1. What Data We Collect
FayEDU collects data across three categories:
- Identity data: name, email address, profile photo (optional), country and timezone.
- Behavioral data: login timestamps, pages and features accessed, time spent on lessons, video watch completion rates, quiz attempts and scores.
- Transactional data: course purchases, enrollment records, certificate issuances and payout records for Creators.
- Technical data: browser type, device type, operating system, IP address and session identifiers.
- Content data: course materials uploaded by Creators, assignment submissions by Students.
2. Learning Analytics Data
FayEDU's Learning Management System (LMS) tracks detailed engagement data to improve the learning experience:
- Module-level progress: which lessons have been started, completed and revisited.
- Assessment performance: quiz scores, attempt history and time-on-task.
- Engagement patterns: video scrubbing behaviour, content replay and dropout points.
- Assignment submissions and grading records.
This data is used to:
- Display progress to learners and Creators via dashboards.
- Generate certificates of completion based on verified progress.
- Provide Creators with aggregate analytics about their courses (individual student data is not shared without consent).
- Improve platform features and identify learning bottlenecks at an aggregate level.
Learning analytics data is stored for the duration of your enrollment plus 12 months, after which it is aggregated and anonymised.
3. AI Training Data
Important: Anonymised learning data (not personally identifiable) may be used to improve FayEDU's AI-powered features. You can opt out at any time in your account settings under Privacy & Data.
FayEDU uses AI to power features such as course content suggestions, quiz generation and learning recommendations. To improve these features, we may use:
- Anonymised course interaction patterns (which content types lead to better learning outcomes).
- Aggregated quiz performance data to improve AI-generated assessments.
- Anonymised content structure data to improve AI course layout suggestions.
What we do not use for AI training:
- Personally identifiable information (name, email, etc.).
- Assignment submissions or personal reflections.
- Private messages or support conversations.
- Data from users who have opted out.
To opt out of AI training data use, go to Account Settings → Privacy & Data → AI Data Usage and toggle off "Allow anonymised data to improve AI features".
4. GDPR & Data Rights
If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):
- Right to access: request a copy of all personal data we hold about you.
- Right to rectification: request correction of inaccurate data.
- Right to erasure ("right to be forgotten"): request deletion of your data, subject to legal retention requirements.
- Right to restriction: request that we limit how we process your data.
- Right to data portability: receive your data in a structured, machine-readable format (JSON/CSV).
- Right to object: object to processing based on legitimate interests or for direct marketing.
- Rights related to automated decision-making: request human review of any automated decisions affecting you.
Our legal basis for processing personal data includes: performance of contract (providing the platform service), legitimate interests (platform security and improvement), consent (marketing communications, AI training data), and legal obligation (financial records).
You may lodge a complaint with your national data protection authority. In Kenya, this is the Office of the Data Protection Commissioner (ODPC).
5. Data Retention Policy
We retain data for as long as necessary to provide our services and comply with legal obligations:
- Account data: retained for the lifetime of your account plus 12 months after deletion.
- Learning progress data: retained for the duration of enrollment plus 12 months, then anonymised.
- Transaction and financial records: retained for 7 years to comply with Kenyan tax law.
- Support communications: retained for 3 years.
- Server logs: retained for 90 days, then deleted.
When data is no longer required, it is securely deleted or anonymised using industry-standard methods.