GDPR Compliance

Our Commitment to GDPR

crisp-learning is committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR). This page explains your rights under GDPR and how we fulfill our obligations.

Legal Basis for Processing

We process your personal data under the following legal bases:

• Contractual necessity: To provide the courses and services you've purchased
• Consent: For marketing communications and optional features
• Legitimate interests: To improve our services and prevent fraud
• Legal obligation: To comply with tax and financial regulations

Your GDPR Rights

Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide this information in a commonly used electronic format within one month of your request.

Right to Rectification

If you believe any information we hold about you is inaccurate or incomplete, you have the right to request correction.

Right to Erasure

You may request deletion of your personal data when it is no longer necessary for the purposes it was collected, or when you withdraw consent. Note that some data may be retained to comply with legal obligations.

Right to Restrict Processing

You can request that we limit how we use your personal data in certain circumstances, such as while we verify the accuracy of contested data.

Right to Data Portability

You have the right to receive your personal data in a structured, machine-readable format and to transmit it to another service provider.

Right to Object

You may object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing before consent was withdrawn.

Right to Lodge a Complaint

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your data properly.

How to Exercise Your Rights

To exercise any of your GDPR rights, contact us at:

Email: [email protected]
Address: 42 Wellington Street, Manchester M3 4LW, United Kingdom

We will respond to your request within one month. In complex cases, we may extend this period by two additional months and will notify you of the extension.

Data Protection Officer

For questions specifically about data protection and GDPR compliance, you may contact our data protection officer at [email protected].

Data Security Measures

We implement appropriate technical and organizational measures to ensure data security, including:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication procedures
• Staff training on data protection principles
• Incident response procedures

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

Third-Party Processors

We work with carefully selected third-party service providers who process data on our behalf. All such processors are bound by data processing agreements that ensure GDPR compliance.

International Transfers

When we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

Children's Data

We do not knowingly process personal data of children under 16 years of age without parental consent. If you believe we have collected such data, please contact us immediately.

Updates to This Information

We may update this GDPR compliance information as regulations evolve or our practices change. Material changes will be communicated through our website.

Supervisory Authority

The supervisory authority for data protection in the United Kingdom is:

Information Commissioner's Office (ICO)
Website: crisp-learning.com
Helpline: 0303 123 1113