Privacy Policy

This Privacy Policy explains how Servetrain LLC ("ServeTrain," "we," "us," or "our") collects, uses, discloses, and protects the personal information of visitors to our website at servetrain.co and users of our online training platform. By accessing or using our services, you agree to the practices described in this policy. We recommend that you read this document carefully. If you have questions, contact us.

1. Information We Collect

Information You Provide Directly

When you create an account, enroll in a course, or contact us, we may collect the following:

• Full name, email address, phone number, and mailing address
• Date of birth (required for certification purposes)
• State-issued Server ID numbers (where applicable for RBS certification)
• Employer name and liquor license information (for manager and corporate accounts)
• Payment information (credit card number, billing address) processed through our secure payment provider
• Course progress data, quiz scores, and exam results
• Any information you include in messages sent through our contact form

Information Collected Automatically

When you visit our website, we automatically collect certain technical information through cookies and similar technologies:

• IP address, browser type, operating system, and device information
• Pages visited, time spent on pages, and navigation paths
• Referring URLs and search terms that led you to our site
• General geographic location derived from your IP address

2. How We Use Your Information

We use the personal information we collect for the following purposes:

• Providing our services: Creating and managing your account, delivering course content, tracking your training progress, generating completion certificates, and reporting training completion to state regulatory agencies as required by law
• Processing payments: Completing transactions for course enrollments, group purchases, and corporate accounts
• Communication: Responding to inquiries, sending enrollment confirmations, certification expiration reminders, and service-related notices
• Corporate account administration: Providing managers with employee training status, progress reports, and certification tracking through the manager dashboard
• Compliance and legal obligations: Reporting training completion data to state alcoholic beverage control agencies as required by applicable state law
• Website improvement: Analyzing usage patterns to improve our website, course content, and user experience
• Security: Detecting and preventing fraud, unauthorized access, and other security threats

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

• State regulatory agencies: We are required to report training completion data (including your name, Server ID, and completion date) to state alcoholic beverage control agencies, including the California Department of Alcoholic Beverage Control, as mandated by law
• Payment processors: Your payment information is transmitted directly to our third-party payment processor for transaction processing. We do not store full credit card numbers on our servers
• Corporate account administrators: If your employer enrolled you through a corporate account, your training status, progress, and completion data may be visible to your employer's account administrator
• Service providers: We work with third-party vendors who help us operate our website, deliver email communications, host our platform, and analyze site usage. These vendors are contractually obligated to protect your data and use it only as we direct
• Legal requirements: We may disclose your information when required by law, court order, subpoena, or in response to a law enforcement request

4. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to improve your experience. Cookies are small text files stored on your device when you visit our site. We use them for the following purposes:

• Essential cookies: Required for the website and training platform to function properly, including maintaining your login session and saving course progress
• Analytics cookies: Help us understand how visitors interact with our website so we can improve navigation, content, and performance. We use Google Analytics for this purpose and have concluded a data processing agreement with Google. Full IP addresses are blocked
• Functionality cookies: Remember your preferences, such as language settings and display options

Most web browsers allow you to control cookies through their settings. You can typically choose to block all cookies, accept all cookies, or receive a notification when a cookie is set. Blocking essential cookies may prevent parts of our website from functioning properly.

5. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it. These measures include:

• SSL/TLS encryption for all data transmitted between your browser and our servers
• Secure, encrypted storage for sensitive personal data
• Access controls limiting data access to authorized personnel only
• DNSSEC, DKIM, SPF, and DMARC email authentication protocols
• HTTP Strict Transport Security (HSTS) headers
• Regular security reviews and monitoring

No method of electronic transmission or storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide our services. Specifically:

• Account and training data: Retained for the duration of your certification period (typically 2 to 3 years) plus an additional period to support renewal and record-keeping obligations
• Payment records: Retained as required by applicable tax and financial regulations
• Communication records: Contact form submissions and support correspondence are retained for up to 3 years
• Analytics data: Aggregated, non-identifiable usage data may be retained indefinitely for statistical purposes

When personal data is no longer necessary for its original purpose or legal retention requirements, we securely delete or anonymize it.

7. Your Privacy Rights

All Users

Regardless of your location, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate personal information
• Request deletion of your personal information, subject to legal retention requirements
• Opt out of non-essential marketing communications

California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of collection, the business purpose for collecting it, and the categories of third parties with whom we share it
• Right to delete: You may request that we delete the personal information we have collected about you, subject to certain exceptions required by law
• Right to opt out of sale: We do not sell personal information. If this practice changes, we will provide a clear opt-out mechanism
• Right to non-discrimination: We will not discriminate against you for exercising any of your privacy rights

To exercise any of these rights, contact us using the information provided at the bottom of this policy. We will respond to verifiable consumer requests within 45 days. You may also visit our Do Not Sell My Personal Information page.

8. Do Not Track Signals

Our website does not currently respond to Do Not Track (DNT) browser signals or the Global Privacy Control (GPC) signal. We will update this policy if our practices change regarding these signals.

9. Children's Privacy

Our services are designed for individuals who are of legal working age in the alcohol service industry. We do not knowingly collect personal information from children under the age of 16. If we become aware that we have collected data from a child under 16, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us immediately.

10. Third-Party Websites

Our website may contain links to third-party websites, including state regulatory portals, payment processors, and social media platforms. This Privacy Policy does not apply to those sites. We are not responsible for the privacy practices of third-party websites and recommend reviewing their privacy policies before providing personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this page. For significant changes, we may provide additional notice through our website or by email. We encourage you to review this page periodically.

12. Contact Us

If you have questions about this Privacy Policy, want to exercise your privacy rights, or need to report a concern about how your personal information is handled, please contact us: