Skip to main content
BrainLeaFuture Coders Start Here 🚀
Back to Home

Privacy Policy

Last Updated: May 22, 2026

BrainLea ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, store, share, and protect your personal information when you visit and use our website at www.brainlea.com ("Website"), our live coding classes, online sandboxes, and other interactive educational services (collectively, the "Services").

1Information We Collect

We collect personal information to provide a safe, effective, and personalized learning environment. This includes:

Information Provided by Parents/Guardians

When registering or purchasing a course, we collect parent/guardian names, email addresses, phone numbers, payment billing details, and country of residence.

Student Information (With Parent Consent)

We collect student first names or nicknames, ages/grades, and coding progress. To protect children's privacy, we do not require or collect student email addresses or last names.

Classroom Interactions and Projects

During live classes, we collect classroom chat logs, audio/video streams, live recordings, and student-generated code or project files saved inside our sandbox.

Technical and Usage Data

We automatically collect IP addresses, device types, browser specifications, operating systems, referral URLs, and interactions with the Website using cookies and tracking pixels.

2How We Use Your Information

We process your data for the following purposes:

  • Providing Services: To process payments, schedule classes, run live coding sandboxes, and save student projects.
  • Support & Communication: To answer inquiries, send booking confirmations, share lesson recordings, and notify you of updates.
  • Safety & Monitoring: To maintain secure live classrooms, review teacher performance, and protect student safety.
  • Improvement: To analyze usage patterns, optimize site performance, and develop new course materials.
  • Legal Compliance: To meet financial accounting duties, prevent fraud, and comply with law enforcement requirements.

3Third-Party Data Processors

We do not sell or lease your personal information. We share data only with service providers who help us deliver our Services. These third parties are contractually bound to protect your data and are prohibited from using it for any other purpose:

Service ProviderPurposeData Shared
FirebaseDatabase, hosting, and secure authenticationAccount emails, profile data, student code files
StripeSecure payment processingCard details, billing address, parent name
Zoom / JitsiLive video conferencing and classroomsAudio, video, classroom text chats, screen shares
Google AnalyticsWebsite usage tracking and analyticsIP address, page views, referral source, device info
Meta PixelMarketing campaigns conversion trackingAd clicks, cookie identifiers, landing page visits

4GDPR Compliance (For European & UK Residents)

Under the General Data Protection Regulation (GDPR), BrainLea acts as both a **Data Controller** (for parent accounts and billing info) and a **Data Processor** (for live classroom elements managed by our instructors).

Lawful Bases for Processing

  • Contract Fulfillment: Necessary to register accounts, deliver live classes, and process payments.
  • Consent: When you opt-in to marketing communications or give consent for children's webcam sharing. You may withdraw consent at any time.
  • Legitimate Interests: Necessary to secure classrooms, evaluate teacher quality, and maintain platform stability.
  • Legal Obligation: Necessary to retain billing files for tax reporting.

International Data Transfers

Our services are managed globally. Data is stored in secure Firebase databases and processed by our core team in India.

To ensure adequate data protection, we utilize **Standard Contractual Clauses (SCCs)** approved by the European Commission, and enforce equivalent safety rules for our staff and vendors.

Your GDPR Rights

Residents of the EEA and UK have the following rights:

  • Right to access stored personal data
  • Right to rectify inaccurate records
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

To exercise these rights, please contact our Data Protection Officer at privacy@brainlea.com.

5CCPA Compliance (For California Residents)

Under the California Consumer Privacy Act, as amended by the CPRA (collectively, "CCPA"), California residents have specific rights regarding their personal information.

Notice of Collection

We collect identifiers (name, email, IP address), financial information (billing info via Stripe), educational details (lessons, code files), and internet activity (analytics). We collect these to deliver, manage, and secure our coding platform.

No Sale or Share of Personal Information

BrainLea has not sold and does not sell your personal information. Furthermore, we do not share children's personal information for cross-context behavioral advertising.

Your California Rights

  • Right to Know: Request disclosures on what categories and specific pieces of data we collected.
  • Right to Delete: Request deletion of personal information, subject to legal limits (such as active billing contracts).
  • Right to Correct: Request correction of inaccurate personal data.
  • Right to Opt-Out: Opt-out of any potential sharing of your data.
  • Right to Non-Discriminrimination: We will not deny services or change prices if you choose to exercise your rights.

6COPPA Notice (Children's Privacy)

We are deeply dedicated to protecting children's safety online. We do not collect personal information from children under the age of 13 without verifiable parental consent. For complete details, please read our dedicated COPPA Notice.

7Cookies and Tracking

We use cookies to analyze web traffic, remember preferences, and verify user log-in sessions. For full information on cookie details, categorizations, and opt-out paths, check out our Cookie Policy.

8Data Retention and Security

We retain personal data only as long as necessary to fulfill the services purchased, manage accounting, or comply with legal responsibilities. Classroom session recordings are deleted or archived within 6 months of collection, unless a parent requests a prolonged retention window for educational review.

We use secure socket layer (SSL) encryption, firewalls, and restricted database permissions to protect your information. However, please remember that no digital storage or internet transmission is 100% secure.

9Changes to This Policy

We may update this Privacy Policy periodically to reflect operational, legal, or regulatory modifications. The "Last Updated" date at the top of this page indicates the date of the latest revisions.

Contact Our DPO

If you have any questions, concerns, or requests regarding this policy or your personal data, please contact our Data Protection Officer:

privacy@brainlea.com