Privacy Policy

Personal information should support the learning relationship—not become a product in its own right.

This policy explains how Internet Learning Solutions (Pty) Ltd handles personal information across the Xtreme Virtual Campus, its learning systems, communication routes, Pedagogical Engineer Channels and connected services.

Who is responsible

One legal entity stands behind the wider XVC environment.

Internet Learning Solutions (Pty) Ltd is the responsible party for personal information collected through XVC-controlled websites, forms, learning routes, account systems, reports, subscriptions, support arrangements and Pedagogical Engineer administration.

This policy applies across the Xtreme Virtual Campus environment, including public XVC pages, learning-management and account systems, the Over-the-Shoulder AI Tutor, diagnostic activities, reports, XVC Club, PE Channels, Human Tutor Fallback arrangements, communication routes and related educational resources.

Internet Learning Solutions (Pty) Ltd

Registration number: 2020 / 932465 / 07

12 Oyster Road, Centurion, South Africa

Information Officer: role-based contact

Privacy email: Enable JavaScript to display the address

Our privacy approach

Collect what is useful, protect what is entrusted, and avoid unnecessary disclosure.

Purpose first

Information is collected for defined educational, support, communication, safety, administrative or lawful purposes.

Not for sale

Personal information is not sold or disclosed for unrelated commercial exploitation.

Parent involvement

Where a learner is under 18, parent or guardian involvement applies to consent, paid access, reports and continuing service arrangements.

Reasonable care

Security and privacy measures are applied honestly, without claiming that any online system can be made completely risk-free.

What we may collect

The information depends on the route a person chooses to use.

Parent, guardian and contact information

Names, email addresses, cellphone numbers, town or location details, relationship to the learner, consent records, communication preferences and written instructions about report recipients.

Learner information

Name and surname, grade, school or schooling context, preferred language, optional date of birth, most recent Mathematics percentage, town or location information and parent-supplied details needed to match the learner to the correct profiles and records.

Account information

User-generated usernames, account email addresses, profile details, consent records and account status. Passwords are handled through the relevant account system. Where support is required, a temporary password may be issued and should be changed when practical.

Learning and participation records

Completed activities, quiz attempts, answers, results, diagnostic information, remediation routes, access records, technical logs and other information generated through use of the learning environment.

Communications and support records

Emails, WhatsApp messages, voice notes, screenshots, support queries and other material voluntarily shared during onboarding, account support, Human Tutor Fallback or safeguarding communication.

Pedagogical Engineer information

Verified legal identity, contact and onboarding details, public profile choices, subjects, grades, experience, qualifications, learner nominations, Channel administration, resource contributions, ratings, earnings and payment information where required.

Technical information

IP addresses, device or browser information, dates, times, requested pages, login and session data, security logs and cookies required for account, learning or platform functionality.

Orders, payments, vouchers and delivery records

Where a person buys, requests or receives access to a PE Channels product or service, we may record the buyer’s name and email address, the product or Resource selected, order reference, amount, currency, payment and verification status, fulfilment status, access-voucher details, delivery-email status and limited download-use information. Additional contact, learner, country or time-zone information is requested only where the particular enrolment, tutoring, subscription or manual-activation route reasonably requires it.

Why information is used

Information is used to operate a managed learning relationship.

Onboarding and personal contact

To respond to site-wide interest forms, communicate personally on WhatsApp, answer questions, understand preferences and guide a family toward a suitable XVC route.

Education and remediation

To provide learning activities, diagnostics, reports, explanations, practice, video support, Human Tutor Fallback and appropriate follow-up routes.

Account and service administration

To create, verify, support, suspend or restore accounts; administer subscriptions and access; respond to enquiries; and maintain lawful records.

Reporting

To send parent-approved weekly reports containing the learner’s first name, completed Moodle activity, quiz results and related remediation information.

Safety and legal duties

To investigate serious concerns, preserve necessary records, protect a learner or another person, comply with legal duties and respond to lawful requests.

Improvement and quality control

To identify technical defects, educational errors, support needs and practical improvements without using private learner conversations as an intentional AI-training dataset.

PE Channels payments and delivery

Payment records are separated from card and banking credentials.

PE Channels creates a local order reference before a buyer is handed over to the selected payment provider. This allows the order, amount, product, buyer contact details and fulfilment route to be matched to the payment result and enables support, refunds, dispute handling and lawful financial record-keeping.

For PayFast transactions, PE Channels may receive and verify a server-to-server payment notification containing transaction identifiers, payment status, amount, merchant information, payer details supplied by the provider, verification information and technical source data. Raw notification content is retained only for the configured operational period and is then redacted where it is no longer required, unless a legal hold or another lawful retention reason applies.

Internet Learning Solutions does not collect or store the buyer’s card number, CVV, online-banking password, banking login credentials or one-time password. Those details are handled by PayFast, the issuing bank and their security providers.

Where a verified purchase grants a protected download, the system may create a unique access voucher and a difficult-to-guess customer download link. The voucher is linked to the order and may record the number and dates of successful downloads. Anyone who possesses the bearer link may use an available download, so recipients should protect it as they would another access credential.

The payment return page alone does not create trusted access. Automatic fulfilment is granted only after the server notification has passed the required order, merchant, amount, source, server and signature checks, or after an authorised administrator has independently verified an exceptional payment.

Children and learners

A basic profile is not the same as full onboarding or an ongoing service relationship.

A person under 18 may technically create a basic profile on a public account system, but paid access, continuing services, parent reports, direct Human Tutor Fallback communication and other controlled progression points require appropriate parent or guardian involvement.

Parents and guardians are asked to provide age-appropriate oversight of the learner’s use of Moodle, AI-supported services, PE Channels, email, WhatsApp, video platforms and external links. Parent consent does not remove the learner’s own privacy interests or Internet Learning Solutions’ safeguarding responsibilities.

An authorised parent or legal guardian may request access to a minor learner’s educational and account information after reasonable verification. Information connected to a serious safeguarding concern may be handled separately where immediate disclosure could increase risk, expose another person’s information or interfere with an appropriate legal or safeguarding response.

Serious safety messages may be preserved through screenshots, chat exports or factual incident notes where reasonably necessary to protect the learner, maintain an accurate record or comply with a reporting duty. Ordinary learner communications are not copied into separate records without a legitimate reason.

AI-supported services

Private AI conversations require external processing to generate a response.

Information entered into an AI-supported service is transmitted to the platform and model providers required to generate a response. The way those providers store, retain or use information depends on the relevant service, account configuration and provider terms.

Internet Learning Solutions and a Pedagogical Engineer cannot view a learner’s private Over-the-Shoulder AI Tutor conversations unless the learner chooses to share them, for example through a screenshot. Conversation storage and deletion available within the learner’s account remain under the learner’s control, subject to the platform’s technical operation.

Internet Learning Solutions does not intentionally use private learner conversations to train AI models. Learners should nevertheless avoid entering unnecessary identifying, private or sensitive information because external processing is required to produce the response.

Some providers may process information outside South Africa. Internet Learning Solutions takes reasonable steps to use providers and arrangements that offer appropriate protection, while recognising that external systems remain subject to their own infrastructure and terms.

Sharing and service providers

Information is not distributed merely because it is available.

Parent-approved recipients

Reports may be sent to parents, guardians, teachers or another stakeholder only where the parent or legal guardian has authorised that recipient in writing.

Pedagogical Engineers

A PE may receive information connected to learners in that PE’s Channel or support relationship where the parent has consented and the information is needed for the educational purpose.

Authorised service providers

External providers may process information for hosting, account administration, communications, email delivery, payment processing, cloud infrastructure or AI-supported services, but only to the extent required for the relevant function.

Lawful or protective disclosure

Information may be disclosed where required or permitted by law, to respond to a lawful request, protect a person, investigate a serious concern or support an appropriate authority or specialist service.

No unrelated commercial disclosure

Personal information is not sold and is not disclosed for unrelated commercial purposes.

Payment, email and delivery providers

Payment providers, banks, email-delivery services, hosting providers and related security services may process the minimum information required to receive payment, verify a transaction, deliver access, send a receipt or access email, prevent fraud and maintain the service. Their own privacy and security terms also apply to the processing under their control.

Reports and communications

Delivery can be controlled; later handling by the authorised recipient cannot.

Internet Learning Solutions takes reasonable care to send learner reports only to parent-approved recipients using the contact details supplied for that purpose. A parent or legal guardian may add, change or withdraw an authorised report recipient by written email after reasonable verification.

Once a report has been delivered to an authorised recipient, its later storage, forwarding, printing, disclosure and device security fall outside Internet Learning Solutions’ direct control. Recipients are expected to protect the learner’s information and avoid unnecessary sharing.

WhatsApp is the preferred route for onboarding, service-related communication, account support and Human Tutor Fallback arrangements because it enables faster and more personal contact. It is not used for unsolicited promotional messaging.

Formal privacy requests should be made by email so that an appropriate written record is retained.

Cookies and automatic information

The public site is not designed as a behavioural tracking system.

XVC does not currently use advertising cookies, behavioural profiling or optional analytics tools to track visitors across the public website. Limited technical information may nevertheless be processed automatically by hosting systems, security services, embedded resources or an external destination selected by the visitor.

Account and learning systems may use cookies that are necessary for login, security, session continuity, preferences and correct operation. Moodle and related systems may also record IP addresses and access logs.

If optional analytics, advertising or similar tracking tools are introduced later, this policy and any required consent mechanism will be reviewed before or when those tools are deployed.

Retention and inactive accounts

Different records have different purposes, retention periods and end points.

