This Privacy Policy (“Policy”) provides details on how we, BFP Global Limited, our affiliates and subsidiaries (collectively, “Company”, “we”, “us”, or “our”) collect, process and use data from: (i) visitors to our site available at: https://www.galwayacademy.com (“Site” or “Website” and “Visitors“); or (ii) our customers (“Customers” or “Students”) which will be provided with our Services and access to our Platform (both the Visitor and the Customer may be referred herein as “you” or “user”). Capitalized terms not defined in this Privacy Policy shall have the meaning set forth in our Terms and Conditions.
This Policy explains what data we may collect from our users, how such data may be used or shared with others, how we safeguard it and how you may exercise your rights related to your Personal Data, among others, and where applicable, as required according to the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
If you have any questions or requests regarding the processing of your Personal Data, or would otherwise like to contact us in connection with this Policy, please send us an email to: Support@GalwayAcademy.com
POLICY CHANGES AND UPDATES
We may update or revise this Policy from time to time. Modifications to this Policy will be posted on the website. We encourage you to periodically review this Policy to stay informed about our practices related to the collection and processing of Personal Data. The applicable paragraphs of this Policy required under the CCPA will be updated every 12 months.
WHAT DATA IS COLLECTED BY US & FOR WHAT PURPOSES?
Depending on your interaction with us (meaning, if you are just browsing our Site, or if you are a Customer), we may collect two types of data you, as follows:
“Personal Data”, means information which identifies or may with reasonable effort identify an individual, including online identifiers, as detailed below.
“Non-Personal Data”, means non-identifiable aggregated data, such as technical data transmitted by the user’s device and aggregated use of the Site. This data is not used to identify individuals.
We collect Non-Personal Data regarding use of the Site and the Services, such as technical and aggregated data about you, including: type of browsers; type of operation system; type of device; time and date you access the Site and use the Services; users’ navigation and actions in the Site; language preference; country level location. Non-Personal Data is used mainly for click stream analysis in order to provide, maintain, develop and enhance our Site and Services, including among others, in order to measure and understand the level of engagement with the Services, for general business analytics for ensuring the technical functioning of our network, to help prevent fraudulent use of the Services, etc. In case we will combine these types of data, we will treat the combined data as Personal Data.
Please see the list which details the types of data collected while you browse our website or use the Services offered therein, as well as the purpose of collection and how we use it:
Account Data
If you wish to be provided with our Services you will be required to register and open an account (“Account“) and to provide us or a representative acting on our behalf with information such as: full name, email address, date of birth, birth country, marital status, phone number occupation and etc.
Further, during the application process (as detailed below) you will be supplied with username and password for your Account, at which time you thereby represent and warrant that you are responsible for maintaining the confidentiality of your details and password. You represent and warrant that you will not provide us with inaccurate, misleading or false information.
Purpose of Collection:
We collect and process the application details in order to provide our Services.
Lawfulness:
The registration is based on performance of a contract. Nonetheless, emails relating to the services or similar services may be sent to our Customers (“Direct Marketing”) based on our legitimate interest. You may opt-out at any time by using the “unsubscribe” link within the email or contacting us.
Recorded Telephone Calls
If you contact us or a representative acting on our behalf, including through our customer service representative, your calls may be recorded and or documented in writing.
Purpose of Collection:
We record and process the phone calls in order to monitor the quality of the service provided to you, to provide our Services or to prevent fraud.
Lawfulness:
Consent
Contact Details
If you voluntarily choose to contact us for any reason, including support or any questions you may have, through any means of communication available (i.e., email, mail, etc.) we will collect and process the information you provide which may include your name and email address.
Purpose of Collection:
We will process your contact details as well as your contact history for the purpose of responding to your inquiries and provide you the service or support you have requested.
Lawfulness:
Legitimate Interest. In addition, we may store this information if we believe it is necessary under our legitimate interests, for example, in order to defend legal claims.
Newsletter and Marketing Materials
In the event you sign up to receive our newsletter or other marketing materials, you will be requested to provide your email address and additional information such as, name, company and job title. We will use Upland’s services for our email marketing. You may read Upland’s privacy policy at: https://uplandsoftware.com/privacy/
Purpose of Collection:
We will use this data solely to send the marketing materials.
In order to Opt-out – you may easily unsubscribe by contacting us at
Support@GalwayAcademy.com or by other means we will make available (e.g. “unsubscribe” link within the applicable email).
Lawfulness:
If you registered for our newsletter, you have provided your consent. Otherwise, as our partner or Customer, we have legitimate interest to send you such updates and content.
