GDPR Compliance

Our Commitment to GDPR Compliance

We are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR). This page outlines your rights under GDPR and how we ensure compliance with these regulations.

Legal Basis for Processing

We process your personal data under the following legal bases:

Contractual Necessity

Processing is necessary to fulfill our contract with you when you enroll in training programs. This includes delivering course materials, providing feedback, and managing your program participation.

Legitimate Interests

We process certain data based on legitimate interests, such as improving our services, preventing fraud, and ensuring network security. We balance these interests against your rights and freedoms.

Consent

For certain processing activities, such as marketing communications, we rely on your explicit consent. You can withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

Legal Obligations

We may process your data to comply with legal obligations, such as tax reporting or responding to lawful requests from authorities.

Your Rights Under GDPR

Right to Access

You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data. We will provide this information in a structured, commonly used, and machine-readable format.

Right to Rectification

You can request correction of inaccurate personal data and completion of incomplete personal data.

Right to Erasure

You have the right to request deletion of your personal data under certain circumstances, including when data is no longer necessary for the purposes for which it was collected, when you withdraw consent, or when you object to processing.

Right to Restriction of Processing

You can request that we restrict processing of your personal data in certain situations, such as when you contest the accuracy of the data or object to processing.

Right to Data Portability

Where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal data in a structured format and to transmit that data to another controller.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produces legal effects or similarly significantly affects you. We do not currently engage in automated decision-making of this nature.

Data We Collect

We collect the following categories of personal data:

• Identity data: name, username
• Contact data: email address, postal address
• Technical data: IP address, browser type, device information
• Usage data: how you interact with our website and services
• Content data: voice recordings submitted for training feedback
• Communication data: correspondence and feedback you provide

Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected or as required by law. Specific retention periods include:

• Enrollment and program participation data: duration of program plus 2 years for support purposes
• Voice recording submissions: 90 days after program completion
• Communication records: 3 years
• Financial records: 7 years for tax compliance

After retention periods expire, we securely delete or anonymize personal data.

Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls limiting data access to authorized personnel
• Staff training on data protection principles
• Incident response procedures for data breaches

International Data Transfers

Your personal data is stored and processed within the European Economic Area. If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

Data Protection Officer

For questions about our GDPR compliance or to exercise your rights, contact us at [email protected]. We will respond to your request within one month, though we may extend this by two additional months for complex requests.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your residence, place of work, or place of alleged infringement if you believe our processing of your personal data violates GDPR.

For the United Kingdom, the relevant supervisory authority is the Information Commissioner's Office (ICO), which can be contacted at ico.org.uk.

How to Exercise Your Rights

To exercise any of your GDPR rights, send a detailed request to [email protected]. Include:

• Your full name and email address used for enrollment
• Specific right you wish to exercise
• Any relevant details to help us locate your data

We may request additional information to verify your identity before processing requests involving personal data access or deletion.

Updates to This Policy

We may update our GDPR compliance information to reflect changes in our practices or legal requirements. Significant changes will be communicated via email to enrolled users or through prominent notice on our website.