Caserta Training

Privacy Policy

Last updated: March 2026

Caserta Training (“we,” “us,” or “our”) operates the website at casertatraining.com (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

1. Information We Collect

1.1 Information You Provide

  • Account Information: When you create an account or enroll in a course, we collect your first name, last name, email address, and password (stored securely via Supabase Auth using bcrypt hashing).
  • Payment Information: When you make a purchase, payment details (credit card number, billing address) are collected and processed directly by Stripe. We do not store your full card number on our servers.
  • Corporate Inquiry Information: If you submit a corporate training inquiry, we collect your name, email, company, title, team size, program interest, timeline, and message.

1.2 Information Collected Automatically

  • Usage Data: We collect information about how you interact with our Service, including pages visited, course progress, video playback data, and features used.
  • Device Information: Browser type, operating system, IP address, and device identifiers.
  • Cookies and Tracking: We use cookies for authentication session management and analytics.

2. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To process your purchases and manage your account
  • To track your course progress and generate certificates of completion
  • To send transactional emails (receipts, welcome, certificates)
  • To respond to corporate training inquiries
  • To analyze usage patterns and improve the learning experience
  • To protect against fraud and ensure the security of the Service

3. Third-Party Services

We use the following third-party services to operate the platform. Each processes data according to their own privacy policies:

  • Supabase — Database hosting, user authentication, and file storage. Your account data, course progress, and downloadable materials are stored on Supabase infrastructure. Supabase Privacy Policy
  • Stripe — Payment processing. Stripe collects and processes your payment information directly. We receive only a payment confirmation and customer identifier. Stripe Privacy Policy
  • Mux — Video hosting and streaming. Mux delivers course video content and may collect playback analytics. Mux Privacy Policy
  • Resend — Transactional email delivery. Resend processes your email address to deliver purchase receipts, welcome messages, and certificate notifications. Resend Privacy Policy
  • Google Analytics — Website analytics. We use Google Analytics to understand how visitors use our site. Google may collect IP addresses and use cookies. Google Privacy Policy
  • Google reCAPTCHA — Bot protection on our corporate inquiry form. reCAPTCHA may collect hardware and software information. Google Privacy Policy

4. Data Retention

We retain your account information and course progress for as long as your account is active. If you request account deletion, we will delete your personal data within 30 days, except where retention is required for legal obligations (e.g., financial records for tax purposes).

Payment records are retained as required by financial regulations and tax law. Corporate inquiry data is retained for business development purposes unless you request deletion.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encrypted data transmission (HTTPS enforced via Vercel)
  • Password hashing (bcrypt via Supabase Auth)
  • Database encryption at rest (Supabase managed)
  • Row-Level Security policies restricting data access to authorized users
  • PCI DSS compliant payment processing (card data never touches our servers)
  • Signed URLs with time-limited access for file downloads

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Data portability

To exercise any of these rights, please contact us at info@casertacompany.com.

7. Children's Privacy

Our Service is not directed to individuals under 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised “Last updated” date.

9. Contact Us

If you have questions about this Privacy Policy, please contact us at: info@casertacompany.com