Data, Privacy and Cookies Policy
What information do we collect and what do we do with it?
When you enroll as a student or subscriber (“learner”) on our Site or related courses, as part of the enrolling process, we collect the personal information you give us such as your name and email address.
Email marketing: we may send you emails about our site and related course(s), registration, course content, your course progress or other updates. We may also use your email to inform you about changes to the course, survey you about your usage, or collect your opinion.
How do we get your consent?
When you provide us with personal information to become a learner on our site, make a purchase, or participate in the course, you imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do you withdraw your consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at [email protected]
Disclosure
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Use.
Thinkific as a data sub-processor
Our course and site is hosted by Thinkific Labs Inc. (“Thinkific”). They provide us with the online course creation platform that allows us to sell our product/services to you.
The agreement between nurtureuk and Thinkific with regards to data processing is set out in the Data Processing Addendum to Thinkific's Terms of Use: https://www.thinkific.com/dpa/
Once your data has been collected, the data is stored encrypted using Thinkific’s data storage, databases and the general Thinkific application. They store your data on secure servers behind firewall, which are provided by Amazon Web Services. The servers are based within the United States. By agreeing to this Privacy Policy, you are consenting to the transfer of your personal information data outside of the UK or European Economic Area (EEA).
For more details on how your data is secured by Thinkific, please see Thinkific's Security FAQs at: https://support.thinkific.com/hc/en-us/articles/360037566073-Security-FAQ.
For more insight, you may also want to read Thinkific’s Terms of Service or Privacy Statement here:
- https://www.thinkific.com/resources/privacy-policy/
- https://www.thinkific.com/resources/terms-of-service/
Payment
If you make a purchase on our site, we use a third-party payment processor - Stripe. Payments are encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Please note that your purchase transaction data may be stored by the third-party payment processor. You can however delete them from the 'Billing' section on your Thinkific account.
For more information on how Stripe handles this data, please view the Stripe privacy policy here. Please note that Stripe may transfer data outside of the UK and European Economic Area for storage or processing, but will do so with adequate safeguards, or your express permission.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our site and related courses and its service providers.
Third-party services
In general, any third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
Certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
Once you leave our course website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our Site’s Terms of Use.
Once you have entered data into this Site, we may process it using the following systems:
To manage contact data and our relationships with customers, members and partners, we use Salesforce CRM, a customer relationship management tool. The data we collect may include personal details including your name and email address, your relationship to an organisation, your job title, details of your use of nurtureuk products and services, including bookings for training courses and sessions.
This data is processed and stored within cloud-based Salesforce CRM servers based in the EEA. Data is stored encrypted (at rest when stored on the servers, in the database, in search index files, and in the file system).
We use Zendesk, a customer support tool, to provide support on the use of this website or nurtureuk’s products and services, and if you email one of our email addresses through this website. The data we collect and process in this way may include your name and email address, your relationship to an organisation, the content of your original enquiry or customer service query, along with any replies to resolve your query, which may include additional data you choose to share (for example, any additional information within your email signature). While this data may be processed and stored safely in encrypted form outside the UK or EEA, our data processing agreement with Zendesk includes the EU Standard Contractual Clauses approved by the Information Commissioner’s Office, giving you essentially equivalent protection as under the UK GDPR.
We use Google Cloud and Google Workspace services to store and process some information related to your use of nurtureuk services, and to store emails you may send to us through this website, and some forms you may complete within the website. This data is stored on Google cloud-based servers within the UK or EEA, and is encrypted at rest.
Links
When you click on links on our course Site, they may direct you away from our Site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Security
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Cookies
We collect cookies or similar tracking technologies. This means information that our website’s server transfers to your computer. This information can be used to track your session on our website. Cookies may also be used to customize our website content for you as an individual. If you are using one of the common Internet web browsers, you can set up your browser to either let you know when you receive a cookie or to deny cookie access to your computer.
We use cookies to recognise your device and provide you with a personalised experience.
We also use cookies to attribute visits to our websites to third-party sources and to serve targeted ads from Google, Facebook, Instagram and other third-party vendors.
Our third-party advertisers use cookies to track your prior visits to our websites and elsewhere on the Internet in order to serve you targeted ads. For more information about targeted or behavioral advertising, please visit https://www.networkadvertising.org/understanding-online-advertising.
Opting out: You can opt out of targeted ads served via specific third-party vendors by visiting the Digital Advertising Alliance’s Opt-Out page.
We may also use automated tracking methods on our websites, in communications with you, and in our products and services, to measure performance and engagement.
Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
Web analysis tools
We may use web analysis tools that are built into the Site to measure and collect anonymous session information.
Changes to this data, privacy and cookies policy
We reserve the right to modify this policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the Site. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
If our Site or course is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
Questions and contact information
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Data Protection Officer at [email protected]
How long we will store your data
We will usually store the information we hold related to your use of this website, and related to use of our products and services for a period in line with our data retention policy. To determine the appropriate period to retain data, we consider the nature and sensitivity of the data, the potential for harm, whether we can achieve our purposes through other means, as well as any applicable legal or contractual requirements.
How to delete or to access any of your personal data that we hold
You can request that we delete your personal information that we hold. To request this, contact our Data Protection Officer and your data will be deleted from both the website, our servers and any additional systems we use, with the exceptions noted below. If we delete your data on your request, you’ll no longer be able to access your account, the information it contains, or to access or use any of our services that you have previously signed up for or purchased, or been entitled to use.
Please note that we’re legally required to hold some personal information to fulfil our statutory obligations – for example, when we collect Gift Aid or process an invoice. We may also be required to hold some data to meet other legal or contractual requirements, and in some cases where a separate data processing agreement (for example, with your employer, or with an organisation that has commissioned services on your behalf) covers the use of all or some of your data.
You have a right to know if nurtureuk is storing any of your personal data, and a right to be provided with that information (with some exceptions, as specified under the UK GDPR).
To ask us for your personal data, you can email [email protected] or write to:
Data Protection Officer
nurtureuk
The Green House
244-254 Cambridge Heath Road
London E2 9DA
We do not make a charge for this. It'll help us to find your information if you can tell us something about the nature of your contact with us.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.