Data Protection Policy
Introduction
EnglishwithQendresa LLC is committed to providing a high-quality learning experience for every individual who interacts with our services. As part of that commitment, we are equally focused on protecting your personal data and using it only in lawful, transparent, and secure ways. To provide our services effectively, we must collect and use certain personal information about individuals including customers, affiliates, employees, business partners, and others with whom we have a relationship.
This policy outlines how we collect, use, store, and safeguard personal data in accordance with UK data protection law and the EU General Data Protection Regulation (GDPR).
Why This Policy Exists
This policy helps ensure that EnglishwithQendresa LLC:
-
Complies with applicable data protection laws including the UK GDPR and the Data Protection Act 2018
-
Is transparent about how we process personal data
-
Protects the rights of individuals whose data we process
-
Minimizes the risk of data breaches and security threats
EU General Data Protection Regulation (GDPR)
As a UK-based business serving individuals across various regions, including the EU, we follow GDPR requirements. This regulation mandates that personal data must be:
-
Processed lawfully, fairly, and transparently
-
Collected for specified, legitimate purposes
-
Accurate and kept up to date
-
Relevant and limited to what is necessary
-
Retained only for as long as needed
-
Protected against unauthorized access or loss
-
Not transferred outside the EEA unless proper safeguards are in place
1. Policy Statement
We receive, use, and store personal information from individuals on a daily basis. We handle this data responsibly and lawfully, and we recognize the importance of maintaining the trust individuals place in us.
2. About This Policy
This policy sets the foundation for how we process personal data. It may be updated from time to time. All employees and partners are expected to adhere to its principles. Questions or concerns about this policy should be directed to our Data Protection Officer at [email protected].
3. What is Personal Data?
Personal data refers to any information that can identify a living individual either directly or indirectly. It includes names, email addresses, IP addresses, payment details, and usage data. Sensitive data may include location, device identifiers, and activity logs. We only process this data under strict conditions and for its intended purposes.
4. Data Protection Principles
We follow the core principles of lawful processing, data minimization, accuracy, storage limitation, and accountability. All data is handled securely and in line with individual rights.
5. Fair and Lawful Processing
We process personal data only for legitimate purposes, such as when:
-
You give us consent
-
It’s necessary for a contract
-
It’s required by law
-
It serves our legitimate business interests
Collection of Information
We collect personal data through direct input (e.g. name, email, address, payment info), service usage, customer support interactions, preferences, and surveys. We also collect device and session data automatically, such as IP address, browser type, page views, cookies, and usage behavior.
Use of Information
We use data to personalize your experience, improve our services, support your learning journey, process payments, monitor activity, and create relevant content. Our goal is always to enhance your educational outcomes and simplify your platform experience.
6. Processing for Limited Purposes
We collect data directly from you or through trusted third-party partners and process it only for clearly defined purposes as outlined when the data is collected.
7. Notifying Individuals
When we collect personal data, we inform individuals of:
-
Why we’re collecting it
-
The legal basis for processing
-
Who we might share it with
-
How long we’ll keep it
-
Their data rights and how to exercise them
-
Our contact details for privacy-related queries
If data is obtained from other sources, we provide this information within one month of receiving it.
8. Adequate, Relevant and Non-Excessive Processing
We only collect the data we need to fulfill specific purposes, and no more.
9. Accurate Data
We make efforts to ensure that all personal data is accurate and up to date. We review and correct any inaccuracies when discovered.
10. Timely Processing
We do not keep personal data longer than necessary. When data is no longer required, it is securely deleted or destroyed.
11. Individual Rights
Individuals have the right to:
-
Know whether we hold personal data
-
Access their data
-
Request corrections or deletion
-
Object to processing
-
Limit data use
-
Request data portability
-
Withdraw consent at any time
-
File a complaint with the Information Commissioner's Office (ICO)
12. Data Security
We implement strong safeguards to protect personal data against unauthorized access, misuse, loss, or destruction. This includes:
-
Password-protected access
-
Secure storage and encrypted data
-
Limited access by staff based on role
-
Proper disposal of paper and digital files
-
Monitoring of systems and logins
We only transfer data outside the UK or EEA when adequate legal protection is in place, such as contracts or approved certifications.
13. Staff Access and Procedures
Our team is trained on data privacy responsibilities. Computers are password-protected, screens are locked when unattended, and confidential documents are stored securely.
14. Sharing Data
We may share data with our subsidiaries, technology providers, or subcontractors only where necessary, and only under strict data protection agreements.
15. Subject Access Requests
Individuals may request access to the personal data we hold. All requests should be submitted via email to [email protected]. We may ask for proof of identity before releasing any information.
16. Changes to This Policy
We may update this policy at any time. If significant changes are made, we will notify users via the Site, email, or through our services so that you have the chance to review them.
