Being Luminary

1. Who we are

This website and our online learning platform are operated by Being Luminary (“we”, “us”, “our”). We are the data controller of the personal information we collect through this site and in connection with our courses and digital products.

Our contact details are:

Postal address: Being Luminary, 71–75 Shelton Street, London, WC2H 9JQ, United Kingdom

Email:  [email protected]

Website: www.beingluminary.co.uk

If you have any questions about this notice or how we use your information, you can contact us using the details above.

2. What information we collect

We collect and process the following types of personal information:

Identity and contact details

Your name, email address and (where provided) job title, organisation, country or other profile information.

Account and course data

Your Thinkific user account details, course and product enrolments, course progress, quiz results, completion certificates, comments, survey responses and any information you submit in forms or discussion areas.

Transaction information

Details of purchases of courses and other products, payment status, currency and billing information. Payment card details are handled securely by our payment processors and are not stored by us.

Marketing and communications data

Your preferences about receiving newsletters and other marketing from us, and records of your interactions with our emails (for example, whether an email was opened or a link was clicked).

Technical and usage data

IP address, browser type, device type, operating system, time zone setting and information about how you use our site and courses. This may be collected via cookies and similar technologies.

We do not intentionally collect special category data (such as information about your health, race, ethnicity, religious beliefs or sexual orientation) through this site. Please avoid including such information in forms or messages unless it is clearly necessary.

3. How we use your information and our legal bases

We use your personal information for the following purposes:

a) To provide our courses, products and services

To create and manage your account.

To enrol you on courses and digital products.

To deliver learning materials, live sessions and other content.

To track your progress and issue certificates or confirmations.

Legal basis: performance of a contract with you (or steps taken at your request before entering into a contract).

b) To process payments and manage orders

To take payment for paid courses or other products.

To handle refunds and resolve payment issues.

To maintain financial and audit records.

Legal basis: performance of a contract with you; compliance with legal obligations (for example, tax and accounting rules).

c) To communicate with you about your account and services

To send service emails such as login details, password resets and course joining instructions.

To notify you about important changes to courses, technical issues or updates to this policy.

Legal basis: performance of a contract; our legitimate interests in running and safeguarding our services.

d) To send you newsletters and marketing communications

If you choose to receive them, we use your email address to send newsletters and other updates. These may include:

• invitations to future courses, programmes and events (both paid and free);
• information about new resources, webinars or opportunities;
• raffles, giveaways and special offers related to our work.

We rely on:

your consent, where you actively opt in to receive marketing; and/or

our legitimate interests, where we rely on the “soft opt-in” under the Privacy and Electronic Communications Regulations (for example, if you have bought a course from us and we email you about similar courses and related offerings, having given you a clear opportunity to opt out when we collected your details and in every email).

You can unsubscribe from marketing emails at any time by clicking the “unsubscribe” link in any email or by contacting us using the details in section 1. If you do so, we will stop sending you marketing but may still send you service messages that are necessary for your account or any courses you are enrolled on.

e) To improve our courses, website and services

To understand how learners use our site and content.

To evaluate and improve our materials, user experience and communications.

To develop new offerings.

Legal basis: our legitimate interests in developing and improving our services. For any non-essential cookies or analytics technologies, we will rely on your consent where required by law.

f) To comply with legal obligations and protect our rights

To comply with legal or regulatory requirements.

To respond to lawful requests from authorities.

To protect our business, our learners and others, for example in relation to misuse, security incidents or legal claims.

Legal basis: compliance with legal obligations; our legitimate interests in protecting our rights and the rights of others.

4. Sharing your information

We do not sell your personal information. We share it only where necessary with trusted third parties, including:

Platform provider

Thinkific Labs Inc., which hosts our online courses, user accounts and related data.

Payment processors

Such as Stripe and PayPal, which securely process payments on our behalf. They receive the information needed to verify and complete your payment.

Email and marketing tools

Such as [insert email platform – e.g. Mailchimp / ConvertKit / ActiveCampaign], which we use to send newsletters, course emails and manage mailing lists.

Analytics and technical service providers

Providers who help us understand how the site is used, maintain security and support our IT infrastructure.

Professional advisers and regulators

Such as accountants, legal advisers, courts and regulatory authorities, where this is necessary for legal, compliance or dispute resolution purposes.

These providers are only allowed to use your information to provide services to us and must keep it secure and confidential.

If any of our service providers are based outside the United Kingdom or European Economic Area (EEA), we will take appropriate steps to ensure that your personal information remains adequately protected, such as by using standard contractual clauses or ensuring the recipient is in a country that has been recognised as providing an adequate level of protection.

5. How long we keep your information

We keep personal information only for as long as reasonably necessary for the purposes described in this policy, including for any legal, accounting or reporting requirements. In particular:

Account and course data

We usually keep account and course information while you have an active account with us and for up to 6 years after your last interaction with us. This helps us maintain accurate records, respond to queries and, if needed, demonstrate what services we provided.

Transaction and payment records

We keep records of purchases and payments for at least 6 years from the end of the financial year in which the transaction took place, in order to comply with UK tax and accounting rules.

Marketing and newsletter data

We keep your marketing preferences and contact details until you unsubscribe or object to receiving marketing, or until we reasonably believe you are no longer interested (for example, if you have not opened or interacted with our emails for around 2 years). We will then remove you from our active mailing lists. We may keep a minimal record that you unsubscribed so that we do not contact you again by mistake.

When we no longer need your information, we will delete it or anonymise it.

6. Cookies and similar technologies

Our website uses cookies and similar technologies to:

make the site work properly (for example, to keep you logged in and remember your preferences);

understand how the site is being used so we can improve it;

in some cases, support marketing and social media features.

Some cookies are essential for the site to function and are set automatically when you use the site. Other cookies, such as analytics or marketing cookies, are non-essential. Where required by law, we will ask for your consent before setting non-essential cookies.

You can manage your cookie preferences via your browser settings and, where available, through our cookie banner or settings tool. Please note that blocking some cookies may affect how the site functions.

We do not currently change our practices in response to “Do Not Track” signals. You can control cookies using the tools described above.

If you publish a separate cookie notice, you can add:

For more information about the specific cookies we use, please see our Cookie Notice.

7. Security

We take reasonable precautions and follow industry standard practices to protect your personal information from loss, misuse, unauthorised access, disclosure, alteration or destruction.

Where we use third-party payment processors, payments are encrypted and processed in line with the Payment Card Industry Data Security Standard (PCI-DSS). We do not store your full payment card details on our own systems.

Although no method of transmission over the internet or electronic storage is completely secure, we aim to use appropriate technical and organisational measures to protect your information.

8. Children

This site and our courses are aimed primarily at adults and professional audiences. We do not knowingly collect personal information from children under [insert age, e.g. 16] without appropriate parental or guardian consent.

If you believe that a child has provided us with personal information without such consent, please contact us using the details in section 1 and we will delete it.

9. Your rights

Under UK data protection law, and depending on the circumstances, you have the following rights:

Right to be informed – to be told how we use your personal information (this policy and any additional notices).

Right of access – to request a copy of the personal information we hold about you.

Right to rectification – to ask us to correct inaccurate or incomplete information.

Right to erasure – to ask us to delete your information in certain circumstances.

Right to restrict processing – to ask us to limit how we use your information in certain circumstances.

Right to data portability – to receive certain information in a structured, commonly used and machine-readable format and/or to request that we transfer it to another controller, where technically feasible.

Right to object – to object to our processing of your information, particularly where we rely on legitimate interests. You have an absolute right to object to us using your personal information for direct marketing.

Rights in relation to automated decision-making – if we ever make decisions about you solely by automated means that have legal or similarly significant effects (we do not currently do this).

To exercise any of these rights, please contact us using the details in section 1. We may need to ask you for information to help confirm your identity.

If you are unhappy with how we have used your data, you also have the right to complain to the UK Information Commissioner’s Office (ICO). You can find their contact details at www.ico.org.uk

.

10. Changes to this privacy policy

We may update this privacy policy from time to time. The updated version will be posted on this page with a revised “last updated” date. We encourage you to check this page periodically so you are aware of any changes.

If we make material changes to this policy, we may also notify you by email or through notices on the site.

11. Contacting us about this policy

If you would like to access, correct, amend or delete any personal information we hold about you, object to our use of your information, or have questions or complaints about this policy, you can contact us at:

Being Luminary, 71–75 Shelton Street, London, WC2H 9JQ, United Kingdom

Email: [email protected]