Privacy Policy

Last Updated: February 9, 2026

Effective Date: February 9, 2026

This Privacy Policy describes how your personal information is collected, used, shared, and protected when you use the services and client portal operated by Fennec Agency (Fennec360) and Fennec360 LLC (collectively referred to as “Fennec360,” “we,” “us,” or “our“).

We are committed to protecting your privacy and handling your personal data transparently, in compliance with the European Union General Data Protection Regulation (GDPR), the Algerian Data Protection Law (Loi n°18-07 du 10 juin 2018), the California Consumer Privacy Act (CCPA), the Family Educational Rights and Privacy Act (FERPA), and the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA).

1. Data Controllers & Operators

Data Controller (Service Provider):

Name: Fennec Agency (Fennec360)
Registration: 15/00 – 5231131 A 22
Address: Tours Villa, Alioua Building, 3rd Floor, Tizi Ouzou, Algeria

Platform Operator (Data Processor):

Name: Fennec360 LLC
Registration: 2024-001402203
Address: 312 West 2nd Street #A3570, Casper, WY 82601, United States

Fennec Agency acts as the primary data controller, determining the purposes and means of processing your personal data. Fennec360 LLC operates the digital platform and processes data on behalf of Fennec Agency under a data processing agreement.

2. Information We Collect

We collect and process the following categories of personal data:

2.1 Identity & Contact Information

Full name, date of birth, gender, nationality
Email address, phone number, postal address
Profile photo (optional)
Emergency contact details

2.2 Educational Records

Academic transcripts and diplomas
Language proficiency test scores (IELTS, TOEFL, TCF, DELF, etc.)
Enrollment history and current academic status
Letters of recommendation and motivation letters

2.3 Immigration & Travel Documents

Passport copies and national ID documents
Visa application documents and status
Travel itineraries and accommodation details
Birth certificates and civil status documents

2.4 Financial Information

Bank statements and proof of financial means
Invoices, payment history, and billing details
Scholarship or sponsorship documentation

2.5 Technical & Usage Data

IP address, browser type, operating system
Portal usage logs and session data
Cookies and similar tracking technologies

2.6 Communications

Support tickets and messages exchanged through the portal
Email correspondence
Notes related to your file or project

3. How We Collect Your Data

We collect personal data through the following means:

Directly from you: When you register on our portal, submit application forms, upload documents, or communicate with our team.
Through our client portal: When you use our platform to manage your projects, view invoices, or access services.
From third parties: Universities, educational institutions, embassies, and partner organizations may provide us with information related to your applications.
Automatically: Through cookies and similar technologies when you browse our portal.

4. Purpose & Legal Basis for Processing

We process your personal data for the following purposes and legal bases:

Purpose	Legal Basis
Providing education abroad consulting services	Performance of a contract
Processing university and program applications	Performance of a contract
Immigration and visa assistance	Performance of a contract
Internship and job placement services	Performance of a contract
Invoicing, payments, and financial records	Legal obligation / Contract
Communication regarding your projects and applications	Performance of a contract
Sending marketing communications and program updates	Consent
Improving our services and portal functionality	Legitimate interest
Complying with legal and regulatory obligations	Legal obligation
Protecting against fraud and unauthorized access	Legitimate interest

5. Data Sharing & Third Parties

We may share your personal data with the following categories of recipients, solely for the purposes described in this policy:

5.1 Educational Institutions

Universities, colleges, language schools, and training centers to which you are applying or enrolled.

5.2 Government & Immigration Authorities

Embassies, consulates, visa processing centers, and immigration offices as required for your applications.

5.3 Partner Organizations

Accommodation providers, insurance companies, travel agencies, and internship host organizations involved in delivering our services.

5.4 Payment Processors

Secure third-party payment service providers for processing transactions.

5.5 Technology Providers

Cloud hosting, email delivery, and other technology providers who support our platform operations under strict data processing agreements.

5.6 Legal & Regulatory Bodies

When required by law, court order, or regulatory authority.

We do not sell your personal data to any third party.

6. International Data Transfers

Given the nature of our services, your personal data may be transferred to and processed in countries outside your country of residence, including:

Algeria: Where Fennec Agency operates as the primary service provider.
United States: Where Fennec360 LLC operates the platform infrastructure.
European Union: Where partner universities and institutions may be located.
Canada, United Kingdom, and other countries: Where educational institutions and immigration authorities process your applications.

When transferring data internationally, we implement appropriate safeguards including:

Standard Contractual Clauses (SCCs) approved by the European Commission
Data processing agreements with all third-party processors
Ensuring recipients maintain adequate security measures
Compliance with the adequacy decisions and transfer mechanisms recognized under applicable laws

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

Data Category	Retention Period
Account and profile data	Duration of the business relationship + 3 years
Application and educational documents	Duration of the application process + 5 years
Immigration and visa documents	Duration of the process + 5 years
Financial records and invoices	10 years (legal obligation)
Communication records	3 years after last interaction
Consent records	Duration of consent + 5 years
Technical and usage logs	12 months
Marketing preferences	Until consent is withdrawn

After the applicable retention period, data is securely deleted or anonymized.

8. Your Rights

Depending on your location and applicable laws, you have the following rights regarding your personal data:

8.1 Under the EU General Data Protection Regulation (GDPR)

Right of Access: Request a copy of the personal data we hold about you.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure: Request deletion of your personal data (“right to be forgotten”).
Right to Data Portability: Receive your data in a structured, machine-readable format.
Right to Restrict Processing: Request limitation of processing under certain conditions.
Right to Object: Object to processing based on legitimate interests or for direct marketing.
Right to Withdraw Consent: Withdraw consent at any time for consent-based processing.

8.2 Under the Algerian Data Protection Law (Loi n°18-07)

Right of Access: Obtain information about whether your data is being processed and access it.
Right to Rectification: Request correction, completion, update, or deletion of your data.
Right of Opposition: Object to the processing of your data for legitimate reasons.
Right to Deletion: Request the deletion of data that is no longer necessary.

8.3 Under the California Consumer Privacy Act (CCPA)

Right to Know: Request disclosure of the categories and specific pieces of personal information collected.
Right to Delete: Request deletion of personal information collected from you.
Right to Opt-Out: Opt out of the sale of your personal information (we do not sell personal data).
Right to Non-Discrimination: Not receive discriminatory treatment for exercising your rights.

8.4 Under the Canadian PIPEDA

Right of Access: Request access to your personal information held by us.
Right to Challenge Compliance: Challenge our compliance with PIPEDA principles.
Right to Withdraw Consent: Withdraw consent for the collection, use, or disclosure of your information, subject to legal or contractual restrictions.

To exercise any of these rights, you may:

Use the GDPR section in your client portal account
Contact us using the details provided in Section 13 below

We will respond to your request within 30 days (or as required by applicable law).

9. Cookies & Tracking Technologies

Our portal uses cookies and similar technologies to:

Essential cookies: Ensure the portal functions correctly (session management, authentication, security).
Preference cookies: Remember your settings such as language and theme preferences.
Analytics cookies: Understand how you use our portal to improve our services.

You can manage your cookie preferences through your browser settings. Disabling essential cookies may affect the functionality of our portal.

10. Children’s Privacy

Some of our clients may be minors (under 18 years of age). When providing services to minors:

We require parental or guardian consent before processing their personal data.
We collect only the information necessary to provide our services.
Parents or guardians may exercise data rights on behalf of the minor.
We comply with the Children’s Online Privacy Protection Act (COPPA) for users under 13, and the Family Educational Rights and Privacy Act (FERPA) where applicable to educational records.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Encrypted data transmission (TLS/SSL)
Secure data storage with access controls
Regular security assessments and updates
Staff training on data protection practices
Incident response procedures for data breaches

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay, as required by applicable law.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes:

We will update the “Last Updated” date at the top of this policy.
We will notify you via email or through a notice on our portal for significant changes.
Your continued use of our services after notification constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or have concerns about how your data is handled, you may contact us at:

Fennec Agency (Fennec360) — Data Controller
Tours Villa, Alioua Building, 3rd Floor
Tizi Ouzou, Algeria
Registration: 15/00 – 5231131 A 22

Fennec360 LLC — Platform Operator
312 West 2nd Street #A3570
Casper, WY 82601, United States
Registration: 2024-001402203

You also have the right to lodge a complaint with a supervisory authority in your country of residence if you believe your data protection rights have been violated.