Legal · Plain English

Privacy policy

◎ Last updated · April 2026

Short version: We collect the minimum we need to run the platform (email, name, what you bought, what you watched). We don't sell your data. We use bcrypt, CSRF, and parameterised queries. You can ask us to delete everything at liaqateagle786@gmail.com. This page explains the boring version.

What we collect

When you create an account, we store your name, email, a bcrypt hash of your password (never the plaintext), and optional profile fields you provide. When you enrol in a program, we store the enrolment, your progress, and payment metadata (amount, currency, gateway reference — but never full card numbers).

We log IP addresses and user-agents for security purposes (rate limiting, fraud prevention) and retain them for up to 90 days.

How we use it

  • Deliver the platform — logging you in, tracking lesson progress, serving your enrolments.
  • Operational emails — verification, password resets, enrolment receipts, cohort announcements.
  • Marketing emails you opt into — you can unsubscribe with one click from the footer of any email.
  • Security — detecting and preventing abuse, fraud, and unauthorised access.
  • Aggregate analytics — understanding which lessons are working, which aren't. Never at the individual level in a way that identifies you externally.

When we share

We share personal data only with service providers required to run the platform:

  • Payment processors (PayPal, and any manual gateway you choose) — they receive what they need to process the payment.
  • Email deliverability — when we send transactional or marketing email.
  • Hosting & infrastructure — where the database physically sits.
  • Legal orders — if we're compelled by a valid legal process. We'll notify you unless the order forbids it.

We never sell your personal data. Ever. Not to advertisers, not to data brokers, not to partners.

Cookies & tracking

We use two cookies: a session cookie (so you stay logged in) and, optionally, a "remember me" cookie if you check that box on the login page. We don't use third-party advertising or cross-site tracking cookies.

Storage & security

Passwords are hashed with bcrypt. Requests are protected with CSRF tokens. Database queries are parameterised. We enforce HTTPS in production. Daily backups are retained for 30 days.

No system is perfectly secure. If we discover a breach affecting you, we'll notify you within 72 hours with what we know and what we're doing.

Your rights

You can, at any time, email liaqateagle786@gmail.com to:

  • See a copy of the personal data we have about you.
  • Correct anything wrong.
  • Delete your account and all associated data (we keep transactional records required by tax law).
  • Export your data in a portable format (JSON).
  • Opt out of all marketing email.

We respond to these requests within 7 business days.

Children

AutomatorsX is not intended for anyone under 16. If we learn we've collected data from someone under 16, we'll delete it.

Changes to this policy

If we materially change how we handle your data, we'll notify registered users by email and update the "Last updated" date at the top of this page. Small wording cleanups won't trigger a notification.

Contact us

Privacy questions go to liaqateagle786@gmail.com. We reply within one business day.