We operate with a foundational belief: your details belong to you. Our approach centers on limiting intake, retaining only what enables service delivery, and giving you visibility into what we hold.
This document explains how Stellox Nova handles information connected to individuals who interact with our educational platform. It covers digital interactions, communication exchanges, enrollment procedures, and support requests.
Information Emergence and Operational Necessity
Direct Provision During Enrollment
When you register for our investment patience education program, we ask for specific details that enable course delivery. These typically include your full name, electronic mailing address, and in some cases, phone contact. The Canadian address you provide helps us understand regional educational needs and comply with provincial requirements where applicable.
Payment transactions for course fees generate financial data through our payment processors. We don't directly handle or store complete credit information — instead, tokenized references allow us to track enrollment status without exposing sensitive financial details.
Interaction-Generated Details
As you move through learning modules, the platform records completion markers and assessment results. These serve a practical purpose: they let us track your progress, identify where students commonly struggle, and adjust teaching approaches accordingly. If you submit questions through our support system, those messages — along with our responses — create a record that helps resolve issues faster if you contact us again.
Technical operations generate logs that capture device types, browser versions, and access timestamps. These aren't collected because we're curious about your setup — they're necessary for troubleshooting platform issues, preventing unauthorized access attempts, and ensuring the learning environment functions properly across different systems.
Voluntary Contributions
Sometimes learners share additional context — background in finance, specific investment goals, or prior education. You're never required to provide this, but when you do, it helps us understand who we're serving and how effectively our content addresses real needs. This shapes future curriculum development.
Data as Operational Resource
Every piece of information we gather serves specific functions. There's no stockpiling for vague future purposes.
Service Delivery Functions
Your enrollment details grant access to course materials and enable communication about schedule changes, new content releases, or technical issues. When you complete assessments, the results calculate your overall progress and determine when you've met completion criteria.
Financial transaction records prevent duplicate charges, facilitate refunds when policies allow, and maintain accurate enrollment status. If payment fails or a subscription lapses, these records determine access continuation or suspension.
Support and Resolution
When technical problems arise or you have questions, support staff access your account details and interaction history. This context eliminates repetitive questioning and speeds problem resolution. Without it, every support interaction would start from zero.
Quality Improvement
Aggregated completion rates reveal which modules work well and which need revision. If large numbers of students struggle with specific concepts, that signals a teaching problem, not a learning problem. We analyze patterns — not individual performance — to refine educational approach.
| Information Category | Primary Operational Purpose | Retention Trigger |
|---|---|---|
| Account credentials and contact details | Access provisioning, communication delivery, account recovery | Active enrollment plus 2 years post-completion |
| Course progress and assessment results | Learning pathway tracking, completion verification, curriculum effectiveness analysis | Active enrollment plus 3 years for certification verification |
| Payment transaction records | Financial reconciliation, refund processing, fraud prevention | 7 years per Canadian tax requirements |
| Support correspondence | Issue resolution, service quality assessment, training reference | Active enrollment plus 1 year |
| Technical access logs | Security monitoring, troubleshooting, unauthorized access detection | 90 days rolling window |
Legal Obligations
Canadian regulations require maintaining certain educational and financial records for specified periods. Tax documentation, enrollment verification for credential validation, and financial transaction histories fall under these requirements. We don't retain this information because we want to — we retain it because regulatory frameworks mandate it.
External Movement and Third-Party Access
Some operational necessities require sharing specific details with outside entities. This happens under defined circumstances, not casually.
Service Providers Operating on Our Behalf
Our learning platform runs on cloud infrastructure provided by external hosting services. These providers process data as part of delivering technical functionality — storage, content delivery, system reliability. They operate under contractual obligations that restrict usage to our specified purposes.
Email communications route through messaging services. When we send course updates or respond to inquiries, those providers handle transmission. They don't gain ownership or independent usage rights to the content.
Payment processors handle transaction completion. When you purchase enrollment, your payment details move to these financial intermediaries who authorize charges and transfer funds. We receive confirmation and tokenized references, not full card numbers.
Legal Compulsion
Government authorities sometimes demand information through legal processes. If we receive valid subpoenas, court orders, or regulatory requests that meet legal standards, we respond as required. We don't voluntarily hand over details, but we comply with legitimate legal demands.
Business Structure Changes
If Stellox Nova merges with another entity, gets acquired, or transfers assets, student information may move as part of that transaction. Educational records and operational data represent core business assets. Any receiving organization would assume existing privacy obligations.
We do not sell enrollment lists to marketing companies, lease contact details to third parties, or monetize student information as a revenue stream. Your data serves operational and educational purposes, period.
Security Approach and Residual Risk
Protection measures reduce risk but don't eliminate it. Anyone claiming absolute security is either naive or dishonest.
Technical Safeguards
We encrypt information during transmission between your device and our servers. Storage systems use access controls that limit who internally can view specific data categories. Regular security updates address known vulnerabilities in software components.
Account access requires authentication credentials. While we can't prevent weak password choices, we enforce minimum complexity standards and encourage strong unique passwords.
Organizational Measures
Staff access follows need-to-know principles. Support personnel see what they need for assistance. Instructors access course progress. Finance staff handle payment records. Nobody gets complete visibility without specific operational justification.
We maintain incident response procedures for potential breaches. If unauthorized access occurs, protocols define investigation, containment, and notification processes.
What We Can't Guarantee
Sophisticated attackers sometimes penetrate even well-defended systems. No security architecture is impervious. We implement industry-standard protections, but risk persists. If you share overly sensitive financial details or personal information beyond what we request, that increases exposure unnecessarily.
Your Control Points and Available Actions
Canadian privacy law grants specific rights regarding information about you. Here's what you can actually do.
Access and Review
You can request copies of details we maintain about you. Submit a written request to support@stelloxnova.com identifying yourself and specifying what you want to see. We'll provide accessible formats within 30 days unless volume or complexity requires extension.
Correction and Updates
If information is inaccurate or outdated, notify us and we'll make corrections. You can update contact details, communication preferences, and optional profile information directly through your account settings.
Deletion Requests
You can request removal of your information, with limitations. Active enrollments require maintaining certain records for course delivery. Completed courses may need verification records for credential validation. Financial transactions stay on file per tax requirements. Outside these constraints, we'll delete what we legally can.
Communication Preferences
Marketing messages include unsubscribe mechanisms. Transactional communications — enrollment confirmations, course access details, security notifications — continue regardless because they're operationally necessary, not promotional.
Account Closure
If you want to terminate your relationship with Stellox Nova, we'll close your account and remove data outside mandatory retention periods. Outstanding financial obligations or unresolved disputes may delay final closure.
Questions, Concerns, and Escalation
If something here raises questions or if you want to exercise rights described above, reach us through these channels. We respond to privacy inquiries within 10 business days.
If our response doesn't resolve your concern, you can escalate to the Office of the Privacy Commissioner of Canada, which oversees compliance with federal privacy legislation.