Technical Data & Internet Protocol Address (IP)
When you access our website and use the Services, we (directly or by our third part service providers) will collect your IP address.
Purpose of Collection:
We will process this data for the purpose of operating, providing, maintaining, protecting, managing, customizing and improving our website and the services offer through the website, as well as for auditing and tracking usage statistics and traffic flow. This data may also be collected for remarketing purpose, as detailed under the “Cookies” section below, and subject to your consent, where required under applicable law.
Lawfulness:
We process this information based on your consent provided through our cookie notice.
Payment Details
When you make a payment for our Services or products offered by us using a credit card, you will be asked to submit data such as the credit card number and details. The payment is processed by our third party partners; we do not store or process any of your payment information.
Purpose of Collection:
We use third party payment processors. Consequently, all transactions are governed by the privacy policy and terms of the payment processor which we recommend that you review.
Lawfulness:
Performance of a contract
HOW PERSONAL DATA IS COLLECTED
The data detailed above can be collected when you communicate with our company and/or a representative acting on behalf of our Company, using methods that may include entering your details on a form on our website and/or in an application that we operate, phone call, voicemail, email, online chat, social network communication, postal delivery, or using any other method, the information that you provide us (including comments, requests, complaints, and ideas) will be saved in our system. Thus, if you contact our company and/or a representative acting on behalf of our company, including a customer service representative, by phone, your phone call may be recorded and or the phone conversation documented in writing, among other things, in order to monitor the quality of the service provided to you and/or to prevent fraud.
In addition certain data will be collected by us automatically, through the use if of certain tracking technologies, for example, through the use of cookies and pixels.
COOKIES & TRACKING TECHNOLOGIES
We use “cookies” (or similar tracking technologies) when you access the Site or interact with the Services we offer. This use is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies can be used for various purposes, including allowing you to navigate between pages efficiently, as well as for statistical purposes. You can find more information about cookies at: www.allaboutcookies.org and https://cookiepedia.co.uk/
Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. By following the instructions of your device preferences, and by adjusting the privacy and security settings of your web browser, you may remove cookies, however, if you block or erase cookies some features of the Services may not operate properly and your online experience may be limited.
There are several types of cookies; the three main and common ones are:
- Essential, Functionality, Operation & Security Cookies – essential for enabling user movement around the Site, for the Site to function properly, and for security purposes. Please note that these cookies either cannot be disabled, or if disabled, certain features of the Services may not work.
- Analytic, Measurement & Performance Cookies – used to collect information about how users use the Site (clickstream, navigation, time and date of access, etc.) in order to improve our Services and the way we offer them, as well as assessing performance of the content available in the Site.
- Preference, Targeting & Advertising Cookies – used to advertise across the internet and to display relevant ads tailored to users based on the parts of the Site they have (e.g., the cookie will indicate you have visited a certain webpage and will show you ads relating to that webpage).
The specific cookies (ours and third party’s) we currently use (may differ in each website), purpose of use, their privacy policy and opt-out controls are set forth in the list below:
Essential, Functionality Operation & Security Cookies
Source:
Google Tag Manager
Purpose:
This cookie is strictly necessary and is used to load scripts into our website pages.
Privacy Policy & Opt-Out:
https://policies.google.com/privacy
https://policies.google.com/technologies/managing?hl=en
Analytic, Measurement & Performance Cookies
Sources:
Google.com and Google Analytics
Purpose:
This cookie is placed in order to track and analyze the use of our Services, for internal purposes, and may include the collection of your IP.
Privacy Policy & Opt-Out:
https://google.com/policies/privacy/partners
https://tools.google.com/dlpage/gaoptout
Preference, Targeting & Advertising Cookies
Sources:
Facebook Remarketing
Google AdWords Remarketing
Yahoo
Outbrain
Taboola
Purpose:
This cookies is placed for targeted marketing and advertising purposes.
Privacy Policy & Opt-Out:
https://www.facebook.com/policies/cookies/
https://policies.google.com/privacy
https://policies.google.com/technologies/managing?hl=en
https://policies.yahoo.com/xa/en/yahoo/privacy/index.htm
https://policies.yahoo.com/xa/en/yahoo/privacy/topics/cookies/index.htm
https://www.outbrain.com/legal/
https://www.taboola.com/privacy-policy#users
https://www.taboola.com/cookie-policy
Please note that you may be able to adjust the security and privacy settings on your Internet browser so that you may control the response of your browser to cookies. To learn more, you might review your browser’s support or help page.
