Last updated: 2025-12-01
(The privacy policy is hereinafter referred to as “the Policy”) of Harvey James Walton (hereinafter referred to as the “Service Provider”)
This Policy describes the Service Provider’s policies and procedures for collecting, processing, transferring, and storing information when you use the Services and the Software. It also tells you about privacy rights and how the law protects your Personal Data.
The Website uses your Personal Data to provide and improve the Service Provider’s Website and buy the Services. By using the Website, you agree to collect and use information following this Policy.
The Policy is in compliance with Articles 12, 13 and 14 of the GDPR and with the CCPA terms and conditions.
The words in which the initial letter is capitalised have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or plural.
For the purposes of this Policy:
“Device” shall mean any device that can access the Website, such as a computer, a telephone, or a digital tablet.
“DPA” shall mean Data Processing Agreement for the purposes of the Users’ data processing.
“The Service Provider”, “we”, “our”, and “us” shall mean the Service Provider that is an owner of this Website. The Service Provider details are the following: Harvey James Walton; 53 Osler Road, Oxford, OX3 9BH.
“GDPR” shall mean general data protection rules relating to the protection of natural persons about the processing of personal data and rules relating to the free movement of Personal Data.
“Personal Data” shall mean any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, location data, an online identifier, etc.
“Processing” shall mean any operation or set of operations that are performed on Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
“Services” shall mean any Services provided by the service provider that are educational related.
“Usage Data” shall mean the data collected automatically and generated when the User(s) are using the Website infrastructure (for example, the duration of a visit, website usage, and the number of users).
“User”, “you”, and “your” shall mean any individual or legal entity who is using the Website.
“Website” shall mean this domain, its subdomains, and/or any affiliates, distributors, service providers, or third-party services and/or integrated domains and subdomains, and mobile applications.
While using the Website, you may provide certain personally identifiable information that can be used to contact or identify you. Personal Data that we collect may include, but is not limited to:
Full legal name;
Email;
Contact phone number;
Country of residence;
Mailing address and legal address;
Shipping address; and
Billing address.
Additionally, we may collect and store audio or video recordings of our calls, which may include your voice, name, and any information you choose to share during the conversation.
The Service Provider has the right, at any time, at its sole discretion, to request you to confirm your personal information or any other information related to providing Services.
Usage Data is collected automatically when using and visiting the Website and buying the Services.
Usage Data may include information, type of the Device, your visit pages, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you visit the Website, the Service Provider has the right to collect, process and transfer the following data:
The type of Device that is used to visit the Website.
The type of internet browser that is used to visit the Website.
The time at which you visit the Website.
The frequency with which you visit the Website.
The time spent at each section of the Website.
The Service Provider uses Cookies and similar tracking technologies to track the activity on the Website and store certain information. Tracking technologies are beacons, tags, and scripts to collect and track information and improve and analyse the Website.
The technologies that the Service Provider uses may include (but are not limited):
Cookies or Browser Cookies. A cookie is a small file placed on your Device. You can instruct the browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of the Website.
Flash Cookies. Certain features of the Website may use locally stored objects (or Flash Cookies) to collect and store information about your preferences or activity on the Website. Flash Cookies are not managed by the same browser settings as those for Browser Cookies.
Web Beacons. Certain sections of the Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Service Provider to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on your personal computer or mobile device when you go offline, while Session Cookies are deleted as soon as you close your web browser.
The Service Provider uses both Session and Persistent Cookies for the purposes set out below:
Type: Session Cookies
Administered by the Service Provider
Purpose: These Cookies are essential for providing you with services available through the Website and enabling you to use some of its features. They help to authenticate users and prevent fraudulent use of your accounts. Without these Cookies, the services that you have asked for cannot be provided, and the Service Provider only uses these Cookies to provide you with those services.
Type: Persistent Cookies
Administered by the Service Provider
Purpose: These Cookies identify if you have accepted the use of cookies on the Website.
Type: Persistent Cookies
Administered by the Service Provider
Purpose: These Cookies allow the Website to remember the choices you make when using the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide you with a more personal experience and to avoid having to re-enter preferences every time you use the Website.
Type: Persistent Cookies
Administered by the Service Provider
Purpose: These cookies, including tracking pixels provided by Reddit, Meta (Facebook), and Google, are used to deliver targeted advertising to users based on their browsing history and interactions with the Website. They do not contain personally identifiable information but are used to identify users’ interests and behaviors across websites. The information collected through these pixels may be shared with the respective third-party platforms for ad targeting and performance analysis.
Reddit Pixel: The Reddit Pixel collects data about your interaction with the Website, which may be shared with Reddit to deliver relevant ads on the Reddit platform. For more information, please review Reddit’s Privacy Policy at the following URL: https://www.redditinc.com/policies/privacy-policy.
Meta (Facebook) Pixel: The Meta Pixel (also known as the Facebook Pixel) collects data about your interaction with the Website, which may be shared with Meta to deliver relevant ads on Facebook and Instagram. For more information, please review Meta’s Data Policy at the following URL: https://www.facebook.com/policy.php.
Google Ads: The Website uses Google Analytics and Google Ads to collect and analyze data on user interactions and to deliver targeted advertising. This data is transmitted to and stored by Google. For more information, please review Google’s Privacy Policy at the following URL: https://policies.google.com/privacy?hl=en.
Google Analytics: Personal data and information obtained by way of such cookies concern the use that you make of the Website and will be transmitted from your browser to Google Inc., with registered office at 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America, and stored on Google’s servers. Google’s norms on privacy, which we kindly invite you to read, are available at the following URL: https://policies.google.com/privacy?hl=en.
The information on personal data concerning Google Analytics services is available at the following URL: https://support.google.com/analytics/topic/2919631?hl=en.
Browsing Data: Computer systems and procedures responsible for the correct functioning of the Website automatically acquire, whilst operating, some Personal Data concerning the User’s browsing history. For instance, within this category, the Service Provider may find:
IP addresses;
Number of accesses to the Website;
Visited pages;
Date and time of access;
Browser type;
Adopted operating system.
Data freely and optionally provided by you via email to one of the email addresses indicated on the Website or in this Policy may be acquired for purposes communicated to you occasionally. Besides email addresses required to answer you, additional Personal Data included within the same communication received by the Service Provider may be processed. Personal Data collected as such will be retained and processed solely to preserve them and send correspondence and for no further purpose.
The Service Provider may use Personal Data for the following purposes:
To provide targeted advertising: The Service Provider uses data collected through tracking pixels from Reddit, Meta, and Google to deliver personalized advertising to users. This data may include your interactions with the Website and is used to tailor ads to your interests on third-party platforms like Reddit, Facebook, Instagram, and Google.
To provide and maintain the Website and the Software, including monitoring the usage of the Website.
For the performance of a contract: the development, compliance, and undertaking of the purchase contract for the products, items, or services you have purchased or any other contract with the Service Provider through the Website.
To record and review calls, for training, quality assurance, service improvement, and record-keeping. These recordings are processed either on the basis of your consent or our legitimate interest in maintaining service quality and accurate records of communications.
To provide you with news, special offers, and general information about services and events that the Service Provider offers, like those you have already used unless you have opted not to receive such information.
To manage your requests: To attend to and manage your requests to the Website.
To sell to third parties: We are able to do so, and you agree that we have the right to sell the data and information to third parties without additional consent from you or your additional consent.
For business transfers: the Service Provider may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganisation, dissolution, or another sale or transfer of some or all the Service Provider assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by the Service Provider about the Website and the Software users is among the assets transferred.
For other purposes: the Service Provider may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of the Website’s promotional campaigns, evaluating and improving the Website, products, and Services, marketing, and your experience.
The Service Provider may share your Personal Data in the following situations:
With service providers: the Service Provider has the right to share your Personal Data with service providers to monitor and analyse the use of the Website and to contact you.
For business transfers: the Service Provider may share or transfer your Personal Data in connection with, or during negotiations of, any merger, sale of the Service Provider’s assets, financing, or acquisition of all or a portion of the Service Provider’s business to another owner.
With Affiliates: the Service Provider has the right to share your Personal Data with the Service Provider’s affiliates, in which case the Service Provider will require those affiliates to honour this Privacy Policy. Affiliates include the Service Provider’s related company and any other subsidiaries, joint venture partners or other companies that the Service Provider controls or are under common control with the Service Provider.
With business partners: the Service Provider has the right to share your Personal Data with business partners to offer you certain products, services, or promotions.
With your Consent: the Service Provider has the right to disclose your Personal Data for any other purpose only with your advance consent.
The Service Provider will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy.
The Service Provider will retain and use your Personal Data to the extent necessary to comply with the Service Provider’s legal obligations (for example, if we are required to retain your Personal Data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
The Service Provider will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this Personal Data is used to strengthen the security or improve the Website’s functionality, or when the Service Provider is legally obligated to retain this data for longer periods.
