incidents
- Meet legal and regulatory obligations
5. Data Sharing and Disclosure
We do not sell your personal data. We may share data with:
- Service providers — third-party processors acting on our behalf (hosting, payment processing, email delivery, analytics) under data processing agreements that require equivalent protection.
- Professional advisers — lawyers, auditors, and insurers where necessary.
- Regulatory or law enforcement authorities — where required by law or to protect the rights, property, or safety of our users or the public.
- Business transfers — in the event of a merger, acquisition, or asset sale, your data may be transferred as part of that transaction. We will notify you in advance where required.
6. International Data Transfers
As a global platform, your data may be transferred to and processed in countries outside the European Economic Area (EEA). Where such transfers occur, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or reliance on an adequacy decision. You may request details of the safeguards applied to your data by contacting us.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Typical retention periods are:
- Account data — retained for the duration of your account and for a reasonable period thereafter to handle post-closure enquiries.
- Transaction records — retained as required by financial and tax regulations.
- Support communications — retained for the period needed to resolve the matter and for quality assurance.
- Analytics data — retained in aggregated or anonymised form indefinitely.
When data is no longer required, it is securely deleted or anonymised.
8. Your Rights Under GDPR
Depending on your location and applicable law, you may have the following rights regarding your personal data:
- Right of access — to obtain a copy of the personal data we hold about you.
- Right to rectification — to request correction of inaccurate or incomplete data.
- Right to erasure — to request deletion of your data where there is no overriding legitimate reason for continued processing.
- Right to restriction — to request that we limit how we use your data in certain circumstances.
- Right to data portability — to receive your data in a structured, commonly used, machine-readable format and transmit it to another controller.
- Right to object — to object to processing based on legitimate interests or for direct marketing purposes.
- Rights related to automated decision-making — not to be subject to decisions based solely on automated processing that produce significant effects, without human review.
- Right to withdraw consent — where processing is based on consent, to withdraw it at any time.
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. We may need to verify your identity before fulfilling a request. You also have the right to lodge a complaint with your applicable supervisory authority if you believe your data has been processed unlawfully.
9. Cookies and Tracking Technologies
We use cookies and similar technologies to operate the platform, remember your preferences, and understand how users interact with our content. Categories of cookies we use include:
- Strictly necessary — required for the platform to function; cannot be disabled.
- Functional — enable personalisation and saved preferences.
- Analytics — help us understand usage patterns to improve the platform.
- Marketing — used where you have consented to receive relevant communications.
You may manage cookie preferences through your browser settings or our cookie consent interface. Note that disabling certain cookies may affect platform functionality.
10. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include encryption in transit and at rest, access controls, regular security assessments, and staff training. No method of transmission over the internet is completely secure; however, we take commercially reasonable steps to protect your data.
11. Children's Privacy
Our platform is not directed at children under the age of 16. We do not knowingly collect personal data from individuals under this age. If we become aware that data has been collected from a child without verifiable parental consent, we will take steps to delete it promptly. If you believe a child has provided us with personal data, please contact us at [email protected].
12. Third-Party Links
Our platform may contain links to external websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any external sites you visit.
13. Changes to This Policy
We may update this policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you by updating the date at the top of this page and, where appropriate, by sending a notification to your registered email address. Continued use of the platform after changes are posted constitutes your acknowledgement of the updated policy.
14. Contact Us
For questions, requests, or concerns regarding this policy or our data practices, please reach out:
- Email: [email protected]
- Phone: +14507520781
- Post: 3482 Errington Ave, Chelmsford, ON P0M 1L0, Canada
- Website: morivant.com