GDPR Compliance

Last updated: 2 June 2026

Our Commitment to Data Protection

lively-courses is committed to complying with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. This page explains how we meet our obligations and protect your rights.

Data Controller Information

Data Controller: lively-courses

Address: 42 Woodland View, Hebden Bridge, West Yorkshire, HX7 8DG, United Kingdom

Contact: [email protected]

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

1. Right to be Informed

You have the right to know how we collect, use, and share your personal data. Our Privacy Policy provides this information in detail.

2. Right of Access

You can request a copy of the personal data we hold about you. We will provide this within one month of your request, free of charge.

3. Right to Rectification

If your personal data is inaccurate or incomplete, you can request that we correct or complete it.

4. Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data in certain circumstances, such as when:

  • The data is no longer necessary for the purpose it was collected
  • You withdraw consent and there's no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed

Note: We may retain certain data if required by law or for legitimate business purposes.

5. Right to Restrict Processing

You can request that we limit how we use your data in certain situations, such as when you contest the accuracy of the data or object to processing.

6. Right to Data Portability

You can request your personal data in a structured, commonly used, machine-readable format and have it transferred to another organization.

7. Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we have compelling legitimate grounds.

8. Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you. We do not engage in automated decision-making or profiling.

How to Exercise Your Rights

To exercise any of your GDPR rights, contact us at:

Email: [email protected]

Please include the following in your request:

  • Your full name and email address
  • Which right you wish to exercise
  • Specific details about your request
  • Proof of identity (if we have reasonable doubts about your identity)

We will respond to your request within one month. If the request is complex or we receive multiple requests, we may extend this by up to two months and will inform you accordingly.

Data Processing Activities

We process personal data for the following purposes:

Purpose: Course enrollment and delivery
Legal Basis: Contract performance
Data Collected: Name, email, organization, professional background
Purpose: Payment processing
Legal Basis: Contract performance
Data Collected: Billing information, payment details
Purpose: Course communication and support
Legal Basis: Contract performance and legitimate interests
Data Collected: Name, email, course progress
Purpose: Marketing communications
Legal Basis: Consent
Data Collected: Name, email, course interests
Purpose: Website analytics
Legal Basis: Legitimate interests
Data Collected: IP address, browsing behavior, device information

Data Security Measures

We implement appropriate technical and organizational measures to ensure data security, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Staff training on data protection practices
  • Incident response procedures
  • Regular backups with secure storage

Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware
  • Inform affected individuals without undue delay if the breach poses a high risk
  • Provide details about the nature of the breach and steps being taken

Third-Party Data Processors

We work with trusted third-party processors who assist in delivering our services. All processors:

  • Are bound by data processing agreements compliant with GDPR Article 28
  • Process data only on our documented instructions
  • Implement appropriate security measures
  • Delete or return data upon termination of services

International Data Transfers

When we transfer data outside the UK or EEA, we ensure adequate protection through:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions recognizing equivalent data protection standards
  • Other appropriate safeguards as required by GDPR

Supervisory Authority

If you have concerns about how we handle your personal data, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113

However, we encourage you to contact us first so we can address your concerns directly.

Record of Processing Activities

In accordance with GDPR Article 30, we maintain detailed records of our data processing activities. These records are available to supervisory authorities upon request.

Contact for GDPR Matters

For any questions or requests related to GDPR compliance:

Email: [email protected]
Address: 42 Woodland View, Hebden Bridge, West Yorkshire, HX7 8DG, United Kingdom