Privacy Policy
The Visual Learning Company Limited (Company Registration Number 6928326) (“us, we, our”) maintain a policy of strict confidence concerning your (“you, your”) personal data (“Privacy Policy”).
This Privacy Policy has been developed in accordance with data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Data Protection Act 1998 (“DPA”), as amended from time to time (Data Protection Law).
The Privacy Policy applies to the collection, storage, use, dissemination and processing of your personal data by us. The term “personal data”, as used in this Privacy Policy, includes personal data as defined under the GDPR, and includes any personal information that you might supply to us or that might be collected about you by accessing this site www.visuallearning.co.uk (“Site”), the Smart Multimedia Library platform (“Platform”) or otherwise. This Privacy Policy applies to information provided to us whether via the Site, the Platform or any other means.
For the purposes of Data Protection Law, the data processor is The Visual Learning Company Limited. If you have any further questions or if you wish to receive further details on our information practices and Privacy Policy, please contact our Privacy Officer using the method set out below.
Collecting personal data
The personal data you provide to us, or collected about you, are collected for the following Purposes:
-
the creation of accounts for fraud detection purposes;
-
to limit access to the Site and Platform to legitimate subscribers;
-
to track viewing and account history in order to enable teachers and educational institutions to observe the learning and behaviour of their students;
-
to otherwise provide the functions and services offered on the Site and the Platform to you;
-
to enhance your use and our provision of the Site and the Platform;
-
to improve the Site and the Platform; and
-
to keep you informed of our products and services that might be relevant to you.
The types of personal data we collect from you includes your contact details such as name, email address, phone number, job title, student or staff group, and institution name. We will generally collect personal data directly from you. We may collect your personal data in any of the following ways:
-
when you log on and access the Platform;
-
when you access our Site and provide your personal data;
-
during conversations and/or correspondence between you and The Visual Learning Company Team;
-
when you complete a transaction with us;
-
when you otherwise elect to provide personal data to us; or
-
from third parties such as your institution.
If someone other than you provides us with personal data about you that we did not ask for, we will notify you, as soon as practicable that we have received this personal data. This notice will be given unless to do so would be in breach of an obligation of confidence. If we could not have collected this personal data, we will lawfully de-identify or destroy that personal data.
Processing personal data
For users of the Services, we generally process your personal data on the legal basis of legitimate interest. Our legitimate interest is our commercial provision of our educational services to you, including the use of the Platform, as set out in the Purposes above. In determining this legitimate interest, we have taken into account your age, where relevant, the educational purpose of the Platform, and the nature of the Services.
We may request your consent, or the consent of your educational institution or school, for us to process your personal data for the Purposes above or other purposes. We may also enter into a data processing agreement which your educational institution for the processing of personal data under the GDPR.
We may also process your data where we are required by law to protect our rights or property (or those of any third party), or to avoid injury to any person.
Recipients or categories of recipients of personal data
The Visual Learning Company will be the primary recipient of your personal data.
We will comply with our obligations under the GDPR with respect to the technical and organisational security measures required to protect your personal data.
We will comply with our GDPR obligations when engaging sub-processors and we will ensure that all sub-processors comply with their GDPR obligations.
Overseas transfer
These recipients of your personal data may be located in countries in which the privacy or data protection laws differ from those of the European Union. In relation to recipients in:
-
Australia, appropriate or suitable safeguards over your personal data have been put in place by virtue of standard data protection contract clauses approved by the European Commission; and
-
the United States, a data protection adequacy decision has been made for organisations to which the Privacy Shield applies. All of the recipients of your personal data within the US are a part of this Privacy Shield.
How long we keep your personal data
We will store your personal data for as long as you engage with the Platform and for a period of time afterwards based on our document retention obligations imposed by law and to comply with audit and financial obligations.
Your rights under the GDPR
You have a number of rights under the GDPR. These include:
-
to request access to, erasure of your personal data from us. You have a right to ask us to provide a copy or remove any of the personal data we hold about you. If you make this request, to your personal data we hold about you, you must do so in accordance with the DPA and the GDPR. We will respond to your request within a reasonable period of time and give access to the information in the manner you request or remove your personal data. If we no longer need your personal data, unless we are required under the GDPR, English law or a court or tribunal order to retain it, we will take reasonable steps to de-identify your personal data or destroy your personal data securely;
-
to request that we correct your personal data. We take all reasonable steps to ensure that your personal data held by us is accurate and up-to-date. If you believe that any of your personal data is inaccurate, please contact us using the method set out below and we will take all reasonable steps to correct it within a reasonable time.
-
to withdraw your consent for us to use your personal data;
-
in some circumstances, to object to the use of your personal data by us and request that we restrict our use of your personal data;
-
to receive your personal data held by us, in a commonly used electronic format, or to have us transfer such personal data to another service provider of your choosing;
-
to lodge a complaint in relation to our processing of your personal data with a data protection supervisory authority under the GDPR; and
-
to be informed generally about the collection and use of your personal data, including where we intend to further process your personal data for additional purposes other than as discussed above.
Children
Although we will comply with this Privacy Policy in respect of personal data provided to us by persons under the age of 16 years, those persons must obtain the consent of a parent or guardian prior to using the Site and/or the Platform and the parent or guardian and institution will be responsible for appropriately supervising the person’s use of the Site and/or the Platform.
Cookies
When you visit the Site we may attach a “cookie” to your computer’s memory. This “cookie” is a small text file which assists us to store session information when you are logged into the Site and to facilitate seamless access between our different services.
If you choose to do so, you should be able to configure your computer so that it disables “cookies” or does not accept them, however, this may impact the functionality of the Site.
Direct marketing
If we have obtained your personal data through your use of the Platform (for example, when you log-on to use the Platform) or from your institution in connection with your use of the Platform, we will not use your personal data for marketing purposes and your personal data will not be stored on our customer relationship management (CRM) system.
If we have obtained your personal data by other ways permitted in this Privacy Policy, including via the Site, we may, and, where we have shared your personal data with our group companies and you have given your consent to do so, they may use your personal data to send you information about new developments, products, services and special offers.
You can, at any time, opt out of receiving marketing material from us by contacting us using the method set out below or, where we have sent you electronic marketing materials, by using the unsubscribe link within the communication. You agree and acknowledge that even if you opt out of receiving marketing material, we will still send you essential information that we are required to send you relating to the services we provide. Once you opt out of receiving marketing material from us, you agree and acknowledge that this removal from our distribution lists may take several business days after the date of your request to be removed.
Storage and security
We will use all reasonable endeavours to keep your personal data in a secure environment, however, this security cannot be guaranteed. Our security measures include tiered access to the Platform, password access for administration accounts that are changed every 90 days, use of encryption software for traffic on the Site and the Platform, and recording systems of access to the Platform. These security measures are designed to ensure your personal data is not subjected to unauthorised access, loss or misuse. If you reasonably believe that there has been unauthorised use or disclosure of your personal data please contact us using the method set out below.
Variation and consent to variation
We may vary the terms of this Privacy Policy at any time. You should check this Privacy Policy regularly so that you are aware of any variations made to this Privacy Policy.
Contact with us
You can requests or complaints under this Privacy Policy by writing to:
Privacy Officer
13 Knights Templar Way
High Wycombe Bucks HP11 1PX
or sending an email to us at info@visuallearning.co.uk
If you would like to make a complaint in relation to how we have handled your personal data, please include a written summary of your relevant complaint.
We will investigate your complaint and will endeavour to provide you with a written response within 30 days of receiving your complaint.