PE Channels stores operational and transaction information in a restricted SQLite database on the XVC server. Database records may include orders, buyer contact details, payment-verification results, transaction references, access vouchers, fulfilment history, download-use records, privacy actions and legal holds. Access is limited to authorised administrative functions and people whose role requires it.

Retention is managed by configurable rules rather than an indefinite “keep everything” approach. The current operational defaults are 30 days for pending or unpaid checkouts, 90 days for cancelled or abandoned checkouts, 90 days for raw PayFast notification content, 180 days for download-audit information and 365 days for completed-order contact information that is no longer required for ordinary fulfilment or support. A seven-day preview or grace period applies before an eligible automated action is carried out.

Completed financial and accounting records may be retained for at least five years, or longer where a tax, legal, audit, refund, fraud, safeguarding, dispute or enforcement requirement applies. Keeping the financial record does not mean that all buyer details must remain attached to it for the full period.

Where a record must remain but the person’s identity is no longer required, the system may anonymise or de-identify the operational information. This means removing or replacing identifying fields such as the buyer’s name, email address, phone number, learner name, country, time zone, payer email, source address or raw checkout payload while preserving the minimum non-identifying order, amount, product, status, date and accounting trail.

Automated retention processing is designed to run through a protected server-side scheduled task. Each run and each material privacy action is recorded in an administrative audit log. A legal hold prevents the relevant order and linked payment, voucher or download-audit information from being anonymised or deleted while the hold remains justified.

Authorised administrators may also apply lawful manual anonymisation or deletion actions. The system should not delete a record that remains subject to a legal hold or a required financial, legal, safety or dispute-retention obligation.

Backups may contain records that have since been anonymised or removed from the active database. Backups are protected, retained for continuity and disaster recovery, and should expire or be securely replaced according to the applicable backup schedule rather than being used as an ordinary source of restored personal information.

Downloaded XVC Pocket Practice files and other resources stored on a user’s device cannot be remotely deleted by Internet Learning Solutions.

Security

Reasonable safeguards are applied without pretending that online risk can be eliminated.

Internet Learning Solutions takes reasonable technical and organisational measures to protect personal information against loss, unauthorised access, misuse, alteration or disclosure.

Measures may include password-protected systems, restricted administrative access, account suspension, platform security controls, careful handling of learner information, limited sharing, secure payment providers and access to records only where the role or purpose requires it.

No online system, device, email account, messaging platform, hosting environment or external provider can be guaranteed to be completely secure. Users should protect their own devices, accounts and login details and should report suspected unauthorised access promptly.

For PE Channels, safeguards also include server-side payment verification, protected-file delivery, difficult-to-guess voucher links, restricted Dashboard access, separation of payment credentials from local order records, legal-hold controls, retention audit logs and a command-line-only retention runner that is not intended to be opened through a public browser address.

Access, correction and deletion

Requests should be clear, written and capable of reasonable verification.

An adult account holder, parent, legal guardian or authorised person may request access to, correction of or deletion of relevant personal information by emailing the Information Officer. Internet Learning Solutions may take reasonable steps to confirm identity, account ownership, guardianship or authority before acting.

Where deletion is appropriate, information will be deleted, de-identified or restricted as reasonably practicable. Some records may remain where continued retention is required or permitted by law, necessary for a lawful purpose, relevant to safeguarding, financial administration, an unresolved dispute or another legitimate obligation.

A person may withdraw optional marketing consent without losing ordinary educational access. XVC does not currently send unsolicited WhatsApp marketing. Service communications and parent-requested educational reports remain separate from optional marketing.

A person may also ask for an explanation of the categories of information held about an order, the purpose for which they are used, and whether a legal hold or statutory retention requirement prevents immediate deletion.

A deletion request does not always require the entire transaction record to disappear. Where a minimum financial, legal, fraud-prevention, safety or dispute record must remain, identifying operational fields may instead be anonymised, access may be restricted, and the reason for continued retention may be recorded.

Email the Information Officer

Changes and external services

Privacy wording must follow the real systems—not the other way around.

This policy may be updated when XVC introduces new services, changes providers, adds analytics, alters reporting, expands PE Channels or changes the way personal information is collected or used.

Where a visitor enters or uses an external platform, that platform’s own privacy terms may also apply. Those external terms do not replace Internet Learning Solutions’ responsibilities for the information and choices under its control.

Material changes will be reflected by updating the review date on this page. Where a change significantly affects an existing consent or service relationship, additional notice or consent may be requested where appropriate.

Privacy contact

A privacy question should reach a real person and leave a clear written trail.

Send privacy, access, correction, deletion, anonymisation or consent-withdrawal requests to the Information Officer. The email address is assembled in the browser to reduce exposure to basic scraping tools. A person may also approach South Africa’s Information Regulator where a privacy concern cannot be resolved directly.

Email the Information Officer
This Privacy Policy was last reviewed on 10 July 2026.
Chat with a real human on WhatsApp