SHARING DATA WITH THIRD PARTIES
We will not share your Personal Data with third parties, other than as specifically mentioned herein:
- Subject to your consent – We may share your Personal Data upon your explicit consent. Once we share your Personal Data under these circumstances, that data becomes subject to the other third party’s privacy practices.
- Policy enforcement and third party rights – We may share your Personal Data in the event required to enforce our policies and agreements or to establish and exercise our rights to defend against legal claims, including investigations of potential violations and in order to detect or prevent illegal activities or other wrongdoing, security or technical issues. In addition, we may share your Personal Data to prevent harm to the rights or safety of our users or any applicable third party.
- Law enforcement – We may share your Personal Data, solely to the extent needed to comply with any applicable law, regulation, legal process or governmental request.
- Affiliate company and corporate transaction– In the event required, we may share your Personal Data with our parent company, any subsidiaries, joint ventures, or other companies under common control (“Affiliated Companies”) or in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale). Our Affiliated Companies or acquiring company will assume the rights and obligations as described in this Policy;
- Service Providers – We may disclose Personal Data to our service providers to perform requested services on our behalf. Certain of our Service Providers shall include educational content providers, consultants, etc. These entities are prohibited from using your Personal Data for any purposes other than providing us with requested services.
Note that, regarding aggregate or Non-Personal Data, we may share it with our business partners and other third parties in any of the circumstances detailed above, as well as for any business operation and commercial use.
DATA RETENTION
The Personal Data we collect and process will be stored by us solely for the minimum period of time necessary to fulfil the purpose for which it is collected and provide the Service, meet our business goals, to comply with our legal obligations, resolve disputes, enforce agreements between us and other parties, in accordance with applicable laws, or until an individual request for deletion is met and complied with the terms as set forth in this Policy.
YOUR RIGHTS REGARDING YOUR PERSONAL DATA
According to data protection and privacy laws may grant you with certain rights with regards to your Personal Data, all according to your jurisdiction. The rights may include one or all of the following: (i) request to amend your Personal Data we store accessing; (ii) review and access your Personal Data that we hold; (iii) request to delete your Personal Data that we hold (as long as we do not have a legitimate reason for retaining the data); (iv) restrict or object to the process your Personal Data; (v) exercise your right of data portability (vi) contact to a supervisory authority in your jurisdiction and file a complaint; and (vii) withdraw consent (to the extent applicable). If you wish to submit a request to exercise your rights, please contact us at: Support@GalwayAcademy.com
When you contact us and request to exercise your rights regarding your Personal Data, we will require certain information from you in order to verify your identity and locate your data and that the process of locating and deleting the data may take reasonable time and effort, as required or permitted under applicable law. Data privacy and related laws in your jurisdiction may provide you with different or additional rights related to the data we collect from you, which may also apply.
HOW WE PROTECT INFORMATION
We have appropriate technical and organizational measures in place to provide a high level of security to protect the personal information our company collect and process against unauthorized access or use, alteration, unlawful or accidental destruction and accidental loss. Personal Information we collect is stored behind “firewalls” so as to prevent loss, changing or misuse of information under our control. We use commercially reasonable technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of any service or customer data. We have implemented appropriate administrative, technical, and physical security procedures to help protect the personal information you provide to us. Although we make reasonable efforts to protect your personal information from loss, misuse, or alteration by third parties, you should be aware that there is always some risk involved in transmitting information over the Internet. Consequently, we cannot guarantee that the information that you provide on our websites and/or applications that we operate will be completely secure. If you feel that your privacy was treated, or if suffered from individual attempt to abuse our Website or service or acted in an inappropriate manner, please contact us directly at: Support@GalwayAcademy.com
CHILDREN PRIVACY AND DATA
The Services are not intended for individuals under the age of sixteen (16). Accordingly, we do not use the website to knowingly solicit data from or market to children under the age of sixteen (16). We request that such individuals do not provide Personal Data. If you become aware or have any reason to believe that a child has shared any Personal Data with us, please contact us at: Support@GalwayAcademy.com
DATA TRANSFER
Our databases are currently located in the AWS data server. We may store or process your information in the United States or in other countries. If you are a resident of the European Economic Area (“EEA“) we will take appropriate measures to ensure that your information receives an adequate level of data protection upon its transfer outside of the EEA. If you are a resident of a jurisdiction where transfer of your data requires your consent, then your consent to this Policy includes your express consent for such transfer of your Personal Data.
HOW TO REACH US
Please feel free to contact our Data Protection Officer at: Support@GalwayAcademy.com