Privacy Policy.

i. Who we are

We are the data controller responsible for your personal data.

If you have any question about this policy or how we process your personal data, contact us at the email above.

ii. What personal data we collect

When you fill in our Free PDF form, you provide us with:

• Your first name
• Your email address

We also collect, automatically, when you visit our sites:

• Technical data: IP address, browser type and version, device type, and operating system
• Usage data: pages visited, time spent, the URL that referred you to us
• Campaign data: UTM parameters (utm_source, utm_medium, utm_campaign, utm_content, utm_term) and our internal identifiers vid and lm, which tell us which lesson link brought you here so we can send you the right PDF

We do not knowingly collect any special category data (such as health, religion, or political opinions).

iii. How we collect your data

• Directly from you when you fill in our form
• Automatically, via cookies and similar tracking technologies (see section x.)
• From third parties such as Meta (Facebook / Instagram) if you arrive via one of our ads

iv. Why we process your data (lawful basis)

Under UK GDPR, we must have a lawful basis for every purpose we process your data for. Ours are:

Delivering the PDF you requested

Performance of a contract (UK GDPR Art. 6(1)(b))

Sending you follow-up lessons and course updates

Your consent, given via opt-in on our form (UK GDPR Art. 6(1)(a))

Measuring ad performance and content reach

Our legitimate interests in running a sustainable business, and — where required by PECR — your consent

Complying with legal obligations

Legal obligation (UK GDPR Art. 6(1)(c))

You can withdraw your consent at any time by clicking "unsubscribe" in any of our emails or by emailing us using the details in section i.

v. Who we share your data with

We use carefully selected processors to help us run our service. Each one is bound by a written data processing agreement.

• Brevo (Sendinblue) — email delivery and marketing automation (EU/EEA)
• Make (formerly Integromat) — workflow automation that connects our form to Brevo (EU/EEA)
• Meta Platforms (Facebook / Instagram) — advertising measurement via the Meta Pixel (USA)
• Cloudflare — hosting, delivery, and security (global)

We do not sell your personal data.

vi. International transfers

Some of our processors operate outside the UK. Where this is the case, we rely on safeguards approved by the UK government and the Information Commissioner's Office — typically the UK International Data Transfer Agreement (IDTA), the International Data Transfer Addendum to the EU Standard Contractual Clauses, or the EU-US Data Privacy Framework where applicable.

You can request more details about these safeguards at any time using the contact details in section i.

vii. How long we keep your data

• Subscriber data (name, email): for as long as you remain subscribed, plus 6 months after unsubscribing for legal record-keeping
• Technical / usage data: up to 26 months
• Records of consent: up to 6 years after consent is withdrawn, to evidence lawful processing

Once we no longer need your data, we delete or anonymise it.

viii. Your rights

Under UK GDPR, you have the right to:

• Access the personal data we hold about you
• Rectify inaccurate or incomplete data
• Erase your data (the "right to be forgotten")
• Restrict how we process your data
• Object to processing based on legitimate interests or direct marketing
• Data portability — receive your data in a machine-readable format
• Withdraw consent at any time, without affecting the lawfulness of processing before withdrawal

To exercise any of these rights, email us at [[email protected]]. We will respond within one month.

You also have the right to lodge a complaint with the Information Commissioner's Office, the UK's data protection authority:

• Website: ico.org.uk
• Telephone: 0303 123 1113

ix. Marketing communications

You will only receive marketing emails from us if:

• You opted in when filling in our form; or
• You previously requested a free PDF from us and we have a legitimate interest in sending you related lessons (the PECR "soft opt-in")

Every marketing email contains a one-click unsubscribe link. Transactional messages (the PDF you requested, for example) will continue until you cancel your subscription.

x. Cookies and tracking technologies

We use cookies and similar technologies (including the Meta Pixel) to make the site work, measure its performance, and deliver relevant advertising. We group them as follows:

Essential

Required for the site to function. No consent needed under PECR.

Analytics

Help us understand how visitors use our site. Set only with your consent.

Marketing

Used by the Meta Pixel and similar tools to measure and target advertising. Set only with your consent.

You can manage your preferences via the cookie banner on our site, or through your browser's cookie settings. Rejecting non-essential cookies does not prevent you from using the site.

xi. Children's data

Our service is not directed at children under 13. If you are under 13, please do not submit any personal data to us. If we discover that we have collected data from a child under 13, we will delete it promptly.

xii. Security

We take appropriate technical and organisational measures to protect your personal data, including:

• HTTPS encryption for data in transit
• Access controls on our systems and processors
• Encrypted storage at rest with our processors
• Regular review of our security practices

No method of transmission or storage is 100% secure. If you become aware of a security issue involving your data, please contact us immediately.

xiii. Changes to this policy

We may update this policy from time to time. When we do, we will post the updated version here and revise the effective date at the top. For significant changes, we will notify you by email where we have your contact details.

xiv. Contact us

For any question about this Privacy Policy or about your personal data: