Privacy & Policy


Privacy Policy

Our privacy policy explains what personal data we collect and how we process them. This privacy policy is effective Dec 21, 2019.

Please note that this privacy policy will be regularly updated to reflect any changes in the way we handle your personal data or if there are any changes in the applicable laws. The following privacy policy will also tell you how we protect personal data relating to you that we collect, process and protect in accordance with applicable data protection laws, and the rights available to you in relation to the processing of personal data.

How do we collect and process personal data?

Accessing website or other online services

Information on websites is gathered in two ways: directly and indirectly. Ranaecosystems will at times ask you to directly provide information that personally identifies you (registering for an event, downloading a file, signing up for an email list, etc.). It is our policy to keep personal information only as long as needed to fulfil the purposes for which the information was collected. We also collect information indirectly through our Internet access logs and social media logins. When you visit, your Internet Protocol (IP) address is automatically collected and is placed in our Internet access logs. IP addresses are not linked to personally identifiable information. Your IP address is used to help diagnose any technical problems, analyses site trends, administer the site, track movement within the site, and gather broad demographic information about site use that can eventually be used to make improvements that enhance your user experience on

Responding to your request for information, order, or support

When you contact us (online or offline) in connection with a request for information, to book a training course, to order a product or service, to provide you with support, or to participate in a forum or other social computing tool, we collect information necessary to fulfill your request, to grant you access to the product or service, to provide you with support and to be able to contact you. For instance, we collect your name and contact information, details about your request and your agreement with us and the fulfillment, delivery and invoicing of your order and we may include client satisfaction survey information. We retain such information for administrative purposes, defending our rights, and in connection with our relationship with you. When you provide your name and contact information to register in connection with such a request, the registration may serve to identify you when you visit our websites.

Your use of our products and services

We collect information about your use of our products and services to enable product and service functionalities to operate, improve your user experience, tailor our interactions with you, inform our clients on the overall use of the services, provide support, and improve and develop our products and services.

Sharing personal data with third parties

We may transfer personal data to third party vendors in connection with a potential corporate or commercial transaction. Such third parties may be located in other countries.

However, we ensure that we take all necessary steps to ensure that your personal data is given adequate protection as required by the relevant data privacy laws, like the General Data Protection Regulation (GDPR) included in this Privacy Policy, and the EU-US Privacy Shield Framework, more information on which can be found at and Ranaecosystems's internal policies.

Contacting employees of our clients, prospects, partners and suppliers

In our relationship with clients or prospects, partners and suppliers, they also provide us with business contact information (such as name, business contact details, position or title of their employees, contractors, advisors and authorized users) for purposes such as contract management, fulfillment, delivery of products and services, provision of support, invoicing and management of the services or the relationship. Ranaecosystems does not sell, exchange, trade or give away personal information you voluntarily provide to us to any outside sources.

Visitor information

We register individuals visiting our offices and locations (name, identification and business contact information) and use camera supervision for reasons of security and safety of persons and belongings, as well as for regulatory purposes.


Most information we collect about you comes from our direct interactions with you. When you register for an event, we may collect information (online or offline) in relation to the event organization, and during an event, such as participation in sessions and survey results. We combine the personal information we collect to develop aggregate analysis and business intelligence for conducting our business and for marketing purposes. You can choose to receive information by email, telephone or postal mail about our products and services, or sign-up for subscriptions. When visiting our websites or using our products and services we may provide you with personalized information. You can always opt-out from receiving personalized communication by sending an e-mail to Ranaecosystems uses a third-party website content administrator and utilizes customer relationship management (CRM) database technology hosted by a third party to manage and track our marketing efforts. If you wish to be excluded from our CRM databases, please contact us at

How do we protect personal data?

Voluntary sharing of personal data

Except for information required by legal requirements, your decision to provide us any personal data is voluntary. You will not be subject to adverse consequences if you do not wish to provide us with your personal data. However, please note that if you do not provide certain information, you may not be able to access the features that requires the personal data. If you provide us with personal data of another person, you are responsible for ensuring that such person is made aware of the information contained in this privacy policy and that such person has provided his/her consent for sharing the information with Ranaecosystems.