Audio and video recordings of calls are retained only for as long as necessary to fulfil the purposes described in this Policy. These recordings are securely stored and deleted once no longer required for quality assurance, training, or service development purposes.
The Service Provider stores and manages your Personal Data using secure cloud-based tools and infrastructure. This includes:
Google Workspace for communication and document management,
Supabase for secure database storage,
DigitalOcean for backend hosting and infrastructure, and
Otter.ai for call analysis and transcription services.
All third-party processors are bound by contractual obligations to implement appropriate technical and organisational measures to safeguard your data and to use it only as instructed by the Service Provider.
Your information, including Personal Data, is processed by the Service Provider’s operating offices and in any other places where the parties involved in the processing are located. This information may be transferred to — and maintained on — computers outside your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
Your consent to this Privacy Policy, followed by submission of such information, represents your agreement to that transfer.
The Service Provider will take all steps reasonably necessary to ensure that your Personal Data is treated securely and following this Privacy Policy, and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place, including the security of your data and other personal information.
We process your personal data in collaboration with third-party data processors who provide services such as hosting, analytics, bookkeeping, customer support, and communication tools. These data processors act under strict contractual obligations in accordance with our Data Processing Agreement (DPA), ensuring they use your data solely for the purposes we have defined and with appropriate safeguards to protect your privacy.
If the Service Provider is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. The Service Provider will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.
Under certain circumstances, the Service Provider may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
The Service Provider may disclose your Personal Data in the good faith belief that such action is necessary to:
Comply with legal obligations.
Protect and defend the rights or property of the Service Provider.
Prevent or investigate possible wrongdoing in connection with the Service Provider.
Protect the personal safety of you, the Website, or the public.
Protect against legal liability.
The Service Provider takes all reasonable steps to protect the information that is received from you from accidental or unlawful destruction, loss, alteration, and unauthorised disclosure or access. We implement appropriate physical, technical, and administrative safeguards to secure your information.
Access to Personal Data, including call recordings, is limited to authorised personnel who require it to perform their roles (e.g., customer support, coaching, or internal review). These recordings may be processed using third-party platforms such as Otter.ai or stored securely within Google Workspace infrastructure.
All third-party providers are selected carefully and are subject to contractual obligations, including strict data security measures and compliance with applicable data protection regulations. Encryption, access controls, and audit trails are used where appropriate to ensure the confidentiality and integrity of your Personal Data.
If you have any questions about the security of your personal information, you can contact us via the email detailed at the bottom of this document.
The Service Provider’s Website may contain links to other websites that we do not operate. You will be directed to that third party’s website if you click on a third-party link. The Service Provider strongly advises you to review every site’s privacy policy.
The Service Provider has no control over and assumes no responsibility for any content of content on third-party sites or services, privacy policies, or practices.
The Service Provider may update the Policy from time to time. The Service Provider is not obliged to notify you and any other third parties of any changes by posting the new Policy on this page.
The Service Provider has the right to update the Policy. The Service Provider will let you and any other third parties know via updating the “**Last Updated**” date at the top of this Policy.
You and any other third parties are advised to review this Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
The legal basis for processing your Personal Data is Art. 6 sec. 1 a) b), f) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals about the processing of personal data and the free movement of such data and repealing Directive 95/46 / MI Laws UE.L.2016.119.1) (GDPR), where the legitimate interest of the Service Provider is related to providing the Software for you.
Personal Data will be processed until an objection to data processing or termination is made, but no longer than 10 (ten) years.
You have the right to access, correct, delete, or restrict your Personal Data or object to the processing, as well as the right to transfer the Personal Data and complain to the supervisory authority.
In the case of obtaining data and processing them based on Art. 6 sec. 1-year a) GDPR - you have the right to withdraw consent at any time, without prejudice to the lawfulness of the processing carried out based on consent to its withdrawal.
Under the GDPR, the Service Provider is a data controller for the Personal Data collected from all categories of data subjects listed above, with the following exceptions: the Service Provider is a data processor of user logs, administrative user logs, and some account settings information. In addition, the Service Provider is a data processor for any of the information provided by you through the Website that transit. Where the Service Provider is a data processor, the Service Provider processes data on your behalf under your data processing instructions.
If you have an unresolved privacy or data use concern that the Service Provider has not addressed satisfactorily, please contact us via [email protected]
If you have any questions about this Policy, you can contact me by email: [email protected]: