Operator: Panisa Pochanard, doing business as dogmaDECODER (a California sole proprietorship)
Contact: courses@dogmadecoder.com
1. Introduction
This Privacy Policy explains how Panisa Pochanard, doing business as dogmaDECODER ("we," "us," "our," or "dogmaDECODER"), collects, uses, and protects information when you visit dogmadecoder.com (the "Site"), purchase a course, or interact with our services. We are committed to handling your information transparently and only as needed to provide our educational services.
2. Information We Collect
We collect only the information needed to operate the Site and provide course access. Specifically:
| Category | Examples | Source |
|---|---|---|
| Account information | Email address, password (stored as a one-way hash, never in plain text) | You provide it at signup |
| Payment information | Payment confirmation, amount, transaction ID, partial card metadata for receipts | Stripe processes payment; we receive confirmation only — we do not store credit card numbers |
| Learning progress | Chapter completion status, bookmarks, practice-exam scores and answers | Generated as you use the Course |
| Questions and communications | Questions you submit via the Ask dogmaDECODER feature; messages sent via the contact form | You provide them |
| Terms acceptance records | Records of when you accepted the Terms of Service and Privacy Policy, and which versions | Captured when you check the agreement box at signup, checkout, or dashboard prompt |
| Analytics data | Aggregate, anonymized page views, bounce rate, device type | Cloudflare Web Analytics — cookie-free, privacy-respecting |
We do not collect: social security numbers, government IDs, health information, biometric data, location data, or browsing history outside our Site.
3. How We Use Your Information
- Create and authenticate your account
- Process your purchase and grant access to the Course
- Send transactional emails (purchase confirmations, password resets, course access)
- Track your learning progress so you can resume where you left off
- Respond to your questions and support requests
- Improve the Course and the Site (aggregate analytics only)
- Comply with legal obligations and protect against fraud or abuse
We do not sell your information to third parties. We do not use your information for advertising. We do not share your information for marketing purposes outside dogmaDECODER.
4. How We Share Your Information
We share information only with the third-party services required to operate the Course:
| Service | Purpose | Data shared |
|---|---|---|
| Supabase (US) | Account authentication and database storage | Email, password hash, learning progress, questions, acceptance records |
| Stripe (US) | Payment processing | Email, payment information (handled directly by Stripe) |
| Cloudflare (US) | Website hosting and aggregate analytics | IP address (briefly, for security), page views (anonymized) |
| Resend (US) | Transactional email delivery (purchase confirmations, password resets) | Email address, email contents |
Each of these services has its own privacy policy and security practices. We have selected them for their reputation for security and compliance.
We may also disclose information when required by law (subpoena, court order, regulatory request) or to protect the rights, property, or safety of dogmaDECODER, our users, or the public.
5. Data Storage and Security
Your information is stored on servers operated by Supabase, Stripe, Cloudflare, and Resend, all of which use industry-standard encryption at rest and in transit (TLS/HTTPS). Passwords are stored as one-way hashes; we cannot read or recover your password.
No system is perfectly secure. While we take reasonable measures to protect your information, we cannot guarantee absolute security. If we become aware of a data breach affecting your information, we will notify you in accordance with applicable law.
6. Data Retention
We retain account information for as long as your account is active. If you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law (e.g., payment records for tax and accounting purposes, which Stripe retains independently per its own policy and applicable law).
Records of Terms and Privacy Policy acceptance are retained for the lifetime of your account and for up to seven (7) years after account closure to support potential dispute resolution.
7. Cookies and Tracking
dogmaDECODER does not use advertising cookies or third-party tracking cookies. We use:
- Essential cookies — needed for login/session management via Supabase Auth (cannot be disabled without losing the ability to log in)
- Cloudflare Web Analytics — a cookie-free, privacy-respecting analytics service that collects only aggregate, anonymized usage data
We do not use Google Analytics, Facebook Pixel, advertising trackers, or behavioral profiling cookies.
8. Your Rights — General
Regardless of where you live, you have the right to:
- Access the personal information we hold about you
- Correct inaccurate information
- Delete your account and associated data
- Withdraw consent for non-essential data uses
- Receive a copy of your data (data portability)
To exercise these rights, email courses@dogmadecoder.com. We will respond within 30 days.
9. Your Rights — California Residents (CCPA / CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
- Right to know: what personal information we have collected about you, the sources, the purposes, and any third parties we shared it with
- Right to delete: personal information we have collected, subject to legal retention exceptions
- Right to correct: inaccurate personal information
- Right to opt out of sale or sharing: dogmaDECODER does not sell or share personal information for cross-context behavioral advertising
- Right to limit use of sensitive personal information: dogmaDECODER does not collect "sensitive personal information" as defined by CPRA
- Right to non-discrimination: we will not deny services, charge different prices, or provide a different quality of service because you exercised these rights
To submit a request, email courses@dogmadecoder.com with the subject line "CCPA Request." You may also designate an authorized agent to make a request on your behalf.
10. Your Rights — EU/EEA and UK Residents (GDPR / UK GDPR)
If you are located in the European Economic Area or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) and UK GDPR:
- Right of access
- Right to rectification
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Rights related to automated decision-making (dogmaDECODER does not perform automated decision-making with legal effects)
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
Legal basis for processing: we process your information based on (a) your consent (for marketing or non-essential communications), (b) the necessity of performing our contract with you (delivering the Course), and (c) our legitimate interests (operating and improving the Site, preventing fraud).
To exercise these rights, email courses@dogmadecoder.com.
11. International Data Transfers
dogmaDECODER operates from California, United States. Our third-party services (Supabase, Stripe, Cloudflare, Resend) are also based in the United States. If you access the Site from outside the United States, your information will be transferred to and processed in the United States, which may have data protection laws different from those in your country.
By using the Site, you consent to this transfer. We rely on standard contractual clauses and other safeguards where required for cross-border data transfers.
12. Children's Privacy
The Site and Course are intended for adults (18 years or older). We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected information from a child under 13, we will delete it promptly.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Updated versions will be posted to this page with a new version number and effective date. Material changes will be communicated to active enrolled users via email or in-app notification, and continued use of the Site or Course following such notification constitutes acceptance of the revised Policy.
14. Contact
Questions, requests, or complaints about this Privacy Policy? Email courses@dogmadecoder.com.
See also our Terms of Service.