Privacy Policy

Privacy and Cookies Statement

Last updated 24/04/2023

Cademy Group Ltd owns and operates an online platform that provides users with information, recommendations and services related to educational services, including tools for researching and/or enrolling into courses, workshops and other services and other education-related services. In this Statement, we refer to these as our “Services”.

The information that you and others entrust us with enhances our ability to provide more relevant, personalised and helpful Services. We know that sharing your information with us is based on trust. We take your trust in us seriously and are committed to providing you helpful information, products and services, curated based on the information you have shared with us. Equally, and perhaps more importantly, we are committed to respecting your privacy when you visit our website or use our Services and being transparent about how we use the information you have entrusted to us.

This Statement describes how we obtain, use, and process your information - hopefully, in an easily understandable and transparent manner. It informs you of the rights you have, how you can exercise them and how you can contact us. Please review this Statement carefully to learn about our practices with respect to information and privacy. By visiting our websites and related mobile applications, as well as other online platforms such as our affiliated partners websites, apps and social media, whether on a computer, phone, tablet, or similar device (each of these is referred to as a “Device”), you acknowledge and confirm that you have read this Statement.

We offer our Services to users in a number of countries and territories where the laws and customs differ. This Statement provides a general overview of our privacy practices.

Information Collected and Processed

When you access or use our Services, we collect and process information from and about you to provide the Services in a more personalised and relevant way. Some information we collect passively, for example, with our servers or with cookies or other similar tracking technologies. Some information we collect from different sources, including from you, affiliated entities, business partners, and other independent third-party sources. When you use our Services by “clicking-through” from a third-party website or when you visit third-party websites via our Services, those third-party websites may share information with us about your use of their service. Any information that we receive from third-party websites may be combined with the information provided by you.

Information processed may include the following:

  • Contact information, including name, phone number, and postal and email addresses (both hashed and unhashed)
  • Billing and other payment information (such as your bank account information, credit card number, cardholder name, expiration date, authentication code and billing address)
  • Username and password
  • Details relating to your Cademy account
  • Photos, reviews, forum and social posts, and videos you may have provided to us
  • Geolocation information
  • Device information, such as when you accessed our Services and information about the Device used (for example, IP address, software or internet browser used, preferred languages, unique Device identifiers, and advertising identifiers)
  • Online activity, including pages you have visited, content reviewed, and apps reviewed
  • Other information about yourself that you have voluntarily disclosed
  • Purchasing and booking history
  • Information about your interests and preferences
  • Communications when you contact our customer service team, including inbound and outbound calls
  • Information that you have provided to other third party companies for the purposes of logging in to social media. This includes publicly available information, such as name, age-range as well as email addresses.

We may also collect - in instances where you have provided it - information about other guests on the course, including their email address and other contact details. If you are sharing information with us about other individuals, you must obtain their consent and ensure that they have understood and accepted how we will use their personal information (as described in this Statement).

In addition to the categories noted above, we may also collect certain location information if you have instructed your Device to send such information via the privacy settings on that Device, or, for example, if you have uploaded photos tagged with location information.

Information Uses and Purposes

To the extent possible, we want to provide you with relevant content and a tailored experience when you use our Services, and we use information about you to do that, including in the following ways:

Registration, membership, and other contracts

  • Register and manage your account, including to allow you access to and use of our Services
  • Facilitate your orders
  • Process payments or credits
  • Offer you promotional programs that may include competitions, gift cards, rewards, cash back, and discounts

Improve our Services

  • Use your information for analytical purposes and to enable us to improve our Services
  • Provide you with a tailored/optimised experience by grouping users based on, for example, usage, interests and demographics
  • Send you survey, market research invitations, or panel interviews for analytics purposes

Individualisation and customisation

  • Notify you about special offers and products or services available from us, or our partners that may be of interest to you
  • Tailor your experience, including by making inferences about your interests and preferences based on your activity and customise the ads shown to you both on and off our website

Communication

  • Communicate with you or facilitate communication between you and our partners
  • Conduct, monitor and record your calls or interactions with us; for example, your communications with our customer service or sales teams, or through our use of pixels and similar technologies to monitor how you interact with our emails to you, such as whether you open or click on content in our emails
  • Host your reviews, forum posts, photos, videos, and other content
  • Respond to your questions and comments

Legal Compliance

  • Resolve disputes or troubleshoot problems
  • Prevent fraud and other potentially prohibited or unlawful activities
  • Comply with relevant laws, respond to legal requests, prevent harm, and protect our rights
  • Provide payment services, including to detect and prevent money laundering, fraud and security incidents, to comply with legal obligations, and to enforce any applicable terms of service

Please note, if we use automated decision-making to process your personal information, we will implement appropriate measures required to safeguard your rights and freedoms including your right to obtain human intervention.

Information Sharing

In order to provide some of our Services and processing activities, we use service providers and may need to share information with these service providers, in the following circumstances:

  • Suppliers. We may share information with certain suppliers used to facilitate our Services, including where relevant to help with transactions.
  • Business Partners. We may share information about you, your Devices and your use of our Services with our trusted business partners. For example, we may share information so that we can facilitate payment for products or services you may purchase on the websites of our partners. This sharing is generally pursuant to written agreements which include confidentiality, privacy, and security obligations; please note, however, that we do not control the privacy practices of these third-party business partners.
  • Social Media Websites. When you use our Services and elect to share information with third-party social media websites, the information you share will be governed by the privacy policies of those social media websites and the privacy settings you have set with those social media websites.
  • Advertising Networks. We sometimes collect and share information about your interests with advertising networks and data aggregators. Some of these companies are members of the Network Advertising Initiative or the Digital Advertising Alliance, which offer a single location to opt out of ad targeting from member companies. To learn more about the Digital Advertising Alliance, please click here.
  • Fraud Detection Companies. Third parties may assist us by providing us with their fraud detection technologies.
  • Other third parties, such as referring websites. Third parties may also assist us in collecting information by, for example, operating features of our website or facilitating the delivery of online advertising tailored to your interests. We may share audience segments and other information, such as hashed email addresses, with third parties that use that information for tailored advertising to you. Other third parties may also provide us with their content and contract generation, management, and hosting tools. Third parties may only collect or access information as needed to perform their permitted functions. If and to the extent these third parties only assist us to perform our processing operations, we have bound them contractually to only act on our behalf as so-called data processors.

Certain Device operating system versions permit you to opt out of certain types of information sharing, including to certain advertising networks. You can change the privacy settings of your Device at any time in order to turn off the functionality that collects and shares location information. Please check your Device settings if you want to limit such tracking However, turning off location-sharing may affect certain features that we offer. If you have any questions about the privacy settings of your Device, we suggest you contact the manufacturer of your Device or your mobile service provider for help.

We also may share your information if we believe, in our sole discretion, that such disclosure is necessary:

  • To comply with legitimate and enforceable subpoenas, court orders, or other legal process; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we reserve the right to raise or waive any legal objection or right available to us.
  • To investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of Cademy, our customers, or others; and in connection with our Terms of Use and other agreements.
  • In connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

Information Choices

You have options with respect to the processing and use of your information by us. You can access, update, and even close your account by visiting the “Member Profile” section on our website or app. In addition, you can do the following:

  • Choose the way we communicate with you.
  • Choose not to provide us with certain information, although it may be needed to take advantage of certain features offered on our websites.
  • Prevent the collection of certain geolocation information (e.g. by switching off location services for our app in the settings of your phone), but note that turning off location sharing may affect certain features of our Services.
  • Close your account directly from within your Member Profile. Note that if you close your account, we will deactivate your account and remove your profile information from active view. We may retain some information associated with your account (including past transactions) for internal purposes including backups, fraud prevention, dispute resolution, investigations, our own legitimate business interests, and legal compliance for the period necessary to fulfil the purposes outlined in this Statement.
  • As a registered member, you can modify your marketing subscriptions, including email subscription choices, at any time, within your member settings.
  • Unsubscribe from promotional messages, including emails with travel-related opportunities, in any such email we send.

Information on Children

Our Services are not intended for children, which we consider to be: (i) individuals that are 13 years of age or under, or the age of privacy consent in your jurisdiction; or (ii) when processing data on the basis of a contract, the age of legal capacity to enter into the agreement.

We will only collect or process information belonging to children under very limited circumstances. We might need to collect personal information belonging to children as part of our Service if, for example, the personal information is required as part of a family booking or workshop intended for children. We will only collect personal information belonging to children if it is provided by and with consent of a parent or guardian. If we become aware that we have processed the personal information of a child without the valid consent of a parent or guardian, we will delete the personal information.

Information Transfers

We offer our Services to users located in many different jurisdictions. If we transfer your information to other countries, we will use and protect that information as described in this Statement and in accordance with applicable law.

Information Security

We have implemented appropriate administrative, technical, and physical security procedures to help protect your information. We only authorise specific personnel to access personal information and they may do so only for permitted business functions. We use encryption when transmitting your information between your system and ours, and between our system and those of the parties with whom we share information. We also employ firewalls and intrusion detection systems to help prevent unauthorised access to your information. However, we cannot guarantee the security of information from unauthorised entry or use, hardware or software failure, or other circumstances outside of our control.

Information Deletion and Retention

We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Statement, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise, or defend any legal rights.

Information from Cookies

We want your access to our Services to be as easy, efficient, and useful as possible. To help us do this, we use cookies and similar technologies to improve your experience, to enhance website security, and to show you relevant advertising.

Cookies are small text files that are automatically placed on your Device when you visit almost any website. They are stored by your internet browser and contain basic information about your internet use. Your browser sends the information from these cookies back to a website every time you revisit it, so it can recognise your Device and improve your experience by, among other things, providing you with personalised content. We also use other tracking technologies, such as pixel, SDKs, or server logs, that have a similar functionality. We also use cookies and tracking technologies to remember your login details, so you don't have to re-enter them repeatedly when you use our Services or to help us understand your preferences.

Most advertising networks offer you a way to opt out of advertising cookies. See www.aboutads.info/choices/ and www.youronlinechoices.com for useful information on how to do this.

If you decline certain cookies, your access to some functionality and areas of our Services might be degraded or restricted.

Our use of any information we collect through cookies is subject to this Statement, which is linked on every page of our website.

Information on Statement Changes

We may update this Statement in the future. If we believe any changes are material, we will let you know by doing one or more of the following: sending you a communication about the changes, placing a notice on the website and/or posting an updated Statement on the website. We will note at the top of this Statement when it was most recently updated. We encourage you to check back from time to time to review the most current version and to periodically review this Statement for the latest information on our privacy practices.

General Data Protection Regulation Privacy Statement (“GDPR Statement”) (DPA in UK)

This GDPR Statement applies to persons in the European Economic Area (“EEA”), including those based in the United Kingdom. This GDPR Statement supplements our Statement; however, where the Statement conflicts with the GDPR Statement, the GDPR Statement will prevail as to persons located in the EEA.

Controller of Personal Information and Local Representative

Cademy Group Ltd is the controller of personal information we collect via the Cademy Marketplace; Where Cademy is used by an educator or other party as software service to deliver services independent of the Cademy Marketplace, Cademy shall be regarded as the processor, with the Educator acting as the controller.

Our UK contact details are:

27 Queen Charlotte Street, Edinburgh, EH6 6AX, UK.

Our US contact details are:

447 Broadway, 2nd Floor #1386, New York, NY 10013, United States

Information Rights Under GDPR and DPA (UK)

You have certain rights regarding your personal information.

