Last updated: [DATE]
1. Who we are
Controller: SWL Learning Hub
Contact email: [YOUR EMAIL]
Business address (optional): [YOUR ADDRESS]
2. What data we collect
We may collect the following types of data:
2.1 Account & profile data
• Name
• Email address
• Login credentials (stored securely via our authentication provider)
• Course progress (e.g. lessons completed)
2.2 Payment data (if you sell courses)
We do not store full card details. Payments are handled by Stripe (or another payment provider).
Stripe may process:
• Billing name and email
• Payment confirmation and transaction details
• Partial payment identifiers (e.g. last 4 digits, payment IDs)
2.3 Technical data
• IP address
• Browser type and device information
• Approximate location (based on IP)
• Usage data (pages visited, time spent, clicks)
2.4 Contact & support data
If you contact us, we may store:
• Your message content
• Contact details
• Support history
3. How we use your data
We use personal data to:
• Create and manage your account
• Provide access to lessons and learning content
• Track learning progress and achievements
• Process payments and prevent fraud
• Improve performance and user experience
• Communicate service messages (account, purchases, support)
4. Legal basis (GDPR)
We process your data under the following legal bases:
• Contract (to provide your account and purchased content)
• Legitimate interests (security, analytics, improving the platform)
• Consent (optional marketing emails, cookies where required)
• Legal obligation (tax/accounting where applicable)
5. Cookies & analytics
We may use cookies and similar technologies to:
• Keep you logged in
• Measure site performance and usage
• Improve the platform
You can control cookies through your browser settings.
If we use a cookie banner/consent tool, you can manage preferences at any time.
6. Who we share data with
We only share your data when needed to run the service, for example:
• Hosting / infrastructure: [e.g. Vercel / Firebase / Supabase / AWS]
• Authentication: [e.g. Clerk / Auth provider]
• Payments: Stripe
• Email delivery: [e.g. SendGrid / Brevo / MailerSend]
• Monitoring (optional): [e.g. Sentry / LogRocket]
These providers process data under appropriate safeguards.
7. Data retention
We keep your data only as long as needed:
• While your account is active
• As required for legal/accounting purposes
• Or until you request deletion (where applicable)
8. Your rights
Depending on your location (including the UK/EU), you may have rights to:
• Access your data
• Correct inaccurate data
• Request deletion
• Object to processing
• Data portability
• Withdraw consent (where processing is based on consent)
To request anything, email: [YOUR EMAIL]
9. Children’s privacy
Our Service is not intended for children under [AGE] without parental consent.
If you believe a child has provided personal data, contact us and we will delete it.
10. Security
We take reasonable technical and organisational measures to protect your data, including encryption and access controls.
11. International transfers
If we use service providers outside your country, we ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses where relevant).
12. Changes to this policy
We may update this Privacy Policy from time to time. The latest version will always be published on this page.
13. Contact
If you have questions, contact:
[YOUR EMAIL]