1. Information We Collect

Personal Information You Provide

When you sign up for our services or contact us, we collect information that you choose to share with us. This includes:

• Your name, email address, and phone number when you register or reach out
• Payment details processed through secure third-party providers
• Professional information like your job title or organization name
• Messages and content you send through our contact forms
• Course enrollment data and learning preferences

Automatically Collected Information

Our systems gather certain technical information when you visit our site. Nothing sneaky here – just standard website operations:

• IP addresses and browser types for security and performance monitoring
• Pages you visit and features you use on our platform
• Time stamps and session duration to improve user experience
• Device information including operating system and screen resolution
• Referral sources showing how you found us

Cookies and Tracking Technologies

We use cookies to remember your preferences and keep our service running smoothly. You can control these through your browser settings, though some features might not work as well if you disable them. Our cookies fall into these categories: essential ones that keep the site functional, analytics cookies that help us understand usage patterns, and preference cookies that remember your settings.

2. How We Use Your Information

We're not in the business of hoarding data for no reason. Here's what we actually do with the information we collect:

3. Data Sharing and Third Parties

Sometimes we need to share information with other organizations to provide our services properly. When we do, we make sure they handle your data responsibly.

Service Providers We Work With

• Payment processors who handle transactions securely (we never see your full card details)
• Email service providers for sending course communications and updates
• Cloud hosting providers who store data in secure facilities
• Analytics services that help us understand how people use our platform
• Customer support tools that help us respond to your questions efficiently

Legal Requirements

We might share your information if we're legally required to do so – for example, in response to court orders or regulatory requests. We'll assess any such requests carefully and only share what's legally necessary.

Business Transfers

If Flareon API is acquired or merged with another organization, your information would be transferred as part of that transaction. We'd notify you beforehand and explain any changes to how your data is handled.

4. Your Rights Under UK Law

The UK General Data Protection Regulation gives you several rights regarding your personal information. These aren't just legal formalities – we genuinely want you to have control over your data.

Access Your Data

You can request a copy of all personal information we hold about you. We'll provide this in a commonly used electronic format within one month of your request. There's no charge unless you make repeated requests or ask for something unreasonably complex.

Correct Inaccurate Information

Spotted an error in your details? Let us know and we'll fix it promptly. You can update most information directly through your account settings, or contact us for help with anything else.

Delete Your Information

You can ask us to delete your personal data in certain circumstances – for instance, if you withdraw consent or no longer want to use our services. We'll comply unless we have a legitimate legal reason to keep it (like completing a transaction you initiated).

Restrict Processing

Sometimes you might want us to keep your data but not use it actively. This could apply while we're resolving a dispute about accuracy or if you've objected to processing and we're verifying our legitimate grounds.

Data Portability

You can request your data in a structured, machine-readable format to transfer it to another service provider. We'll provide this for information you've given us based on consent or contract performance.

Object to Processing

You have the right to object to how we process your information in certain situations, particularly for marketing purposes. We'll stop unless we can demonstrate compelling legitimate grounds that override your interests.

5. Data Security Measures

Protecting your information isn't an afterthought for us – it's built into how we operate. Here's what we do to keep your data safe:

• All data transmission uses industry-standard TLS encryption
• Passwords are hashed using strong cryptographic algorithms
• Access to personal data is restricted to authorized personnel who need it for their work
• Regular security audits and vulnerability assessments
• Secure backup systems with encrypted storage
• Monitoring systems that detect and respond to potential security incidents
• Staff training on data protection and security best practices

Despite our best efforts, no system is completely impenetrable. If we experience a data breach that poses a risk to your rights, we'll notify you and the ICO within 72 hours as required by law.

6. Data Retention and Deletion

We don't keep your information indefinitely. Our retention periods depend on why we collected the data and any legal requirements we need to meet.

Active Account Data

While you maintain an active account with us, we keep your profile information and course history to provide our services effectively. This includes enrollment records, progress tracking, and communication preferences.

After Account Closure

When you close your account, we'll delete most personal information within 90 days. Some data might be retained longer for legitimate purposes:

• Financial records for seven years to meet tax and accounting regulations
• Communications related to disputes or legal matters until resolved
• Anonymized analytics data that can't identify you personally
• Information we're legally required to keep for regulatory compliance

Backup Systems

Data in backup systems might persist for up to 90 days after deletion from active systems. These backups exist for disaster recovery and are securely stored with restricted access.

7. International Data Transfers

Our primary operations are based in the United Kingdom, and we store most data within the UK. However, some service providers we work with operate servers in other countries.

When we transfer data outside the UK, we ensure adequate protection through:

• Using providers in countries with adequacy decisions from the UK government
• Implementing standard contractual clauses approved by UK authorities
• Requiring third parties to maintain equivalent data protection standards
• Conducting due diligence on international partners' security practices

You can request specific information about where your data is stored and the safeguards in place by contacting us.

8. Children's Privacy

Our services are designed for adult learners and professionals. We don't knowingly collect information from anyone under 16 years old without parental consent.

If you're a parent who discovers that your child has provided us with personal information without your consent, please contact us immediately. We'll delete that information from our systems promptly.

For users aged 16-18, we recommend discussing your online learning activities with a parent or guardian, though this isn't legally required in the UK.

9. Marketing Communications

We'll only send you marketing emails if you've opted in to receive them. These might include:

• Information about new courses or learning resources
• Educational content and industry insights
• Special offers or program updates
• Invitations to workshops or events

You can unsubscribe from marketing emails at any time using the link at the bottom of each message. Note that we'll still send essential account-related communications regardless of your marketing preferences.

10. Changes to This Policy

We review and update this privacy policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you through email or a prominent notice on our website.

The effective date at the top of this document shows when the current version was published. We recommend checking back occasionally to stay informed about how we protect your information.

Continued use of our services after changes become effective means you accept the updated policy. If you disagree with changes, you can close your account and stop using our services.

11. Third-Party Websites

Our platform might link to external websites or services that we don't control. This privacy policy only applies to Flareon API – we're not responsible for how other organizations handle your data.

When you click through to another website, take a moment to review their privacy practices. Some third-party services have their own data collection methods that differ from ours.