Privacy Policy

1. Introduction

Glossy Vault Business English ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

• Register for our courses or services
• Subscribe to our newsletter
• Contact us through our contact forms
• Participate in surveys or promotions
• Create an account on our website

This information may include:

• Full name
• Email address
• Phone number
• Postal address
• Professional information (job title, company, industry)
• Payment information (processed securely through third-party payment processors)

2.2 Automatically Collected Information

We may automatically collect certain information about your device and usage patterns, including:

• IP address
• Browser type and version
• Operating system
• Pages visited and time spent on our website
• Referring website addresses
• Clickstream data

3. How We Use Your Information

We use the information we collect for the following purposes:

• To provide and maintain our services
• To process course registrations and payments
• To communicate with you about our courses and services
• To send newsletters and marketing communications (with your consent)
• To improve our website and services
• To personalise your experience
• To comply with legal obligations
• To detect and prevent fraud

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Consent: For marketing communications and non-essential cookies
• Contract: To provide our courses and services
• Legitimate Interest: To improve our services and prevent fraud
• Legal Obligation: To comply with applicable laws and regulations

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

5.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our website and providing our services, including:

• Payment processors
• Email marketing platforms
• Web hosting providers
• Analytics services

5.2 Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

• Course participant data: 7 years after course completion
• Marketing data: Until you unsubscribe or withdraw consent
• Website analytics data: 26 months
• Financial records: 7 years as required by UK law

7. Your Rights Under GDPR

If you are a resident of the European Union or UK, you have the following rights:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for marketing communications

To exercise these rights, please contact us at [email protected].

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. For detailed information about our cookie practices, please see our Cookie Policy.

9. Data Security

We implement appropriate technical and organisational security measures to protect your personal information, including:

• SSL encryption for data transmission
• Secure server infrastructure
• Regular security assessments
• Access controls and authentication
• Staff training on data protection

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other appropriate safeguards as required by applicable law

11. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may provide additional notice such as email notification.

13. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

14. Data Protection Officer

If you have concerns about how we handle your personal data, you may also contact our Data Protection Officer at [email protected].

15. Supervisory Authority

You have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe we have not complied with applicable data protection laws. You can contact the ICO at ico.org.uk.