Privacy Policy

Last updated: 1 January 2025

1. Who We Are

Crowdsafe Academy ("we", "us", "our") is responsible for this website and the processing of your personal data. If you have any questions about how we handle your data, you can contact us at hello@crowdsafe.academy.

2. What Data We Collect

We collect and process the following personal data:

  • Contact information: your name, email address, phone number, and company name when you make a booking or contact us.
  • Booking data: course bookings, payment records (processed securely by Stripe — we do not store card details), and attendance records.
  • Communications: any messages you send us via the contact form or by email.
  • Technical data: IP address, browser type, and usage data collected automatically when you visit our website.

3. How We Use Your Data

We use your personal data to:

  • Process and manage your course bookings.
  • Send booking confirmations, reminders, and course-related communications.
  • Issue certificates of completion where applicable.
  • Respond to enquiries and provide customer support.
  • Improve our website and services.
  • Comply with our legal obligations.

4. Legal Basis for Processing

We process your data on the following legal bases: contract performance (to fulfil your booking), legitimate interests (to improve our services and communicate with you about relevant courses), and legal obligation (to comply with applicable laws). Where we send marketing communications, we will rely on your consent, which you may withdraw at any time.

5. Sharing Your Data

We do not sell your personal data. We may share it with trusted third-party service providers who assist us in operating our business — including Stripe (payment processing), Resend (email delivery), and Supabase (secure data storage). These providers are bound by their own privacy policies and data processing agreements.

6. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes described in this policy, or as required by law. Booking records are typically retained for 7 years for accounting and legal purposes. You may request deletion of your data at any time (see section 8).

7. Cookies

Our website uses essential cookies to function correctly. We do not use tracking or advertising cookies without your consent. By continuing to use our website, you agree to our use of essential cookies.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data ("right to be forgotten").
  • Object to or restrict certain processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time (where processing is based on consent).

To exercise any of these rights, please email us at hello@crowdsafe.academy. We will respond within 30 days.

9. Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it. All payment data is handled by Stripe and is never stored on our servers.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect any changes. We encourage you to review this policy periodically.

11. Complaints

If you have concerns about how we handle your data, you have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

← Back to courses