1. Introduction and Scope

ecrynovalitho ("we," "our," or "us") operates ecrynovalitho.com and provides financial modeling education services. This privacy policy explains how we collect, use, process, and protect your personal information when you visit our website, use our services, or interact with us in any capacity.

This policy applies to all personal data we process about individuals in the United Kingdom and complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By using our services, you acknowledge that you have read and understood this privacy policy.

2. Information We Collect

We collect various types of information to provide and improve our financial modeling education services. The categories of personal data we may collect include:

3. How We Use Your Information

We process your personal data for specific purposes based on legitimate legal grounds. Our primary uses of your information include:

• Providing access to our financial modeling courses and educational materials
• Processing course enrollments, payments, and issuing certificates of completion
• Communicating about course updates, schedule changes, and important announcements
• Personalising your learning experience and tracking educational progress
• Providing technical support and responding to your inquiries
• Improving our website functionality and developing new educational content
• Sending marketing communications about related courses (with your consent)
• Complying with legal obligations and protecting our legitimate business interests

4. Data Sharing and Third Parties

We may share your personal information with carefully selected third parties who help us deliver our services. We maintain strict controls over how these parties can use your data:

5. Your Rights and Choices

Under UK data protection law, you have several important rights regarding your personal information:

• Right of Access: You can request a copy of the personal data we hold about you
• Right to Rectification: You can ask us to correct inaccurate or incomplete information
• Right to Erasure: You can request deletion of your personal data in certain circumstances
• Right to Restrict Processing: You can ask us to limit how we use your information
• Right to Data Portability: You can request your data in a structured, machine-readable format
• Right to Object: You can object to processing based on legitimate interests or for marketing purposes
• Rights related to Automated Processing: You can request human intervention in automated decision-making

To exercise any of these rights, please contact us using the details provided at the end of this policy. We will respond to your request within one month, though this may be extended in complex cases.

6. Data Security and Protection

We implement comprehensive security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. Our security practices include:

• Encryption of data in transit and at rest using industry-standard protocols
• Regular security assessments and vulnerability testing
• Access controls and authentication systems for all personnel
• Secure backup systems and disaster recovery procedures
• Regular staff training on data protection and security best practices
• Incident response procedures for potential security breaches

7. Data Retention and Deletion

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this privacy policy, unless a longer retention period is required by law. Our retention periods vary depending on the type of information:

When we no longer need your personal information, we securely delete or anonymise it in accordance with our data retention schedule and applicable legal requirements.

8. International Data Transfers

While we primarily store and process your data within the United Kingdom, some of our service providers may be located in other countries. When we transfer your personal data outside the UK, we ensure appropriate safeguards are in place:

• Transfer to countries with adequacy decisions from the UK government
• Use of Standard Contractual Clauses approved by UK authorities
• Binding Corporate Rules for multinational service providers
• Certification schemes and codes of conduct where applicable

We regularly review our international transfer arrangements to ensure they provide adequate protection for your personal information.

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and analyse site usage. We categorise cookies as follows:

You can control cookie settings through your browser, though disabling certain cookies may affect website functionality. We provide detailed information about our cookie usage in our separate Cookie Policy.

10. Changes to This Privacy Policy

We may update this privacy policy periodically to reflect changes in our practices, services, or legal requirements. When we make significant changes, we will:

• Post the updated policy on our website with a revised date
• Send notification emails to registered users for material changes
• Provide clear information about what has changed
• Allow reasonable time for you to review the changes

We encourage you to review this privacy policy regularly to stay informed about how we protect your information. Continued use of our services after policy updates constitutes acceptance of the revised terms.

11. Children's Privacy

Our services are designed for adults and we do not knowingly collect personal information from children under 16 years of age. If we discover that we have inadvertently collected information from a child under 16, we will promptly delete such information from our systems.

If you are a parent or guardian and believe your child has provided personal information to us, please contact us immediately so we can take appropriate action to remove the information and terminate any associated accounts.