PRIVACY POLICY
Last updated: 29.04.2026
1. Introduction
C-kata ("we," "our," "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information in accordance with applicable data protection laws, including the UK GDPR.
2. Data Controller
Controller: TECH HAVEN LIMITED
Registration No: 14287322
Address: 72 Halliwick Road, London, N10 1AB, United Kingdom
Email: [email protected]
3. Data We Collect
We may collect and process the following categories of personal data:
Account Data: email address, password (securely hashed), optional phone number, social login identifiers
Payment Metadata: transaction ID, order ID, amount, CKC purchased (we do not store card details)
Progress Data: XP, rank, CKC balance, usage history
Technical Data: IP address, browser type, device information, system logs
Cookies Data: essential cookies and optional analytics/marketing cookies (subject to consent)
We do not collect or store users' source code beyond what is necessary to provide the Service within their account.
4. How We Use Your Data
We process your personal data to:
Provide and maintain the Service
Create and secure user accounts
Process payments and manage virtual currency balances
Track learning progress and performance
Provide customer support and resolve disputes
Improve the platform through aggregated and anonymized analytics
We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.
5. Legal Basis for Processing
We process personal data based on:
Contractual necessity – to provide the Service
Legal obligations – accounting and regulatory requirements
Legitimate interests – service improvement, fraud prevention, and security
Consent – for optional cookies and marketing (where applicable)
6. Data Sharing
We may share your data with:
Payment service providers (PCI-DSS compliant)
Hosting, infrastructure, analytics, and email service providers
Legal and regulatory authorities when required by law
We do not sell or rent personal data to third parties.
Where data is transferred outside the UK/EU, we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs).
7. Data Retention
Account data: retained until account deletion
Payment records: retained for 7 years (legal requirement)
Technical logs: retained for up to 30 days
Progress data: retained until account deletion
8. Your Rights
Under applicable data protection laws, you have the right to:
Access your personal data
Request correction or deletion
Request restriction of processing
Object to processing
Request data portability
Withdraw consent at any time (where applicable)
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe that your data protection rights have been violated.
9. Security Measures
We implement appropriate technical and organizational measures, including:
Encryption in transit (TLS 1.3) and at rest
Secure password hashing and salting
Restricted access to personal data
Continuous monitoring and security audits
10. Children's Data
The Service is intended for users aged 18 and older. We do not knowingly collect personal data from children.
11. Cookies
Essential cookies are required for the operation of the Service.
Optional analytics and marketing cookies are used only with your explicit consent.
For more details, please refer to our Cookie Policy.
12. Third-Party Content and Open Source
Some educational materials are adapted from open-source resources, including Exercism (https://github.com/exercism), and are distributed under the MIT License. These materials are provided "as is" without warranty.
13. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be available at: