Privacy Policy

1. Introduction and Who We Are

This privacy policy ('Policy') describes how Learnoscopy Ltd ('Company', 'we', 'us', or 'our') collects, stores, uses, and shares your information when you use our services ('Services'). This includes when you:

• Visit our website at http://www.learnoscopy.com, or any of our websites that link to this Policy.
• Use our mobile application, Learnoscopy ('App').
• Engage with us in other related ways, including sales, marketing, or events.

Learnoscopy Ltd is a company registered in England, and we are the primary 'Data Controller' for the information processed through our platform for our own business purposes.

Reading this Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions, please contact us at support@learnoscopy.com.

2. Our Role as a Data Platform: Learnoscopy, Users, and Organisers

Our Services provide a marketplace that connects individuals and entities offering educational courses ('Organisers') with individuals seeking to enroll in them ('Users'). This relationship impacts how your personal data is handled, and it is crucial that you understand the different roles.

2.1 Learnoscopy as a Data Controller

We act as a Data Controller for the personal information we collect to provide and manage the core functions of our platform. This includes, for example, your account registration details, technical data from your use of the Services, and information we use for platform-wide marketing.

2.2 Organisers as Independent Data Controllers

When you enroll in a course, we will share your personal information (such as your name and email address) with the Organiser of that course. The Organiser needs this information to provide the course to you, communicate with you, and manage their student roster.

Once an Organiser receives your information, they become an independent Data Controller for that data. This means they are independently responsible for their own compliance with data protection laws, including how they handle your information after the course is complete. Our Organiser Terms require them to handle your data lawfully, but we are not responsible for any misuse of your data by an Organiser. You should review the privacy policy of any Organiser whose course you enroll in, if available.

2.3 Your Agreement to This Data Structure

By using our Services to enroll in a course, you acknowledge and agree that your personal information will be shared with the relevant Organiser as described in this Policy.

3. The Information We Collect

We collect personal information in three main ways:

3.1 Information You Provide Directly to Us

We collect information that you voluntarily provide to us depending on how you use the Services.

• For All Users (Account Registration): When you create a Learnoscopy account, we collect your name, email address, and password. You may also voluntarily add other profile information.
• For Organisers (Verification and Profile): If you apply to become an Organiser, we may collect additional information to verify your identity and qualifications, such as your job title, professional credentials, and a profile biography.
• For Payment Transactions: When you purchase a course as a User, your payment is processed directly by our third-party payment processor, Stripe. We do not collect or store your full debit/credit card numbers. We may receive transaction confirmation data, such as your name, the date of the transaction, and the last four digits of your card number.

3.2 Information We Collect Automatically (Technical Data)

When you visit, use, or navigate the Services, we automatically collect certain technical information. This information does not reveal your specific identity but may include device and usage information. This helps us maintain the security and operation of our Services. This information includes:

• Log and Usage Data: Your IP address, browser type, operating system, pages viewed, and the dates and times of your visit.
• Device Data: Information about the computer, phone, or tablet you use to access the Services.
• Location Data: We may collect imprecise location data (such as your country) based on your IP address.

3.3 Information from Third Parties (e.g., Social Logins)

We may provide you with the option to register or log in using your existing social media account details (e.g., Google, Facebook). If you choose to do this, we will receive certain profile information about you from the social media provider, such as your name and email address. The specific information we receive depends on your privacy settings on that social media platform.

4. How and Why We Use Your Information (Our Legal Bases for Processing)

Under UK and EU data protection law (GDPR), we must have a valid legal basis for every way in which we process your personal information. We rely on the following bases:

To Provide Our Services (Performance of a Contract)

Purpose: Creating and managing your account, providing you with access to the platform and your courses, and sending you essential service-related communications (e.g., enrollment confirmations, password resets).

Legal Basis: Performance of a Contract.

To Process Transactions (Performance of a Contract)

Purpose: Facilitating payments for courses between you and the Organiser via our third-party payment processor.

Legal Basis: Performance of a Contract.

For Our Legitimate Business Interests

We process your data when it is in our legitimate interest to do so, and when these interests are not overridden by your data protection rights.

Purpose:

• Ensuring the security of our platform and preventing fraud.
• Analysing how our Services are used so we can improve them and develop new features.
• Conducting marketing for our platform, provided you have not opted out.

Legal Basis: Legitimate Interests.

With Your Permission (Consent)

In specific situations, we will ask for your consent before processing your data.

Purpose: Sending you promotional or marketing communications when you have explicitly opted-in to receive them.

Legal Basis: Consent. You can withdraw your consent at any time.

To Comply with the Law (Legal Obligation)

We may need to process your data to comply with a legal or regulatory requirement.

Purpose: Responding to lawful requests from law enforcement, courts, or tax authorities, or defending our legal rights.

Legal Basis: Legal Obligation.

5. When and With Whom We Share Your Personal Information

We are committed to transparency in how we share your data. We only share information in the following circumstances:

5.1 Sharing Between Users and Organisers

This is the most important sharing activity on our platform. When you enroll in a course, we share necessary personal information with the Organiser who provides that course. This includes your name, email address, and enrollment status. This sharing is essential for the performance of the contract between you and the Organiser, allowing them to provide the course, track your progress, and communicate with you directly. As stated in Section 2, Organisers act as independent Data Controllers for this information.

5.2 Sharing with Our Service Providers and Business Partners

We employ third-party companies and individuals to help us operate and improve the Services. These service providers have access to your personal information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. These include:

• Payment Processors: Such as Stripe, to securely handle payment transactions.
• Cloud Hosting Providers: To host our platform and your data.
• Email and Communication Services: To send you transactional and marketing emails.
• Analytics Providers: To help us understand how our Services are used.

5.3 Sharing for Legal and Safety Reasons

We may disclose your information if we believe it is reasonably necessary to comply with a law, regulation, legal process, or governmental request; to protect the safety of any person; to address fraud, security, or technical issues; or to protect our or our users’ rights or property.

5.4 Sharing in Connection with Business Transfers

If Learnoscopy is involved in a merger, acquisition, or asset sale, your information may be transferred as a business asset. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

6. How Long We Keep Your Information

We will only keep your personal information for as long as it is necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law. We do not use an arbitrary, one-size-fits-all retention period. Instead, our retention periods are based on the purpose for which the data was collected:

• User Account Information: We retain your account data (such as your name, email, and password) for as long as you have an active account with us. If you choose to delete your account, we will begin the process of deleting this information from our active systems.
• Transaction and Financial Records: In compliance with UK law, we are required to keep records of financial transactions for a period of six years from the end of the last company financial year. This data will be securely stored and will not be used for any other purpose.
• Marketing Information: If you have consented to receive marketing communications, we will retain your information for this purpose until you unsubscribe or withdraw your consent.
• Legal Holds: If we are involved in litigation or a regulatory investigation, we may be required to retain your data for longer than our standard retention periods until the matter is resolved.

7. Security of Your Information

We have implemented appropriate technical and organisational security measures designed to protect the security of any personal information we process. These measures include, but are not limited to, encryption of data in transit and at rest, access controls to limit who can see your information, and regular security assessments.

However, despite our safeguards and efforts to secure your information, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure. We cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.

Although we will do our best to protect your personal information, the transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment and take steps to protect your own information, such as using a strong, unique password for your account.

8. International Data Transfers

Our company is based in the United Kingdom, and our primary servers are located in the United Kingdom.

If you are accessing our Services from the European Economic Area (EEA), please be aware that your information will be transferred to, stored, and processed in the UK. The European Commission has made an "adequacy decision" for the UK, which means that the UK's data protection laws are considered to provide a level of protection that is substantially equivalent to those in the EU.

In some cases, we may use third-party service providers (such as for email marketing or analytics) that are based outside the UK and EEA, for example, in the United States. When we transfer your data to these providers, we will ensure that appropriate safeguards are in place to protect your information, such as by using the International Data Transfer Agreement (IDTA) approved by the UK or Standard Contractual Clauses (SCCs) approved by the European Commission, and by verifying that the recipient has adequate security measures in place.

9. Your Data Protection Rights (UK & EEA)

If you are a resident of the United Kingdom or the European Economic Area, you have the following data protection rights under the GDPR:

• The right to access: You have the right to request copies of your personal data.
• The right to rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The right to erasure (the 'right to be forgotten'): You have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing: You have the right to object to our processing of your personal data for our legitimate interests. You have an absolute right to object to your data being used for direct marketing.
• The right to data portability: You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, in a structured, commonly used, machine-readable format.
• The right to withdraw consent: If we are relying on your consent to process your information, you have the right to withdraw that consent at any time.

How to exercise your rights:

If you wish to make a request to exercise any of these rights, please contact us at support@learnoscopy.com. We will consider and act upon any request in accordance with applicable data protection laws.

How to complain:

If you are not satisfied with how we have handled your data, you have the right to lodge a complaint with a supervisory authority. For users in the UK, the relevant authority is the Information Commissioner's Office (ICO). You can find their contact details on their website at www.ico.org.uk.

10. Cookies and Similar Technologies

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. A cookie is a small text file that a website stores on your computer or mobile device when you visit the site.

We use cookies to make our Services work, to improve their performance, and to provide analytics. Some of these cookies are essential for the operation of the Services, while others help us to understand how you use our site so we can improve it.

For more detailed information about the cookies we use, the purposes for which we use them, and how you can manage your cookie preferences, please see our Cookie Policy.

11. Our Policy on Minors

The Services are not intended for or directed at individuals under 18 years of age. We do not knowingly collect personal information from children under 18.

By using the Services, you represent that you are at least 18 years old. If we learn that we have collected personal information from a user under the age of 18, we will take steps to deactivate the account and promptly delete such data from our records.

If you are a parent or guardian and you become aware that your child has provided us with personal information, please contact us at support@learnoscopy.com so that we can take the necessary action.

12. Specific Rights for US Residents

12.1 California Residents (CCPA)

If you are a resident of California, you are granted specific rights regarding access to your personal information under the California Consumer Privacy Act (CCPA).

Categories of Personal Information We Collect

In the past twelve (12) months, we have collected the following categories of personal information:

• A. Identifiers: Real name, email address, account name, Internet Protocol (IP) address, online identifier. (YES)
• B. Personal information categories listed in the California Customer Records statute: Name, contact information. (YES)
• C. Protected classification characteristics under California or federal law: We do not actively collect this data. (NO)
• D. Commercial information: Records of products or services purchased (e.g., course enrollment history). (YES)
• E. Biometric information: Fingerprints, voiceprints. (NO)
• F. Internet or other similar network activity: Browsing history, search history, interaction with our website and app. (YES)
• G. Geolocation data: Imprecise device location (e.g., country from IP address). (YES)
• H. Audio, electronic, visual, thermal, olfactory, or similar information: We do not actively collect this data. (NO)
• I. Professional or employment-related information: Job title, professional qualifications (for Organisers). (YES)
• J. Education Information: We do not actively collect this data. (NO)
• K. Inferences drawn from other personal information: A profile reflecting a user’s preferences or interests (e.g., interest in certain course topics). (YES)
• L. Sensitive Personal Information: Account login information (username and password). (YES)

Use and Sharing of Your Personal Information

Our use and sharing practices are described in detail in Sections 4 and 5 of this Policy. We have not "sold" or "shared" personal information in the preceding twelve (12) months, as those terms are defined under the CCPA.

Your Rights

You have the right to:

• Request to Know: Ask for the specific pieces of personal information we have collected about you and the categories of sources from which it was collected.
• Request to Delete: Ask for the deletion of your personal information, subject to certain legal exceptions.
• Request to Correct: Ask for the correction of inaccurate personal information.
• Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, please contact us at support@learnoscopy.com.

12.2 Virginia Residents (VCDPA)

If you are a resident of Virginia, you may be granted specific rights regarding access to and use of your personal information under the Virginia Consumer Data Protection Act (CDPA). Your rights include the right to access, correct, delete, and obtain a copy of your personal data, and to opt out of the processing of personal data for purposes of targeted advertising or the sale of personal data. Learnoscopy does not sell personal data. To exercise your rights, please contact us at support@learnoscopy.com.

12.3 Controls for Do-Not-Track Features

Most web browsers and some mobile operating systems include a Do-Not-Track ('DNT') feature. At this stage, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.

13. Updates to This Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by a revised 'Last updated' date at the top of this Policy, and the updated version will be effective as soon as it is accessible.

14. How to Contact Us

If you have questions, comments, or concerns about this Policy, or if you wish to exercise your privacy rights, please contact us.

You can contact our Data Protection representative by email at: privacy@learnoscopy.com