Who we are
Our website address is: https://dlacademy.co.uk.
What personal data we collect and why we collect it
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
We may collect the following information about you:
• your name
• your age or date of birth
• your gender
• your contact details (postal, billing and delivery addresses, telephone numbers and e-mail address)
• details of your purchases and orders
• information about any services we provide to you
• your on-line browsing activities on our websites
• your account login details, including user name(s) and password(s)
• when you purchase or order products and services, your bank account or payment card details
• your communication and marketing preferences
• your interests, preferences, feedback and survey responses
• your location
• your IP address
• your device ID and other details such as make and model and the apps you use
• your correspondence and communications with us
• publicly available personal data, including any you have shared via public platforms and social media.
The types of data listed above is not exhaustive and, in some instances, we may need to collect additional data for the purposes set out in this policy or to provide you with certain products and services.
We may collect some of the above personal data directly from you, for example when you set up an account on our websites, or send an email to our customer services team. Other personal data is collected indirectly, for example your browsing or shopping activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Analytics
Who we share your data with
We work with partners, suppliers, service providers and agencies and may need to share your personal information with them to provide certain services. However, we will only do so where they meet our standards for processing data and have confirmed that they have appropriate data protection and security controls in place. We will only share information with them that is necessary for them to provide services to us or directly to you and our contracts with them prevent them from using your personal information for any other purposes. These include:
• Supplier Partners – trusted partners who supply products and services on our behalf
• Delivery Partners – for you to receive the products you have ordered
• Payment Providers – who take and manage payments
• Credit Reference Agencies – to make sure you can manage the level of credit offered and prevent fraud
• Marketing Companies – who help manage our electronic communications with you
• IT Companies – who support our websites and information systems
We will not otherwise disclose your personal information to anyone else.
We will not sell or rent our customer data to other organisations for marketing purposes
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
For class registration forms, unless we are required to by law, we will not retain your data for longer than necessary for the purposes set out in this policy.
Different retention periods apply for different types of data, however the longest we will normally hold any personal data for is 3 years.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
You have the right to:
access your personal information
You can ask us to confirm what personal information we hold about you and how we use it, where we are obliged to provide copies of this personal information we will do so free of charge.
rectify your personal information
You can ask us to update and correct any out-of-date or incorrect personal data that we hold about you.
erase your personal information
You can ask us to delete information that we hold about you if you have withdrawn your consent, if that information is no longer needed for the purposes for which it was collected, if we are processing it unlawfully or in certain other circumstances.
stop or limit our processing of your personal information
You can object to us processing your personal information if we are not entitled to use it any more or if the processing is based on our legitimate interest (including profiling) where this does not override your rights, to have your information deleted if we are keeping it too long or have its processing restricted where you have contested the accuracy of the data, opposed the erasure of the data, you want us to retain the data so you can establish, exercise or defend legal claims, or you have objected to the processing, whilst a decision on overriding legitimate interests is pending.
withdraw consent
Where you have consented to us processing your personal information you may withdraw this consent at any time, including the right to opt-out of marking communications.
data portability
Where you have provided us with information in a structured, commonly used and machinereadable format which we process by automated means, you can receive this in a standard form or ask us to move or transfer that data to another service provider.
not be subject to automatic decision making
You may not to be subject to a decision based solely on automated processing, including profiling, unless this is necessary for entering into, or performance of, a contract with us, it is authorised by the regulators or it is based on your explicit consent.
If you have any questions about your rights or wish to exercise any of them, please contact us (see HOW TO CONTACT US).
Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information.
You also have the right to lodge a complaint with a data protection regulator where your personal information has or is being used in a way that you believe does not comply with data protection law. Usually this would be in the country where you live or where your legal rights have been infringed.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
If you register via one of our online forms, your information will be shared with or Marketing processor.
Your contact information
If you would like to exercise your rights (see YOUR RIGHTS for further information) or you have a question or a complaint about this policy, the way your personal information is processed, please contact us by one of the following means:
• By email: in**@dl*******.uk
• By post: Data Protection Officer, Dream Live Achieve Academy C.I.C, 2 Great Gable Road, West Bromwich, West Midlands, B71 1DW, United Kingdom
Additional information
THE LEGAL BASIS FOR USING PERSONAL DATA
We are required to set out the legal basis for our ‘processing’ of personal data
We collect and use your personal data because is it necessary:
• for our legitimate interests (as set out below)
• to fulfil our contractual obligations to supply products and services
• to exercise our contractual rights and remedies
• to comply with our legal obligations
Normally, the legal basis for using your personal information is that it is necessary for our legitimate interests. This includes:
• selling and supplying products and services to our customers
• processing orders and dealing with enquiries from our customers
• managing returns and refunds
• protecting our customers, employees and other individuals
• promoting, marketing and advertising our products and services
• sending promotional communications which are relevant and tailored to individual customers
• administering reward or loyalty schemes
• understanding our customers’ behaviour, activities, preferences, and needs;
• improving existing products and services
• developing new products and services
• complying with our legal and regulatory obligations;
• preventing, investigating and detecting crime, fraud or anti-social behaviour
• handling customer contacts, queries, complaints or disputes
• managing insurance claims by customers
• taking appropriate legal action against third parties
• handling legal claims or regulatory enforcement actions taken against us
• fulfilling our duties to our customers, colleagues, shareholders and other stakeholders
How we protect your data
We are committed to keeping your personal information safe and secure and use appropriate security measures to protect your information including:
• encryption of data
• security controls to protect our information systems from external attack
• access controls to our information systems
• logical separation of our systems and information
• penetration testing of systems
• internal information security policies
• personal data and information security training for our employees
• security assessments of all our service providers who may handle your personal information
• never asking you for your passwords
• advising you never to enter your account number or password into an email or after following a link from an email.
We will never ask you for your passwords or to confirm your credit card or payment details via email.
What data breach procedures we have in place
The security of your information is important to us and we will use reasonable security measures to prevent the loss, misuse or unauthorised alteration of your information under our control. However, given the inherent risks, we cannot guarantee absolute security and consequently, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk.
Policy Last Updated 03.01.23