KnowledgeCraftLearn · Build · Get hired
Home / Privacy Policy

Privacy Policy

How Knowledge Craft collects, uses, and protects your information.

Last updated: 2026-06-11

1. Introduction

NOBLE SHELF LIMITED (Company Registration No. 80584060), operating under the brand Knowledge Craft ("we," "us," or "our"), is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, who we share it with, and your rights. By using our website and purchasing our digital products, you agree to this policy.

Data Controller: NOBLE SHELF LIMITED (Company Registration No. 80584060), trading as Knowledge Craft, Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong S.A.R.
Contact: support@knowledge-craft.com

2. Data We Collect

We collect the following categories of personal data:

Information you provide directly:

  • Full name and email address (at account creation and checkout)
  • Billing address and country
  • Payment method details (processed and tokenized by our authorized payment service provider — we never store your full card number)

Information collected automatically:

  • IP address at the time of purchase
  • Browser type, operating system, and device identifiers
  • Pages visited, session timestamps, and clickstream data
  • Cookie identifiers and session tokens

Information from third-party services:

  • Payment and fraud signals from our authorized payment service provider for fraud prevention and chargeback management
  • Behavioral data collected by payment processor systems for fraud prevention (e.g., typing patterns, device fingerprinting, velocity checks)

3. Payment Processing

We use authorized payment service provider(s) to process all payments. Our payment processor(s) act as data processor(s) for payment transactions.

  • We do not store your full credit card number. Payment card data is tokenized using PCI DSS Level 1 compliant infrastructure and is never stored in full on our servers.
  • By making a purchase, your payment information is processed by our authorized payment service provider. Each payment processor maintains its own privacy policy, available upon request.
  • Our payment processor may collect additional device and behavioral data (such as device fingerprints, typing patterns, and transaction velocity) for fraud detection and prevention purposes.
  • We have entered into appropriate Data Processing Agreements with all authorized payment service providers in accordance with GDPR requirements. Our payment processors are responsible for maintaining their own compliance documentation and privacy policies.

4. How We Use Your Data

We use your personal data for the following purposes:

PurposeLegal Basis (GDPR)
Deliver purchased digital productsContract performance (Art. 6(1)(b))
Process payments via authorized payment service provider(s)Contract performance (Art. 6(1)(b))
Send order confirmations and receiptsContract performance (Art. 6(1)(b))
Respond to customer support inquiriesLegitimate interest (Art. 6(1)(f))
Detect and prevent fraudLegitimate interest (Art. 6(1)(f))
Comply with legal obligationsLegal obligation (Art. 6(1)(c))
Send marketing communications (opt-in only)Consent (Art. 6(1)(a))
Analyze website usage to improve servicesLegitimate interest (Art. 6(1)(f))

5. Data Sharing and Third Parties

We share your personal data only as necessary with the following trusted service providers:

  • Authorized payment service provider(s) — Payment processing, fraud prevention, and chargeback management. Data may be processed in the United States or other jurisdictions depending on the provider(s) used.
  • Email delivery provider — To send order confirmations and support communications.
  • Analytics provider — Aggregated, anonymized usage analytics only.

We do not sell, rent, or trade your personal data to third parties for marketing purposes. We share only the minimum data required for each service to function.

International transfers: Your data may be transferred to and processed in the United States or other jurisdictions by authorized payment service provider(s) and their banking partners. Where required, providers use appropriate transfer safeguards such as adequacy decisions, Data Privacy Framework participation, or Standard Contractual Clauses for transfers from the European Economic Area (EEA) and the United Kingdom.

6. Cookie Policy

We use the following types of cookies:

  • Essential cookies — Required for login sessions, shopping cart state, and checkout functionality. Cannot be disabled.
  • Payment processor cookies — Placed by our authorized payment processor for fraud detection, security verification, and payment processing. Required for checkout.
  • Analytics cookies — Used to understand site traffic and improve our services (anonymized). You may opt out via your browser settings.

You can control non-essential cookie preferences through your browser settings. Disabling essential or payment processor cookies may prevent checkout from functioning correctly.

7. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes described in this policy:

  • Account and purchase records: 7 years (required for tax and financial record-keeping obligations)
  • Customer support records: 3 years from last interaction
  • Marketing consent records: Until you withdraw consent

When data is no longer needed, we delete or anonymize it securely.

8. Your Rights

Depending on your location, you may have the following rights over your personal data:

All users:

  • Right of access — Request a copy of the personal data we hold about you
  • Right to rectification — Request correction of inaccurate or incomplete data
  • Right to erasure — Request deletion of your data (subject to legal retention requirements)
  • Right to restriction — Request that we limit how we process your data
  • Right to data portability — Receive your data in a machine-readable format
  • Right to object — Object to processing based on legitimate interest or for direct marketing

EU/EEA/UK residents (GDPR): All rights above apply. You may also lodge a complaint with your local Data Protection Authority.

California residents (CCPA):

  • Right to know — Request details of personal data collected, used, or disclosed in the past 12 months
  • Right to delete — Request deletion of your personal data
  • Right to opt out of sale/sharing — We do not sell your personal data
  • Right of non-discrimination — We will not discriminate against you for exercising your privacy rights

To exercise any of these rights, contact us at support@knowledge-craft.com. We will respond within 30 days.

9. Children's Privacy

Our services are intended for users 18 years of age or older. We do not knowingly collect personal data from children under 13. If we discover that we have inadvertently collected data from a child under 13, we will delete it promptly. If you believe we have collected such data, please contact us immediately.

10. Security Measures

We implement the following technical and organizational security measures:

  • HTTPS encryption across all pages
  • PCI DSS Level 1 compliant payment processing (no card data stored on our servers)
  • Access controls limiting who can view customer data
  • Regular security reviews of our systems and integrations

Despite these measures, no system is completely secure. We encourage you to use strong, unique passwords for your account.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on our website and, where appropriate, by email. The "Last Updated" date at the top of this policy reflects the most recent revision.

12. Contact Us

For privacy-related inquiries, data subject requests, or concerns about our data practices:

Contact Us

Have questions? Reach out at hello@knowledge-craft.com

Response time: Within 30 days of receiving your request