PRIVACY POLICY

EFFECTIVE DATE: 23 September 2024

This PRIVACY POLICY (“Policy“) describes how BRILLIANCE ACADEMY LTD., (“we,” “us,” or “our“), an event management and workshop conducting company in the United Kingdom, collects, uses, discloses, and protects Personal Information obtained from individuals (“you” or “your“) when you interact with our services, including our Website, and other related services (collectively, the “Services“). We are committed to protecting your privacy and complying with applicable data protection laws including GDPR.

  • DEFINITIONS

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural:

  1. Account” means a unique account created for you to access our Service or parts of our Service;

  2. Data Subject” means the individual accessing or using the Services, or the company, or other legal entity on behalf of which such individual is accessing or using the Services, as applicable; and

  3. Personal Information” means any information that relates to an identified or identifiable individual; and

  4. Website” means https://tonyrobbinsuk.com/.

  • NAME AND ADDRESS OF THE CONTROLLER

Controller for the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union, and other provisions related to data protection is:

Name: Amandeep Thind

Address: Slough, United Kingdom

Email: support@tonyrobbinsuk.com

  • NAME & CONTACT DETAILS OF REPRESENTATIVE

In accordance with data protection regulations, we provide the following information regarding our representatives:

EU Representative:

Address: Slough, United Kingdom

Email: support@tonyrobbinsuk.com

UK Representative:

Address: Slough, United Kingdom

Email: support@tonyrobbinsuk.com

For any inquiries or communication related to data protection matters, you may contact the appropriate representative based on your location. We are dedicated to facilitating communication and ensuring compliance with data protection requirements.  

  • CONTACT DETAILS OF DATA PROTECTION OFFICER

You can contact our Data Protection Officer (DPO), acting in the capacity of the DPO, at the following details:

Name: Amandeep Thind

Address: Slough, United Kingdom

Email: support@tonyrobbinsuk.com

Phone: +44 7788200519

If you have any questions, concerns, or requests related to the processing of your Personal Information or data protection matters, feel free to reach out to our DPO. We are committed to addressing your inquiries promptly and ensuring the protection of your privacy rights.

  • SUPERVISORY AUTHORITY

You have the right to lodge a complaint with a supervisory authority if they believe that the processing of their Personal Information violates data protection regulations.

If you wish to exercise this right, you can find contact information for supervisory authorities worldwide through the following links:

UK: https://ico.org.uk/   

EU: https://edpb.europa.eu/about-edpb/about-edpb/members_en  

  • INFORMATION WE COLLECT

We collect and process various types of Personal Information necessary to provide our Services and meet our contractual obligations. The types of Personal Information we collect may include:

  1. Contact Information. This includes your name, email address, postal address, telephone number, and other similar contact details.

  2. Registration Information. When you register for our events or workshops, we may collect information such as your job title, company name, and professional interests.

  3. Event Feedback. We may collect feedback, reviews, or surveys related to our events or workshops.

  4. Transaction Information. We collect information related to your purchases, including details about the services you have purchased.

  5. Offline Interactions. If you purchase services from us offline, such as through in-person meetings, events, or over the phone, we may collect Personal Information directly from you or through authorized representatives, and we will inform you of the data collection at the time of the interaction.

  6. Usage Data. We may collect information about your interactions with our Services, such as your IP address, device information, browser type, access times, and referring websites.

  7. Cookies and Similar Technologies. We may use cookies and similar technologies to collect information about your usage of our Services. You can manage your cookie preferences by adjusting the settings in your browser or device.

  8. Account Registration Information. When you create an Account on our Website, we may collect Personal Information such as your name, email address, password, and any other information you provide to us during the registration process.

  9. Profile Information. You may have the option to provide additional profile information, such as your profile picture, contact details, and other relevant information. This information is optional and can be updated or deleted by you at any time.

  • HOW WE USE YOUR INFORMATION

We process your Personal Information for the following purposes:

  1. Account Management: We use the information you provide during Account registration to create and manage your Account, authenticate your identity, and provide access to our services. When you create an Account on our Website using a social media platform, we may collect Personal Information provided by the social media platform, which may include your name, email address, profile picture, and any other information you have made publicly available on the social media platform.

  2. Service Delivery: We use your Personal Information to deliver our services, including personalized features, notifications, updates, and customer support.

  3. Communication: We may use your information to communicate with you, respond to your inquiries, provide information about our services, and send administrative messages related to your Account.

  4. Provision of Services: We use your information to deliver our Services, manage event registrations, communicate with you, and provide customer support.

  5. Event and Workshop Planning: We may use your information to plan and organize events, workshops, and related activities, including sending event-related updates, materials, and logistics.

  6. Marketing and Communication: With your consent, we may send you promotional emails or other marketing communications about our upcoming events, workshops, and related services. You can opt out of receiving such communications at any time.

  7. Legal Obligations: We may process your Personal Information to comply with applicable laws, regulations, or legal obligations, such as tax or accounting requirements.

  8. Improve our Services: We analyse usage data and feedback to improve our Services, develop new features, and enhance the user experience.

  • DATA SHARING AND DISCLOSURE

We may share your Personal Information with third parties in the following circumstances:

  1. Social Media Platforms. When you create an Account using a social media platform, we may share your Personal Information with the respective social media platform by their terms and privacy policies. This may include sharing information about your interactions with our Website and Services.

  2. Service Providers: We engage trusted service providers who assist us in delivering our Services, such as payment processors, IT support, or marketing platforms. These service providers are contractually bound to handle your information by applicable data protection laws.

  3. Event Sponsors or Partners: If you register for an event or workshop that is co-hosted or sponsored by a third party, we may share your information with the relevant sponsors or partners. We will always notify you of such sharing and provide an opportunity to opt out if required.

  4. Data Sharing with Greator: As part of our service delivery, we may share your Personal Information with Greator, a company affiliated with the management and sale of tickets for the event. This sharing is necessary to facilitate the processing of your ticket purchase and ensure the proper management of the event.

  5. Legal Requirements: We may disclose your Personal Information to comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

  6. Sale of Data: We firmly asserts that we do not engage in the sale of Personal Information. This commitment means that we do not exchange, rent, release, disclose, disseminate, make available, transfer, or otherwise communicate Personal Information to another business or third party in return for monetary payment or any other form of valuable consideration. Our practices strictly adhere to this Policy, ensuring the privacy and security of your Personal Information.

  • DATA TRANSFERS

As part of our operations, we may transfer and store your Personal Information in countries outside of the United Kingdom. We will ensure that any such transfers comply with applicable data protection laws and that appropriate safeguards, are in place to protect your Personal Information.

  • DATA RETENTION

We retain your Personal Information for up to 1 years or as long as necessary to fulfill the purposes for which it was collected, as outlined in this Policy unless a longer retention period is required or permitted by law.

  1. Upon the expiration of the applicable retention periods, Personal Information is securely disposed of to prevent unauthorized access or disclosure.

  2. The criteria used to determine the period of storage of Personal Information is the respective statutory retention period. After the expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfilment of the contract or the initiation of a contract. If the Data Subject requests for termination or terminates their Account with us, the Personal Information shall be retained for a period of 12 months from the date of termination or as statutorily obligated.

It is important to note that the obligation to provide Personal Information is communicated transparently to individuals before or at the time of data collection. If there are uncertainties about the specific obligations related to the provision of Personal Information, individuals are encouraged to contact us for clarification.

  • YOUR RIGHTS UNDER GDPR

Under the GDPR, you have certain rights regarding your Personal Information. Subject to legal limitations, these rights include:

  1. Right of confirmation. Under European legislation, every Data Subject has the right to obtain from the controller confirmation as to whether or not their Personal Information is being processed. If a Data Subject wishes to exercise this right of confirmation, they can contact us or another employee of the controller at any time.

  2. Right of access. Data Subjects, in accordance with European legislation, have the right to obtain from the controller free information about their Personal Information stored at any time and a copy of this information. This right includes access to the following details:

    1. Purposes of the processing;

    2. Categories of Personal Information involved;

    3. Recipients or categories of recipients, including those in third countries or international organizations;

    4. Envisaged storage period or, if not possible, the criteria used to determine that period;

    5. Right to request rectification, erasure, or restriction of processing, and the right to object;

    6. Right to file a complaint with a supervisory authority;

    7. Source of Personal Information if not collected from the Data Subject;

    8. The existence of automated decision-making, including profiling, with meaningful information about the logic involved and the envisaged consequences for the Data Subject.

Additionally, the Data Subject has the right to know whether Personal Information are transferred to a third country or an international organization, along with information about the appropriate safeguards for the transfer. To exercise this right of access, the Data Subject can contact us at any time.

  1. Right to rectification. Under European legislation, Data Subjects have the right to obtain from the controller the rectification of inaccurate Personal Information concerning them without undue delay. Considering the purposes of the processing, the Data Subject also has the right to have incomplete Personal Information completed, which may include providing a supplementary statement. If a Data Subject wishes to exercise the right to rectification, they can contact us or another employee of the controller at any time.

  2. Right to erasure (Right to be forgotten). Data subjects, in accordance with European legislation, have the right to obtain from the controller the erasure of their Personal Information without undue delay. The controller is obligated to erase Personal Information without undue delay when one of the following grounds applies, provided the processing is not necessary:

    1. Personal Information are no longer necessary for the purposes for which they were collected or otherwise processed;

    2. The Data Subject withdraws consent, and there is no other legal ground for processing;

    3. The Data Subject objects to processing, and there are no overriding legitimate grounds, or the Data Subject objects to processing under specific circumstances;

    4. The Personal Information has been unlawfully processed;

    5. Erasure is required for compliance with a legal obligation;

    6. The Personal Information was collected in relation to information society services.

If any of the above reasons apply, and a Data Subject wishes to request the erasure of Personal Information stored by us, they can contact us or another employee of the controller at any time. The Company or another employee will promptly ensure compliance with the erasure request. If the controller has made Personal Information public and is obliged to erase them, reasonable steps, including technical measures, will be taken to inform other controllers processing the Personal Information about the erasure request. The Company or another employee will coordinate the necessary measures in individual cases.

  1. Right of restriction of processing. Data Subjects, under European legislation, have the right to obtain from the controller a restriction of processing in the following circumstances:

    1. The accuracy of Personal Information is contested by the Data Subject, allowing the controller time to verify its accuracy;

    2. The processing is unlawful, and the Data Subject opposes the erasure of the Personal Information, requesting instead the restriction of their use;

    3. The controller no longer needs the Personal Information for processing, but the Data Subject requires them for the establishment, exercise, or defense of legal claims;

    4. The Data Subject has objected to processing under Article 21(1) of the GDPR pending verification of whether the legitimate grounds of the controller override those of the Data Subject.

If any of the above conditions are met, and a Data Subject wishes to request the restriction of processing of their Personal Information stored by Privacy Pro VPN, they can contact us or another employee of the controller at any time. The Company or another employee will facilitate the restriction of processing.

  1. Right to data portability. Data Subjects, as granted by European legislation, have the right to receive their Personal Information in a structured, commonly used, and machine-readable format. This data can be transmitted to another controller without hindrance, provided the processing is based on consent, a contract, or automated means, and is not necessary for the performance of a task in the public interest or the exercise of official authority. When exercising the right to data portability, the Data Subject has the additional right to have Personal Information transmitted directly from one controller to another, where technically feasible and without adversely affecting the rights and freedoms of others. To assert the right to data portability, the Data Subject may contact the Company or another employee at any time.

  2. Right to object. Data subjects, under European legislation, have the right to object, based on their particular situation, at any time to the processing of Personal Information concerning them, if such processing is based on Article 6(1)(e) or (f) of the GDPR, including profiling. If an objection is raised, the Company will cease processing the Personal Information unless compelling legitimate grounds override the Data Subject’s interests, rights, and freedoms or for the establishment, exercise, or defence of legal claims. For Personal Information processed for direct marketing purposes, the Data Subject can object at any time, leading to the cessation of processing for such purposes, including related profiling. Additionally, the Data Subject has the right to object to the processing of Personal Information for scientific, historical, or statistical purposes unless such processing is necessary for reasons of public interest. To exercise the right to object, the Data Subject can directly contact the Company or another employee. Furthermore, within the context of information society services, the Data Subject is free to use automated means, notwithstanding Directive 2002/58/EC, to exercise their right to object through technical specifications.

  3. Automated individual decision-making, including profiling. Data Subjects possess the right, as conferred by European legislation, not to be subjected to decisions based solely on automated processing, including profiling, if such decisions result in legal or similarly significant effects on them. This right is upheld unless the decision is necessary for a contract between the Data Subject and the data controller, authorized by applicable law with measures safeguarding the Data Subject’s rights, or based on explicit consent. Suppose the decision falls within the exceptions mentioned above, such as contractual necessity or explicit consent. In that case, the Company will implement measures to protect the Data Subject’s rights, including the right to human intervention, the expression of their viewpoint, and the ability to contest the decision. To exercise rights regarding automated decision-making, the Data Subject can directly contact the Company or another employee of the data controller.

  4. Right to withdraw data protection consent. Data Subjects have the right, as granted by European legislation, to withdraw their consent for the processing of Personal Information at any time. To exercise this right, the Data Subject can directly contact the Company or another employee of the data controller. 

  • HOW TO EXERCISE DATA SUBJECT RIGHTS

To protect the security and privacy of Personal Information, we follow a detailed process to verify the identity of any Data Subject making a request to exercise their rights under applicable data protection laws. The verification process is as follows:

  1. Initial Request. When a Data Subject submits a request, they must provide:

    1. Full name

    2. Contact information (e.g., email address or phone number)

    3. Details of the request (e.g., access, deletion, correction)

    4. Identity Verification

  2. For Online Accounts. If the Data Subject has an online Account with us, they must log in to their Account to verify their identity before submitting the request.

  3. For Non-Account Holders. If the Data Subject does not have an online Account, they must provide two or more pieces of Personal Information that we have on file (e.g., billing address, last transaction amount, last order number).

  4. Additional Verification Steps. We may request additional information or documentation, such as a government-issued ID, to confirm the identity of the Data Subject if the initial verification is insufficient. For requests made by authorized agents, the Company will require proof of the agent’s authorization (e.g., a signed authorization letter) and may contact the Data Subject directly to confirm the request.

  5. Confirmation. Once the Data Subject’s identity has been verified, we will process the request. The Company will inform the Data Subject of the outcome of their request within the legally required time frame.

  6. Denial of Requests. If we cannot verify the identity of the requestor, we will deny the request and inform the Data Subject of the reason for the denial. The Data Subject will be given the opportunity to provide additional information to verify their identity.

  • SECURITY MEASURES

We employ suitable technical and organizational safeguards to safeguard your Personal Information against unauthorized access, use, disclosure, alteration, or destruction, including: 

  1. Encryption. Protects your data during transmission and storage.

  2. Secure Servers. Data is stored on secure servers with restricted access.

  3. Regular Security Assessments. Conduct regular security audits to ensure the highest level of data protection.

Nevertheless, it is important to acknowledge that no transmission or storage method can provide an absolute guarantee of security, but we have your best interest in mind and have employed the best security practices available to us.

  • THIRD-PARTY LINKS AND SERVICES 

Our Website may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties, and we encourage you to review their privacy policies.

  • CHILDREN’S PRIVACY

Our Website is not intended for persons under 18 years of age. No one under the age 18 may provide any information to the Website. We do not knowingly collect Personal Information from anyone under 18. If you are under 18, do not use or provide any information on this Website or through any of its features make any purchases through the Website, use any of the interactive features of this Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received Personal Information from a child under 18 years of age without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us. We do not sell any Personal Information, including the Personal Information of individuals under the age of 18.

  • UPDATES TO THIS POLICY

We may update this Policy from time to time to reflect changes in our practices or legal obligations. We will notify you of any material changes by posting the updated Policy on our Website or through other appropriate communication channels. Please review this Policy periodically to stay informed about our privacy practices.

  • CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us using the following details:

Brilliance Academy Ltd.

11, Ward Gardens, Slough, UK

Phone number: 44 7788200519

Email: support@tonyrobbinsuk.com 

We are committed to resolving privacy concerns promptly and fairly.

By using our App, you agree to the terms of this Privacy Policy. Thank you for trusting us with your privacy.