Retention Period

We will not retain personal information longer than necessary to fulfill the purposes for which it is processed, including the security of our processing complying with legal and regulatory obligations (e.g. audit, accounting and statutory retention terms), handling disputes, and for the establishment, exercise or defense of legal claims in the countries where we do business.

Information Security and Accuracy

We intend to protect your personal information and to maintain its accuracy. Ranaecosystems implements reasonable physical, administrative, and technical safeguards to help us protect your personal information from unauthorized access, use and disclosure. We have regular penetration testing performed by a third-party provider to ensure our technical defenses are in place.

Our website and other sites may, from time to time, contain links to and from the websites of our partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

We do not collect any financial or credit card information. To the extent that any of our websites contain a credit card payment link, this link is to a third-party processor, and Ranaecosystems will not have access to any credit card information (see below). Please check such third-party processor’s terms of use and privacy statements before using or providing any personal information to such third party processors.

Payment Processing by Stripe

We use Stripe to process payments made to book our training courses. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. To accomplish this, they make use of best-in-class security tools and practices to maintain a high level of security.

HTTPS and HSTS for secure connections

Stripe forces HTTPS for all services using TLS (SSL), including their public website and the Dashboard.

  • Stripe.js is served only over TLS
  • Stripe’s official libraries connect to Stripe’s servers over TLS and verify TLS certificates on each connection

Stripe regularly audits the details of their implementation: the certificates they serve, the certificate authorities they use, and the ciphers they support. They use HSTS to ensure browsers interact with Stripe only over HTTPS. Stripe is also on the HSTS preloaded lists for both Google Chrome and Mozilla Firefox.

Encryption of sensitive data and communication

All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn’t share any credentials with Stripe’s primary services (API, website, etc.).

PCI-DSS Compliance

Our Stripe integration uses Stripe.js and Elements to collect card details from customers. These host all form inputs containing card data within an iframe served from Stripe’s domain — not ours — so your card information never touches our servers and is not held by us.

As such, we are eligible for the simplest method of PCI validation: Self-Assessment Questionnaire (SAQ) A. Stripe automatically creates a combined SAQ A and Attestation of Compliance (AoC) for us as proof of our PCI compliance.

Your Rights under the different privacy laws, including GDPR

You are entitled (in the circumstances and under the conditions, and subject to the exceptions set out in the applicable laws) to:

  • Request access to the personal data we collect and process about you.
  • Request a rectification of your personal data if you find that it is inaccurate or incomplete.
  • Object to the processing of your personal data, after which Ranaecosystems will not be able to use and process your personal data.
  • Object to processing personal data relating to your specific situation.
  • Request the erasure of your personal data.
  • Request restricting the processing of personal data, under which Ranaecosystems can only process your personal data under limited circumstances.
  • Request portability of your personal data, which entitles you to receive a copy (in a structured, commonly used, and machine-readable format) of personal data that you provided to Ranaecosystems.
  • Withdraw consent at any time to the collection, use and processing of your personal data by contacting Ranaecosystems marketing team at Please note that this withdrawal will not affect Ranaecosystems right to process personal data obtained prior to the withdrawal of your consent.

Site Security

We take appropriate steps to provide and maintain a secure website. By visiting, however, you agree that the open nature of the Internet is such that data may flow over networks without security measures in place and may be accessed and used by people other than those for whom the data is intended.

Right to lodge a complaint

In the event you consider our processing of your personal data not to be compliant with the applicable data protection laws, you can lodge a complaint either directly with us, or with the competent data protection authority.


Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

A cookie is a small text file written to your hard drive that contains information about your account and use of this site. Cookies do not contain any personal information about users. Cookies enable us to collect useful information and to improve your experience when accessing and using our site. By using our website, you agree that we can place cookies and other similar technologies on your device as explained in our cookies policy.

Changes to our Privacy Policy

From time to time we may update this Privacy Policy, as well as any other specific privacy statement. When making changes to this Privacy Policy, we will add a new date at the top of this Privacy Statement.


Ranaecosystems commits to resolve complaints about your privacy and our collection or use of your personal data. Data Subjects with inquiries or complaints regarding this Privacy Policy can contact Ranaecosystems at You can also contact our Data Protection Officer.