Privacy Policy
We believe privacy is a right, not a privilege. This policy explains how we protect your information—written in plain language, not legalese.
Last updated: December 2025The Short Version
- We collect only the data necessary to run our programmes—nothing more.
- We never sell your personal information to anyone, ever.
- Your data is protected by European standards (GDPR) regardless of where you live.
- Mentee and learner profiles are private by design—only visible to mentors you connect with.
- You can access, correct, or delete your data at any time by contacting us.
- We take extra care to protect data belonging to vulnerable populations, including refugees and minors.
Who We Are
The Educational Equality Institute (TEEI) is an international nonprofit organisation dedicated to expanding educational equality for girls, women, and communities affected by war and displacement. Our motto is Equality Through Education.
We operate under two legal entities:
Norway Headquarters (Data Controller)
The Educational Equality Institute
5th Floor, 28 Nydalsveien
0484 Oslo, Norway
Organisation Number: 928 776 719
United States 501(c)(3)
The Educational Equality Institute Inc.
100 Church Street
New York, NY 10007, USA
EIN: 33-2331817
As an organisation headquartered in Norway and serving learners across Europe, we comply with the General Data Protection Regulation (GDPR). We extend these protections to all users regardless of location.
What Data We Collect
We collect different types of information depending on how you interact with us. We follow a principle of data minimisation—collecting only what is necessary for our educational mission.
When you register as a learner or mentee
- Name and email address
- Phone number (for account verification and session reminders)
- Country of residence and time zone
- Languages you speak and want to learn
- Professional background and learning goals
- Session history and course progress
Privacy by design: Learner and mentee profiles are private. Your personal details are never publicly listed. Only mentors you choose to connect with can see the information needed to schedule and conduct sessions.
When you register as a volunteer mentor or language partner
- Name, email address, and phone number
- Professional affiliation and LinkedIn profile (for verification)
- Areas of expertise and languages spoken
- Availability schedule
- Photo and biographical information (displayed on your public mentor profile)
- Session statistics and learner reviews
When you make a donation
- Name and contact information
- Payment details (processed securely by our payment partners; we do not store full card numbers)
- Donation history for tax receipt purposes
When you visit our website
- Standard server logs (IP address, browser type, pages visited)
- Cookies and similar technologies (see Cookies section)
Special category data
We do not intentionally collect sensitive personal data such as health information, political opinions, or religious beliefs. If you voluntarily share such information during mentoring sessions or in your profile, we treat it with heightened protection.
How We Use Your Data
| Purpose | What We Use |
|---|---|
| Delivering our programmes | Account details, learning preferences, session history to match you with mentors, schedule sessions, and track progress |
| Platform operations | Email and phone for account verification, password resets, and session notifications |
| Improving our services | Aggregated and anonymised usage data to understand how our platforms are used and where we can improve |
| Safeguarding | Identity verification for volunteers, session logs for protection of vulnerable learners |
| Reporting to funders | Aggregated statistics only (e.g., "8,000+ learners served")—never individual data without consent |
| Communications | Email address for programme updates, newsletters (only with your consent), and essential service messages |
| Legal compliance | Financial records for tax and regulatory requirements |
We will never:
- Sell your personal information
- Share individual learner data with funders or corporate partners without explicit consent
- Use your data for automated decision-making that affects your access to services
- Contact you for marketing without your permission
Legal Basis for Processing
Under GDPR, we process your data based on the following legal grounds:
- Contract: Processing necessary to provide you with our educational services when you register
- Consent: For optional communications like newsletters, and for any use of your story or testimonial
- Legitimate interests: For improving our services, preventing fraud, and ensuring platform security—balanced against your rights
- Legal obligation: For financial record-keeping and regulatory compliance
Where we rely on consent, you can withdraw it at any time by contacting us or adjusting your account settings.
Who We Share Data With
Platform partners
We work with trusted technology partners to deliver our programmes:
- Kintell — Our mentoring and video session platform (processes session data, profiles, scheduling)
- itslearning — Our learning management system (processes course enrollment, progress, assignments)
- Babbel and Oxford University Press — Language learning content providers (may receive anonymised usage statistics)
All platform partners are bound by data processing agreements that require GDPR-equivalent protections.
Payment processors
Donations are processed by third-party payment providers who handle your financial data under their own privacy policies and strict PCI-DSS security standards.
Mentors and language partners
When you book a session, we share necessary information (your name, goals, time zone, and booking message) with your chosen mentor. We do not share your full profile, contact details, or session history beyond what is needed for your interaction.
Aggregated reporting
We share aggregate, anonymised statistics with funders, corporate partners, and the public (e.g., "2,000+ mentees have joined Mentors for Ukraine"). Individual data is never shared without your explicit consent.
Legal requirements
We may disclose data if required by law or to protect the safety of our community. We will notify you unless prohibited by law.
How We Protect Your Data
We implement robust security measures aligned with industry best practices:
- Encryption: Data is encrypted in transit (TLS) and at rest
- Access controls: Staff access to personal data is limited to those who need it for their role
- Verification: Volunteer mentors are verified through corporate email and LinkedIn profiles
- Platform security: Our technology partners (Kintell, itslearning) maintain their own security certifications and audits
- Incident response: We have procedures to detect, investigate, and report data breaches within 72 hours as required by GDPR
Protecting vulnerable populations: We recognise that many of our learners are refugees, internally displaced persons, or others in vulnerable situations. We design our systems with their safety in mind—keeping mentee profiles private, limiting data collection, and ensuring that participation in our programmes cannot be used to identify or locate individuals at risk.
Your Rights
Under GDPR and our commitment to transparency, you have the following rights:
Right to Access
Request a copy of the personal data we hold about you.
Right to Rectification
Ask us to correct any inaccurate or incomplete data.
Right to Erasure
Request deletion of your personal data (subject to legal retention requirements).
Right to Restrict Processing
Ask us to limit how we use your data in certain circumstances.
Right to Data Portability
Receive your data in a structured, machine-readable format.
Right to Object
Object to processing based on legitimate interests or for direct marketing.
Right to Withdraw Consent
Withdraw any consent you've given, at any time.
Right to Complain
Lodge a complaint with a supervisory authority (see below).
To exercise any of these rights, submit a data request or contact us at privacy@theeducationalequalityinstitute.org. We will respond within 30 days.
Supervisory Authority
You have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) or another relevant supervisory authority:
Datatilsynet
P.O. Box 458 Sentrum
0105 Oslo, Norway
www.datatilsynet.no
Children and Vulnerable Persons
Children under 18
Our mentoring and language practice platforms are designed for adults. Learners under 18 may only use Language Connect for Ukraine or Mentors for Ukraine if a parent or guardian is present during sessions.
For our structured language courses for children (using tools like BOOKR Class), we obtain parental consent before any child participates, and we limit data collection to the minimum necessary for educational delivery.
Vulnerable adults
We recognise that many participants in our programmes are refugees, internally displaced persons, or others in difficult circumstances. We apply heightened data protection standards:
- Minimal data collection
- Private-by-default profiles
- No public identification without explicit consent
- Staff training on working with vulnerable populations
- Clear pathways to report concerns
International Data Transfers
TEEI serves learners across Europe, Ukraine, and beyond. Some of our technology partners process data in countries outside the European Economic Area (EEA).
When data is transferred outside the EEA, we ensure appropriate safeguards are in place:
- Adequacy decisions: Transfers to countries the European Commission has deemed to provide adequate protection
- Standard Contractual Clauses (SCCs): EU-approved contractual terms with our data processors
- Technical measures: Encryption and access controls that protect data regardless of location
Our US entity operates under the same privacy standards as our Norwegian headquarters.
Data Retention
We keep your data only as long as necessary for the purposes described in this policy:
- Active accounts: Data is retained while you use our services
- Inactive accounts: We may delete accounts after 3 years of inactivity, with notice
- Donation records: Retained for 7 years as required by tax regulations
- Aggregated statistics: Retained indefinitely for reporting and research (no personal data)
When data is no longer needed, we securely delete or anonymise it.
Changes to This Policy
We may update this policy to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will:
- Update the "Last updated" date at the top of this page
- Notify you by email if you have an account with us
- Post a notice on our website
We encourage you to review this policy periodically.
Contact Us
Questions about this policy or your personal data? We're here to help.
Get in Touch
Our team typically responds within 5 working days. For data rights requests, we will respond within 30 days as required by GDPR.
5th Floor, 28 Nydalsveien
0484 Oslo, Norway
Read this policy in other languages: