Privacy Policy
Last Updated: May 7, 2026
1. Introduction
Welcome to STANDOutEdu.
This Privacy Policy explains how STANDO LTD (“Company”, “we”, “our”, or “us”) operating under the commercial brands STANDOutEdu and MOSSA, collects, uses, stores, shares, and protects personal data when you use our website, platforms, services, training activities, educational programs, research initiatives, communication channels, and related services operated under our brands and affiliated entities.
Affiliated companies include PNEVMA LLC, EDINET RESEARCH & DEVELOPMENT LTD and INNOVAQEU S.L. (collectively, the “Affiliated Companies”). These entities operate independently and maintain their own legal identities.
We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Cyprus data protection legislation, and other applicable privacy laws.
2. Data Controller
The data controller responsible for the processing of personal data under this Privacy Policy is:
STANDO LTD
Operating under the brand name STANDOutEdu
Cyprus
Email: moc.udetuodnats@ofni
Website: standoutedu.com
For the purposes of this Privacy Policy:
- STANDOutEdu is a brand / trading name operated by STANDO LTD.
- STANDO LTD may operate additional educational, training, research, consultancy, innovation, and dissemination activities through affiliated entities and associated brands.
3. Multi-Brand and Affiliated Company Structure
STANDO LTD operates within a collaborative ecosystem of affiliated entities and brands involved in education, innovation, research, entrepreneurship, dissemination, training, and European-funded projects.
This Privacy Policy may also apply, where relevant, to activities conducted under or in cooperation with the following affiliated entities:
- PNEVMA LLC
- EDINET RESEARCH & DEVELOPMENT LTD
- INNOVAQEU S.L.
These entities may collaborate with STANDO LTD in:
- Erasmus+ projects,
- AMIF projects,
- research activities,
- educational services,
- dissemination campaigns,
- conferences and events,
- digital learning environments,
- training programs,
- innovation initiatives,
- consultancy activities,
- and community engagement actions.
Depending on the nature of the activity, these entities may act as:
- data processors acting on behalf of STANDO LTD,
- independent data controllers,
- or joint controllers in collaborative projects.
Where joint control arrangements apply, appropriate GDPR-compliant agreements and safeguards are implemented.
4. Scope of This Policy
This Privacy Policy applies to:
- visitors of our websites,
- learners and trainees,
- educators and trainers,
- project participants,
- event attendees,
- newsletter subscribers,
- research participants,
- collaborators and partners,
- applicants and job candidates,
- users of digital learning platforms,
- and individuals communicating with us.
5. Personal Data We Collect
We may collect and process the following categories of personal data:
Identification Data
- full name,
- company or organization,
- professional role,
- nationality (where required for projects),
- participant identifiers.
Contact Information
- email address,
- phone number,
- postal address,
- social media contact details.
Educational & Professional Information
- CVs,
- qualifications,
- training records,
- certifications,
- learning progress,
- participation history.
Technical Data
- IP address,
- browser type,
- device information,
- operating system,
- cookies and usage analytics,
- login credentials for digital platforms..
Communication Data
- emails,
- messages,
- meeting records,
- support requests,
- survey responses,
- feedback forms.
Project and Research Data
- participation in Erasmus+ or EU-funded activities,
- workshop contributions,
- questionnaires,
- focus group participation,
- dissemination involvement,
- evaluation and monitoring information.
Media Content
With your consent or where legally permitted:
- photographs,
- videos,
- audio recordings,
- testimonials,
- promotional content.
6. Special Categories of Data
In limited cases, particularly in research, inclusion, accessibility, or EU-funded projects, we may process special categories of personal data as defined under Article 9 GDPR, including:
- health-related accessibility information,
- disability accommodations,
- inclusion-related information,
- demographic information voluntarily provided.
Such processing occurs only:
- with explicit consent,
- where legally required,
- or where permitted under GDPR for research, inclusion, or social protection purposes.
7. Legal Bases for Processing
We process personal data under one or more of the following legal bases:
Consent
Where you have provided explicit consent.
Contractual Necessity
To provide services, training, project participation, or educational activities.
Legal Obligation
To comply with applicable laws, regulations, funding obligations, and reporting requirements.
Legitimate Interests
For:
- service improvement,
- communication,
- operational management,
- project coordination,
- quality assurance,
- security,
- fraud prevention,
- dissemination of professional activities.
Public Interest / Research Purposes
For educational, scientific, or socially beneficial research activities in accordance with GDPR safeguards.
8. How We Use Personal Data
We may use personal data to:
- provide educational and training services,
- manage participation in projects and events,
- operate digital learning platforms,
- communicate with users and participants,
- deliver newsletters and updates,
- conduct research and evaluation,
- manage EU-funded projects,
- issue certificates,
- improve services and website functionality,
- maintain security,
- fulfill legal and contractual obligations,
- promote dissemination and visibility activities,
- support networking and collaboration activities.
- advertise, market, and promote our services through social media platforms and digital advertising networks, including Google platforms, Meta platforms, and similar third-party advertising services.
9. Sharing of Personal Data
We may share personal data with:
Affiliated Entities
Including:
- PNEVMA LLC,
- EDINET RESEARCH & DEVELOPMENT LTD,
- INNOVAQEU S.L.
Project Partners
Including consortium members participating in European or international projects.
Service Providers
Such as:
- hosting providers,
- cloud storage providers,
- email communication platforms,
- webinar systems,
- LMS providers,
- analytics providers,
- IT support providers.
Public Authorities and Funding Bodies
Including:
- the European Commission,
- Erasmus+ National Agencies,
- governmental bodies,
- auditors,
- regulators.
Professional Advisors
Including:
- accountants,
- lawyers,
- auditors,
- consultants.
All third parties are required to implement appropriate confidentiality and GDPR safeguards.
10. International Data Transfers
Some service providers or project partners may process data outside the European Economic Area (EEA).
Where international transfers occur, we ensure appropriate safeguards through:
- European Commission adequacy decisions,
- Standard Contractual Clauses (SCCs),
- GDPR-compliant contractual protections,
- or other lawful transfer mechanisms.
11. Data Retention
We retain personal data only for as long as necessary for:
- educational and project purposes,
- legal compliance,
- contractual obligations,
- funding and audit requirements,
- dispute resolution,
- research archiving where permitted.
Retention periods may vary depending on:
- project funding rules,
- accounting obligations,
- educational record requirements,
- consent duration.
12. Your Rights Under GDPR
Under GDPR, you may have the right to:
- access your personal data,
- correct inaccurate data,
- request deletion (“right to be forgotten”),
- restrict processing,
- object to processing,
- withdraw consent,
- request data portability,
- lodge a complaint with a supervisory authority.
Requests may be sent to: moc.udetuodnats@ofni
You also have the right to lodge a complaint with the: Office of the Commissioner for Personal Data Protection
13. Cookies and Tracking Technologies
Our websites may use:
- essential cookies,
- analytics cookies,
- performance cookies,
- embedded third-party services,
- social media integrations.
Cookies help us:
- improve website functionality,
- analyze traffic,
- enhance user experience,
- support communication and dissemination activities.
Users may manage cookie preferences through browser settings or cookie banners where applicable.
14. Security Measures
We implement appropriate technical and organizational security measures, including:
- encrypted communications,
- access controls,
- secure hosting,
- password protection,
- restricted access,
- staff confidentiality obligations,
- cybersecurity safeguards.
However, no online transmission or storage system can be guaranteed as completely secure.
15. Children’s Privacy
Our services are generally not directed toward children under the age required by applicable law without appropriate parental or institutional authorization.
Where educational activities involve minors, data processing is conducted under appropriate legal safeguards and institutional permissions.
16. Third-Party Links
Our websites may contain links to third-party websites or platforms.
We are not responsible for:
- external privacy practices,
- third-party content,
- or external data processing activities.
Users should review the privacy policies of external websites independently.
17. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect:
- legal changes,
- operational updates,
- technological developments,
- project requirements,
- or organizational changes.
Updated versions will be published on: STANDOutEdu Privacy Policy
18. Contact Information
For privacy-related inquiries, requests, or complaints, please contact:
STANDO LTD
Brand: STANDOutEdu
Cyprus
Email: moc.udetuodnats@ofni
Website: standoutedu.com