Privacy Policy

Meta Xcel Academy LLC ("Meta Xcel," "we," "us," or "our") is committed to protecting the privacy of our students, website visitors, and all individuals who interact with our services. This Privacy Policy describes how we collect, use, disclose, and safeguard personal information in connection with our website, learning platform, and educational services.

This Policy applies to all personal information we collect through our website at meta-xcel.com, our learning management system, our communications, and any other services we provide. It does not apply to third-party websites or services that may be linked from our platform.

By using our services, you acknowledge that you have read and understood this Privacy Policy. If you have questions or concerns, please contact us using the information in Section 13.

2.1 Information You Provide Directly. We collect information you voluntarily provide when you:

• Register or apply: Name, email address, phone number, mailing address, date of birth, educational background, employment history, and program preferences;
• Enroll and pay: Billing address, payment method information (processed securely by our payment processor — we do not store full card numbers), and enrollment agreement data;
• Use the learning platform: Course progress, assignment submissions, assessment responses, project work, and communications with instructors;
• Contact us: Messages, inquiries, and supporting documentation submitted through any communication channel;
• Participate in surveys or events: Responses to feedback surveys, testimonials you provide, and event registration information.

2.2 Information Collected Automatically. When you access our website or platform, we automatically collect certain technical information, including:

• IP address, browser type and version, operating system, and device identifiers;
• Pages visited, time spent on pages, links clicked, and navigation patterns;
• Referring URLs and search terms used to reach our site;
• Session data, login timestamps, and platform usage metrics;
• Cookie and similar tracking technology data (see Section 5 and our Cookie Notice).

2.3 Information from Third Parties. We may receive information about you from:

• LinkedIn and other professional networks if you choose to connect your account or apply via a social login;
• Background verification or identity verification providers, where applicable and with your consent;
• Employer partners or referral sources who recommend you to our programs;
• Payment processors and financial institutions in connection with tuition transactions.

2.4 Sensitive Information. We do not intentionally collect sensitive personal information such as government identification numbers, health information, biometric data, or financial account credentials beyond what is necessary to process tuition payments through our secure payment processors.

We do not use your personal information to make solely automated decisions that produce significant legal effects on you without human oversight.

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

4.1 Service Providers. We share information with trusted third-party vendors who assist us in operating our business, including:

• Learning management system providers;
• Payment processors (e.g., Stripe, PayPal) — subject to their own privacy policies and PCI-DSS compliance;
• Video conferencing and communication platforms (e.g., Zoom, Slack);
• Email and SMS communication service providers;
• Analytics and website performance services (e.g., Google Analytics);
• Customer relationship management (CRM) platforms.

All service providers are contractually bound to use your data only as directed by us and in accordance with applicable law.

4.2 Employer Partners. With your explicit prior consent, we may share your name, resume, and relevant program completion information with prospective employers or hiring partners in connection with job placement activities.

4.3 Legal and Regulatory Obligations. We may disclose your information when required by law, regulation, or legal process, including subpoenas, court orders, or government agency demands. Where legally permissible, we will notify you of such disclosures.

4.4 Protection of Rights. We may disclose information to prevent fraud, enforce our Terms of Use, protect the safety of our students or staff, or protect the legal rights of Meta Xcel Academy.

4.5 Business Transfers. If Meta Xcel Academy is involved in a merger, acquisition, restructuring, or sale of all or substantially all of its assets, your personal information may be transferred as part of that transaction. You will be notified via email and/or a prominent notice on our website prior to such a transfer, and given the opportunity to opt out where required by law.

4.6 Aggregated & De-Identified Data. We may share aggregated, de-identified, or anonymized data that cannot reasonably identify you individually, for research, industry reporting, or marketing purposes.

We use cookies, web beacons, pixel tags, and similar tracking technologies to operate and improve our website and platform. For a full description of the cookies we use, their purposes, and how to manage your preferences, please refer to our Cookie Notice.

In summary, we use:

• Strictly necessary cookies: Required for the platform to function (authentication, session management, security);
• Analytics cookies: To understand how visitors use our site and improve performance;
• Preference cookies: To remember your settings and personalize your experience;
• Marketing cookies: To deliver relevant advertising and measure campaign effectiveness (with your consent where required).

You may manage cookie preferences through your browser settings or via our cookie consent manager. Note that disabling certain cookies may affect the functionality of our platform.

We retain personal information for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law.

When personal information is no longer required, we securely delete or de-identify it in accordance with our data destruction procedures. You may request earlier deletion of your data subject to applicable exceptions (see Section 8 and 9).

We implement commercially reasonable physical, technical, and administrative safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction, including:

• Encryption of personal data in transit using TLS/HTTPS protocols;
• Encryption of sensitive data at rest;
• Access controls limiting employee access to personal data on a need-to-know basis;
• Regular security assessments and penetration testing;
• Employee privacy and security training;
• Incident response procedures including timely breach notification.

In the event of a data breach that affects your personal information and creates a material risk of harm, we will notify you and applicable regulatory authorities as required by the Virginia Consumer Data Protection Act and other applicable law, typically within 60 days of discovery unless law enforcement instructs otherwise.

Important: No security system is impenetrable. We cannot guarantee absolute security of your personal information. You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs through your account.

If you are a resident of the Commonwealth of Virginia, the Virginia Consumer Data Protection Act (Va. Code § 59.1-571 et seq., effective January 1, 2023) grants you the following rights with respect to your personal data:

How to submit a request: To exercise any of the above rights, submit a verifiable request to info@meta-xcel.com with the subject line "VCDPA Privacy Rights Request." We will respond within 45 days; complex requests may require an additional 45 days with notice. We will not discriminate against you for exercising your privacy rights.

If you are a resident of California, the California Consumer Privacy Act (Cal. Civ. Code § 1798.100 et seq.), as amended by the California Privacy Rights Act (CPRA), grants you additional rights. This section supplements the information above.

Categories of Personal Information Collected: In the past twelve (12) months, we have collected the following categories of personal information as defined by the CCPA:

• Identifiers (name, email, IP address, device ID);
• Personal information categories listed in Cal. Civ. Code § 1798.80(e) (name, address, telephone number);
• Commercial information (tuition payment records, enrollment history);
• Internet or other electronic network activity information (browsing data, platform usage);
• Geolocation data (approximate location from IP address);
• Professional or employment-related information (resume data provided for career services);
• Education information (program enrollment, course progress, credentials).

Your California Rights: In addition to the rights described above, California residents have the right to:

• Know what categories of personal information we collect, use, share, or sell;
• Delete personal information we have collected (subject to exceptions);
• Opt out of the "sale" or "sharing" of personal information (we do not sell personal information);
• Limit use of sensitive personal information to specified purposes;
• Non-discrimination for exercising your privacy rights;
• Designate an authorized agent to submit requests on your behalf.

To submit a California rights request, contact us at info@meta-xcel.com with "CCPA/CPRA Privacy Request" in the subject line. We will respond within 45 days of receiving a verifiable consumer request.

Shine the Light: California Civil Code § 1798.83 permits California residents to request a list of third parties to whom we have disclosed personal information for direct marketing purposes in the prior calendar year. We do not share personal information for direct marketing purposes.

Our services are directed to adults and are not intended for use by children under the age of sixteen (16). We do not knowingly collect personal information from children under 16 without verifiable parental consent in accordance with the Children's Online Privacy Protection Act (COPPA), 15 U.S.C. §§ 6501–6506.

If we become aware that we have inadvertently collected personal information from a child under 16 without appropriate consent, we will take prompt steps to delete such information from our records. If you believe we may have inadvertently collected information from a child under 16, please contact us immediately at info@meta-xcel.com.

Individuals between the ages of 16 and 17 may only enroll in our programs with documented parental or guardian consent, as described in the Terms of Use.

Our services are operated in and primarily intended for users in the United States. If you access our services from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence.

By using our services from outside the United States, you consent to the transfer of your personal information to the United States and to the processing of your information in accordance with this Privacy Policy and applicable U.S. law.

If you are located in the European Economic Area, the United Kingdom, or Switzerland, and you believe our processing of your personal data raises concerns under GDPR or equivalent law, please contact us at info@meta-xcel.com. We will work in good faith to address your concerns.

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will:

• Update the "Last Updated" date at the top of this Policy;
• Send email notice to enrolled students at least fourteen (14) days before changes take effect;
• Display a prominent banner notification on our website.

For non-material changes (typographical corrections, clarifications, or reformatting), we will update this Policy without prior notice. We encourage you to review this Policy periodically. Your continued use of our services after the effective date of any changes constitutes acceptance of the revised Policy.

Prior versions of this Privacy Policy are available upon request.

For privacy-related questions, requests, or complaints, please contact our Privacy Officer:

If you are not satisfied with our response to your privacy concern, you have the right to file a complaint with the Virginia Attorney General's Office (for VCDPA matters) or the California Privacy Protection Agency (for CCPA/CPRA matters), as applicable.