Your rights with respect to your own personal information include the following:

  • The right to request access to your personal information. This enables you to receive a copy of the personal information we hold about you.
  • The right to request correction of your personal information if it is inaccurate. You may also supplement any incomplete personal information we have, taking into account the purposes of the processing.
  • The right to request deletion of your personal information if:
    • your personal information is no longer necessary for the purposes for which we collected or processed them; or
    • you withdraw your consent if the processing of your personal information is based on consent and no other legal ground exists; or
    • you object to the processing of your personal information and we do not have an overriding legitimate ground for processing; or
    • your personal information is unlawfully processed; or
    • your personal information must be deleted for compliance with a legal obligation.
  • The right to object to the processing of your personal information. We will comply with your request, unless we have a compelling overriding legitimate interest for processing or we need to continue processing your personal information to establish, exercise, or defend a legal claim.
  • The right to restrict the processing of personal information, if:
    • the accuracy of your personal information is contested by you, for the period in which we have to verify the accuracy of the personal information; or
    • the processing is unlawful, and you oppose the deletion of your personal information and request restriction; or
    • we no longer need your personal information for the purposes of processing, but your personal information is required by you for legal claims; or
    • you have objected to the processing for the period in which we have to verify overriding legitimate grounds.
  • The right to data portability. You may request that we send this personal information to a third party, where feasible. You only have this right if it relates to personal information you have provided to us where the processing is based on consent or necessity for the performance of a contract between you and us, and the processing is conducted by automated means.
  • You also have the right to lodge a complaint before your national data protection authority.

You will not usually have to pay a fee to access your personal information (or to exercise any of the other rights described in this Statement). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). To the extent you use a third party to submit a data request on your behalf, we may need to take reasonable steps to verify the authenticity of the request. These are security measures to ensure that personal information is not disclosed to any person who has no right to receive it. In an effort to speed up our response, we may also contact you to ask you for further information in relation to your request. You can exercise several of your rights through the personal information section of your account. To exercise your other rights you can file a request on support@cademy.io

Information Uses and Legal Basis

We will only use your personal information under the circumstances permitted by the law or you.

Pursuant to GDPR, we will use your personal information in one or more of the following circumstances:

  • Registration, membership and other contracts: Where we need to perform the contract we are about to enter into or have entered into with you.
  • Improve our Services and customisation: Where it is necessary for our legitimate interests (or those of a third party) to provide or improve Services, including our interest to provide you improved and personalised Services, and where your interests and fundamental rights do not override those interests.
  • Communication: Where you are a registered member, the information uses might be required to perform the contract with you. Where it is necessary for our legitimate interests (or those of a third party) to communicate with you and your interests and fundamental rights do not override those interests. Where we need your consent for the information use, we will seek your prior consent.
  • Legal Compliance: Where it is necessary to meet our legal obligations.

International Transfers

Your personal information may be stored or transferred to countries outside the EEA and the UK for the purposes described in this Statement. When we store or transfer your personal information outside the EEA and the UK, we take the following precautions to ensure that your personal information is properly protected.

Whenever we store or transfer your personal information outside the EEA and the UK, we will do so in accordance with applicable law, and we will ensure a similar degree of protection is afforded to it by implementing appropriate safeguards. Transfers of personal information are made:

  • to a country recognised by the European Commission as providing an adequate level of protection; or
  • to a country which does not offer adequate protection but whose transfer has been governed by the standard contractual clauses of the European Commission or by implementing other appropriate cross-border transfer solutions to provide adequate protection.

By using our Services, you understand that your personal information may be transferred to our facilities and those third parties with whom we share it, as described in this Statement.

Google User Data Handling

Cademy uses Google's APIs to provide a range of optional features such as log-in via Google and calendar sync. Cademy's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Contact

If you have a data privacy request, such as a request to delete or access your data, or for general data privacy inquiries or questions concerning our Privacy and Cookies Statement, please contact our privacy team on privacy@cademy.io