Details We Receive and Where They Come From

When you engage with our platform at prondex.com, certain pieces of identifying and operational information flow toward us. This happens primarily during account creation, when filling out inquiry forms, or when participating in educational programs focused on building smarter investment habits. We don't collect everything possible — just what's needed to make the service functional and responsive to your goals.

Sometimes details arrive indirectly — through partner organizations that refer clients to us, or through publicly available professional networks when someone lists their participation in our programs. We don't go hunting for information beyond what naturally surfaces through normal business interaction.

Why This Information Matters to Our Operations

Everything we capture serves a particular function. There's no speculative hoarding. If we can't point to a specific operational requirement, we shouldn't be keeping it in the first place.

Service Delivery and Support

The most obvious reason: we need your email to send you course materials. We need your name to address you properly. When someone contacts support at support@prondex.com, having their account history visible means faster, more accurate assistance. Without basic identifying details, personalized educational content would be impossible to deliver effectively.

Platform Improvement Cycles

Behavioral patterns tell us where people get stuck, which modules produce confusion, and what completion rates look like across different learning paths. This feedback loop drives continuous refinement. If everyone abandons a particular lesson halfway through, that's valuable diagnostic information — not about individuals, but about design flaws we need to fix.

Communication That Feels Relevant

When we send updates about new courses scheduled for March or April 2026, those messages go to people who've shown interest in related topics. The alternative — blasting everyone with everything — creates noise instead of value. Targeted communication depends on knowing what each person cares about based on their previous choices and stated preferences.

Security and Fraud Prevention

IP addresses and login patterns help us spot unusual activity. If someone in British Columbia suddenly appears to be accessing an account from another country within minutes, that triggers review protocols. Technical logging isn't about surveillance — it's about protecting both our infrastructure and your account integrity.

How Details Move Beyond Our Direct Control

We don't operate in complete isolation. Certain functions require working with external service providers, and that means controlled information transfer under specific conditions.

Infrastructure and Technical Partners

Email delivery systems, cloud storage providers, and content distribution networks handle portions of our technical stack. These entities process information on our behalf under contractual obligations that restrict how they can work with what they see. They're not free to repurpose your details for their own marketing or analytics beyond what's needed to perform the specific service we've hired them for.

Payment Processing Channels

When financial transactions occur, payment processors receive the minimum necessary transaction details. We don't see or store full credit card numbers — that sensitive information flows directly between you and the payment gateway. We only receive confirmation that a transaction completed successfully and basic receipt information for our records.

Legal and Compliance Scenarios

If a court order arrives, or if regulatory authorities issue formal requests with proper legal backing, we comply with those obligations. This isn't voluntary disclosure — it's legally mandated response. We evaluate each request to ensure it's legitimate and appropriately scoped before releasing anything.

Business Structure Changes

Should Prondex merge with another organization or undergo acquisition, client information would likely transfer as part of that business transition. You'd receive notification if this situation arose, and the acquiring entity would assume the obligations outlined in this statement unless they provide updated terms.

We do not sell client lists to data brokers, rent email addresses to third-party marketers, or share behavioral profiles with advertising networks. Your engagement with our educational platform stays within the operational boundaries described here.

What Control You Retain Over Your Information

You're not locked into whatever we've recorded. Several mechanisms exist for reviewing, modifying, or removing details we hold.

• Access Requests: You can ask to see everything we've stored about you. We'll compile a readable summary and deliver it within thirty days of receiving your request.
• Correction and Updates: If your contact details change or if something we've recorded appears inaccurate, contact us and we'll make the necessary adjustments promptly.
• Deletion Requests: Want everything removed? We'll honor that request except where retention is legally required — things like financial transaction records that must be kept for tax compliance, or documentation related to ongoing disputes.
• Communication Preferences: Every marketing email includes an unsubscribe option. Essential service messages — like password resets or urgent security alerts — will still reach you even if you opt out of promotional content.
• Data Portability: You can request a machine-readable export of the information you've provided directly, allowing you to transfer it elsewhere if you choose.

To exercise any of these options, send your request to support@prondex.com with sufficient detail for us to locate your account and verify your identity. We typically respond within five business days and complete most requests within a month unless the situation involves unusual complexity.

Protection Measures and Remaining Vulnerabilities

Security isn't a solved problem — it's an ongoing practice involving multiple layers of defense and continuous adaptation to emerging threats.

Technical Safeguards Currently Active

Encrypted connections protect information in transit between your browser and our servers. Stored data sits behind access controls that limit who internally can view specific records. Regular security audits test our defenses against known attack patterns. Automated monitoring watches for suspicious activity patterns that might indicate compromise attempts.

Organizational Security Practices

Staff members receive training on information protection protocols and only access systems necessary for their specific job functions. We maintain incident response procedures so that if something does go wrong, there's a tested process for containment, investigation, and notification.

Realistic Risk Assessment

Despite these precautions, absolute security doesn't exist. Sophisticated attackers sometimes breach even well-defended systems. Hardware can fail. Human error occasionally opens unintended vulnerabilities. We work to minimize these risks but can't eliminate them entirely. If a breach occurs affecting your information, we'll notify you promptly with details about what happened and what steps we're taking in response.

Your own security practices matter significantly. Using strong, unique passwords and enabling two-factor authentication where available reduces your exposure substantially. We can protect our infrastructure, but we can't prevent someone from guessing a weak password or falling for a sophisticated phishing attempt.

How Long Information Persists in Our Systems

Retention periods vary based on the nature of the information and the reasons we collected it in the first place.

Active account details remain accessible as long as you continue using our services. When you close an account, most identifying information gets deleted within ninety days. However, certain records persist longer due to legal requirements — financial transaction documentation, for instance, stays on file for seven years to comply with tax regulations.

Aggregated analytics data that no longer identifies specific individuals might be retained indefinitely since it doesn't pose privacy risks once the identifying connection is severed. Course completion statistics, general usage patterns, and platform performance metrics fall into this category.

If you haven't logged in for three years and haven't responded to periodic confirmation emails asking if you want to keep your account active, we may treat the account as abandoned and delete it along with associated information. We'll send multiple warnings before taking that step.

This statement evolves as our practices change and as legal requirements shift. When significant updates occur, we'll notify active users through email and post a revised version here with a new effective date. Continued use of our services after changes take effect constitutes acceptance of the updated terms.