1. Introduction
Course Genie Key Limited ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website course-geniekey.com or use our services.
This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are the data controller for the purposes of data protection law.
2. Information We Collect
2.1 Information You Provide to Us
We may collect and process the following personal information:
- Contact Information: Name, email address, phone number, and postal address when you contact us or subscribe to our newsletter
- Business Information: Company name, job title, and business requirements when you enquire about our services
- Communication Data: Records of correspondence and communications with us
- Service Data: Information provided during consultations, project work, or service delivery
2.2 Information We Collect Automatically
When you visit our website, we may automatically collect:
- Technical Data: IP address, browser type, operating system, referring website, pages visited, and time stamps
- Usage Data: Information about how you use our website, products, and services
- Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy)
3. How We Use Your Information
We use your personal information for the following purposes:
- Service Provision: To provide, maintain, and improve our digital assistant and AI services
- Communication: To respond to your enquiries, provide customer support, and send service-related communications
- Marketing: To send you newsletters, promotional materials, and other marketing communications (with your consent)
- Business Operations: To manage our business relationships, process payments, and maintain records
- Legal Compliance: To comply with legal obligations and protect our legal rights
- Website Improvement: To analyse website usage and improve user experience
4. Legal Basis for Processing
We process your personal information based on the following legal grounds:
- Consent: Where you have given clear consent for processing (e.g., marketing communications)
- Contract: Where processing is necessary for performing a contract with you
- Legal Obligation: Where we need to comply with legal or regulatory requirements
- Legitimate Interests: Where processing is necessary for our legitimate business interests, balanced against your rights
5. How We Share Your Information
We may share your personal information in the following circumstances:
- Service Providers: With trusted third-party vendors who assist in delivering our services, subject to appropriate confidentiality agreements
- Business Transfers: In connection with any merger, acquisition, or sale of business assets
- Legal Requirements: When required by law, regulation, or court order
- Protection of Rights: To protect our rights, property, or safety, or that of others
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
6. International Transfers
Your personal information may be transferred to and processed in countries outside the UK. When we do this, we ensure appropriate safeguards are in place, including:
- Adequacy decisions by the UK government
- Standard contractual clauses approved by the UK authorities
- Binding corporate rules or certification schemes
7. Data Security
We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit and at rest
- Regular security assessments and monitoring
- Access controls and authentication procedures
- Staff training on data protection and security
- Incident response and breach notification procedures
8. Data Retention
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including:
- Contact and Communication Data: Retained for up to 7 years after last contact
- Service Data: Retained for the duration of the service relationship plus 7 years
- Marketing Data: Retained until you withdraw consent or for 3 years from last engagement
- Technical and Usage Data: Typically retained for 2 years for analytics purposes
9. Your Rights
Under UK GDPR, you have the following rights regarding your personal information:
- Right of Access: Request copies of your personal information
- Right to Rectification: Request correction of inaccurate or incomplete information
- Right to Erasure: Request deletion of your personal information in certain circumstances
- Right to Restrict Processing: Request limitation of processing in certain circumstances
- Right to Data Portability: Request transfer of your data to another organisation
- Right to Object: Object to processing based on legitimate interests or for direct marketing
- Rights Related to Automated Decision Making: Protection against solely automated decision-making
To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month.
10. Cookies and Tracking Technologies
Our website uses cookies and similar technologies to enhance your browsing experience and analyse site usage. For detailed information about our use of cookies, please see our Cookie Policy.
11. Third-Party Links
Our website may contain links to third-party websites. This Privacy Policy does not apply to those websites, and we are not responsible for their privacy practices. We encourage you to read the privacy policies of any third-party websites you visit.
12. Children's Privacy
Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make changes, we will:
- Update the "Last updated" date at the top of this policy
- Notify you of significant changes via email or website notice
- Obtain your consent where required by law
14. Contact Information
If you have any questions about this Privacy Policy or our data practices, please contact us:
15. Complaints
If you believe we have not handled your personal information in accordance with this Privacy Policy or applicable data protection laws, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
16. Data Protection Officer
We have appointed a Data Protection Officer (DPO) to oversee compliance with data protection laws. You can contact our DPO at: