Information Stewardship Statement

How Information Emerges From Your Activity

Account Registration and Profile Assembly

Creating an account requires certain identifying elements—your chosen name, an email address we can reach, and optionally a phone number if you prefer text updates about program schedules. When you build out a profile for career development purposes, you might add educational background, prior experience in paleoecology or adjacent fields, research interests, and geographic preferences. This intake happens at discrete moments: initial signup, profile completion prompts, and voluntary updates you make over time.

The assembly serves operational needs. We use these details to match you with mentorship opportunities, recommend relevant courses or workshops, notify you about field research openings in your region, and tailor content suggestions. Without a baseline understanding of your background and objectives, personalization becomes impossible and the platform functions as a static repository rather than an adaptive tool.

Correspondence and Message Exchange

Email interactions, in-platform messages to instructors or peers, and support ticket submissions generate textual records. These remain accessible to relevant staff—support personnel for troubleshooting, program coordinators when you inquire about upcoming field sessions, administrative teams if billing questions arise. Automated systems occasionally scan subject lines or message metadata to route inquiries efficiently, but substantive content review happens manually and selectively.

We retain correspondence for accountability and service continuity. If you ask about registration deadlines in January 2026, we reference that exchange when following up in March. If a dispute over program participation emerges, message history provides factual grounding. Retention periods vary: active correspondence persists until resolution plus six months; routine transactional emails remain for three years to satisfy audit requirements; marketing messages you've consented to stay archived until you withdraw permission.

Browsing Patterns and Platform Navigation

Movement through the site generates logs—page views, time spent on resource pages, search queries within our course catalog, video watch durations. Server logs capture IP addresses, browser types, device categories. We derive usage insights from this: which resources prove most valuable, where users encounter friction, what content formats sustain engagement. These patterns inform interface refinements and content prioritization.

Individual browsing histories occasionally inform recommendations. If you've viewed multiple resources on Quaternary pollen analysis, our system might surface related workshops. But much of this analysis happens in aggregate—we're more interested in collective behavior than granular tracking of any single person's clicks.

Information Movement Beyond Our Organization

Several categories of external entities receive specific slices of your information under defined circumstances.

Service Infrastructure Providers

Cloud hosting, email delivery, payment processing, video streaming—these technical operations involve specialized vendors. Hosting providers access server data necessary to maintain uptime but aren't authorized to examine user details for their own purposes. Email platforms receive addresses and message content solely for transmission. Payment processors handle financial data under strict compliance frameworks; we never see full card numbers. Video platforms store instructional content and track view metrics but do so under data processing agreements limiting secondary use.

Program Partners and Collaborating Institutions

When you enroll in collaborative programs—joint workshops with universities, field research opportunities coordinated by conservation organizations—participating institutions receive relevant enrollment details. A university co-hosting a seminar series learns your name, contact information, and academic background you've chosen to share. Research organizations coordinating field placements receive applications including your experience summary and availability. These transfers occur only for programs you've actively joined, and partners operate under confidentiality commitments.

Legal and Regulatory Disclosures

Subpoenas, court orders, regulatory investigations—these occasionally compel information release. We evaluate each request for legal sufficiency and scope, narrowing disclosures where possible. If authorities seek records related to a specific inquiry, we provide what's legally required without volunteering additional material. In the past three years, we've received four such requests, all related to payment disputes rather than content or user activity.

Business Transition Scenarios

Should Finofo Eco merge with another organization, undergo acquisition, or restructure significantly, user information becomes part of transferred assets. Successor entities inherit responsibilities outlined here. We'd notify you of such transitions and any resulting policy changes before they take effect. You'd retain the ability to close your account if new ownership proves unacceptable.

Security Posture and Residual Risks

Our defensive strategy layers technical controls, access restrictions, and procedural safeguards. Encryption applies to data in transit via TLS protocols; databases housing sensitive information employ encryption at rest. Access follows need-to-know principles—support staff reach support tickets, instructors access enrolled student lists, billing teams view payment records. Administrative accounts require multi-factor authentication. Routine security audits test for vulnerabilities; penetration testing occurs biannually.

Despite these measures, absolute security remains impossible. Sophisticated attackers might breach defenses; insider threats could materialize despite vetting; third-party vendors might suffer compromises affecting our infrastructure. We can reduce risk but not eliminate it. In the event of a significant breach exposing sensitive details, we'd notify affected users within 72 hours, explain what occurred, describe remediation steps, and offer credit monitoring services if financial data was involved.

Your own security practices matter considerably. Weak passwords, reused credentials across sites, unpatched devices—these create vulnerabilities we can't control. We recommend unique passwords, password manager usage, and vigilance against phishing attempts. If suspicious activity touches your account, immediate notification allows us to freeze access and investigate.

Duration of Retention and Deletion Triggers

Information doesn't stay indefinitely, though timelines vary by category and purpose.

• Active account profiles: Persist as long as your account remains open, plus three years of inactivity before archival.
• Course enrollment records: Kept for ten years to support credential verification and alumni services, then anonymized for historical analysis.
• Financial transactions: Seven-year retention for tax compliance, after which only anonymized summaries remain.
• Correspondence and support tickets: Resolved issues archived after six months; ongoing matters retained until closure plus one year.
• Marketing consent records: Maintained until you withdraw permission, then deleted within 30 days except for a suppression record preventing re-contact.
• Legal hold materials: Preserved as long as litigation or regulatory matters remain active, occasionally exceeding standard timelines.

Account closure triggers immediate cessation of active processing. We'll delete or anonymize information within 90 days except where retention serves legitimate needs—unresolved billing disputes, regulatory obligations, fraud prevention. You'll receive confirmation once deletion completes.

Your Control Mechanisms and Available Actions

You're not passive here. Several intervention points exist.

Accessing and Reviewing What We Hold

Request a copy of information tied to your account by emailing contact@finofo-eco.com with "Data Access Request" in the subject line. Within 30 days, you'll receive a structured export covering profile details, enrollment history, correspondence, and activity logs. If the volume proves large, we might provide access via secure download rather than email attachment.

Correcting Inaccuracies

Update profile information directly through account settings. For details outside self-service access—billing records, support ticket history—email requests specifying what needs correction. We'll verify and update within two weeks, notifying you once changes take effect.

Limiting Processing Scope

Opt out of marketing communications via unsubscribe links or account preference controls. Request cessation of recommendation algorithms by contacting us, though this may reduce platform usefulness. Object to specific data uses by explaining your concerns; we'll evaluate whether alternative approaches can accommodate your preferences while maintaining service functionality.

Requesting Deletion

Close your account through settings or request deletion by email. We'll confirm receipt, verify identity, and process within 90 days. Some information persists where legally required or operationally necessary for residual obligations—anonymized analytics, suppression lists preventing unwanted contact, financial records under retention mandates.

Portability Requests

Request structured, machine-readable exports of information you've provided—profile data, uploaded materials, messages you've sent. This facilitates migration to other platforms if you choose to leave. We'll deliver exports in common formats (CSV, JSON) within 30 days.

Legal Grounding for Information Handling

Different justifications support various processing activities. Where you've explicitly consented—newsletter subscriptions, optional profile fields—we rely on that permission. For core service delivery—account management, program enrollment, payment processing—contractual necessity provides the basis; these operations make the service function. Certain activities stem from legal obligations: tax record retention, responding to lawful requests, regulatory reporting. Finally, legitimate interests justify some processing: fraud prevention, platform security, product improvement based on aggregate usage patterns.

You can contest these bases. If we claim legitimate interest but you believe privacy concerns outweigh our needs, raise the objection. We'll reassess and either demonstrate compelling grounds or cease the processing. For consent-based activities, withdrawal is always available.

Operating primarily within the United States, we adhere to applicable federal and state privacy regulations. California residents benefit from additional rights under CCPA, including the ability to request disclosure of information categories collected and sold (though we don't sell data). Users elsewhere may invoke rights under their local frameworks; we'll accommodate where feasible even if not strictly required.