Privacy

Privacy Policy

Last updated: 20 May 2026

At Morocco Copilot Community (the “Platform”, “we”, “us”), we respect your privacy and are committed to protecting your personal data. This policy explains what information we collect, why we collect it, and how we use it.

1. Data we collect

When you use the Platform, we may collect:

  • Account information: name, email address, password (hashed), avatar, professional bio, links to your professional profiles (LinkedIn, GitHub).
  • Registration data: for courses or events — first name, last name, email, phone, company, role, AI experience level, and any custom fields configured by the administrator.
  • User-generated content: articles, comments, likes, and other interactions you perform on the Platform.
  • Technical data: IP address, browser type, device, pages visited, view counts, and aggregated usage statistics.

2. How we use your data

We use your personal data to:

  • Create and manage your account;
  • Confirm course / event registrations and send related communications;
  • Display your contributions (articles, comments) where you've chosen to publish them;
  • Send transactional emails (registration confirmations, password reset, welcome messages);
  • Improve the Platform and prevent abuse (rate limiting, security monitoring);
  • Comply with our legal obligations.

3. Third parties

We share your data only with the following service providers, strictly to operate the Platform:

  • Database hosting — Neon (PostgreSQL).
  • Image storage — Cloudinary.
  • Email delivery — our SMTP provider for transactional emails.
  • Hosting — Vercel / our cloud infrastructure provider.

We never sell your personal data to third parties.

4. Cookies and local storage

We use essential cookies and browser local storage to keep you signed in (JWT access tokens, refresh tokens) and to remember your language preference. We do not use third-party advertising or tracking cookies.

5. Your rights

In accordance with the Moroccan Personal Data Protection Law (Law 09-08) and, where applicable, the GDPR, you have the right to:

  • Access the personal data we hold about you;
  • Request correction of inaccurate data;
  • Request deletion of your account and data ("right to be forgotten");
  • Object to or restrict certain processing;
  • Request a portable copy of your data.

To exercise any of these rights, contact us at contact@ai-institute.ma.

6. Data retention

We keep your account data for as long as your account is active. If you delete your account, we remove your personal data within 30 days, except where retention is required by law (e.g. accounting records for paid registrations).

7. Security

Passwords are stored using bcrypt one-way hashing. All traffic is encrypted with HTTPS/TLS. Administrative access is protected by JWT authentication and role-based access controls.

8. Children

The Platform is intended for professionals aged 16 or older. We do not knowingly collect data from younger individuals.

9. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email and via a notice on the Platform.

10. Contact

Questions about this policy? Email us at contact@ai-institute.ma.

See also

Terms of Service

Read terms