athlete-business-school-logo

Privacy Notice

Privacy Notice 

Last Reviewed Date: 28th October 2021

Introduction ‘Athlete Business School Ltd’; ‘we’; ‘our’; ‘us’; and ‘the company’ means Athlete Business School Ltd, a company registered in England and Wales, with a registered address of Piccadilly Business Centre, Aldow Enterprise Park, Manchester, England, M12 6AE (Company number: 12854287).

Athlete Business School specialises in the publication of books and educational content online. The safety and security of your personal data is our paramount consideration. All parties who utilise Athlete Business School products and services with the confidence that your data is safe in our hands. 

In order to provide our services to you, we must process Personal Data about you, or Personally Identifiable Information (PII). We are committed to maintaining the highest standards of compliance with regulatory environments.

This Privacy Policy aims to explain to our service users how we process personal data, so that you can make well-informed decisions regarding your legal rights. The policy also aims to outlay our duties and responsibilities in processing data about our clients and coaches. 

When does this Privacy Policy apply? This policy applies to the personal information that we collect, use or ask you to provide to us to facilitate your use of our services and products within the Athlete Business School. We are the Data Controller of the data we processed and may instruct Data Processors on how to process your data on our behalf, only if they help us provide the products to you. This Privacy Policy applies as soon as you access our Services, visit our website, contact or engage with us.

We may update this Privacy Policy from time to time to keep up with legislative or regulatory changes, and to ensure that it remains in-line with our business needs and obligations. Any update or modification of the current version of this Policy will be considered applicable from the time of its publication. If we make material changes, such as how we may use your personal information, we will notify you prior to the change becoming effective.  Our notification will be via email, a notice to our home page and by email to you, in order to obtain your consent for new uses to your personal information, if required.  We strongly suggest that you read our Terms and Conditions and Terms of Use so you may understand the terms that may apply to the use of our Website and Products.  Should you have any questions, comments or suggestions with regard to our privacy policy, we ask that you contact us at info@athletebs.com. 

By using our website or products, you are presumed to have read and understood this Privacy Statement. 

Types of data that we collect We always strive to be totally transparent

about our practices concerning the collection and use of personal data. When you access or use our services, we collected the following: 

Contact Data: full name, email address, home/billing address (including country and postal/zip code)

Cookie Data – Session cookies for account login authentication purposes;

Marketing Data – email address, marketing preference (opt in/opt out), records of consent (opt in), list of unsubscribed clients and marketing leads;

Transaction Data – payments for bookings within the Services and past transaction history (no payment card information is shared with the company as is processed by Stripe (Stripe Payment Services UK), who are PCI DSS v3.2, SAQ A complaint;

System Data - your devices’ Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Information you provide to us during customer service interactions and to receive assistance from us;

Account data – Athlete Business School username and password (login credentials)

Aggregated data or other information that does not identify individuals, for example information regarding our website visits, origin URLS, email delivery, test delivery and engagement.

Where you are an affiliate performing marketing for the Company, we will collect:

Full name, email address, home address (including postal/zip code), date of birth, social media profile URLs, payment details for commission due

How we use the data we collect

We may use your different in the following means to deliver our service to you, depending on your relationship with us:-

Where you are a customer:

To provide our products and services to you upon your request;

Create and manage your Athlete Business School account for purchases;

Process your payment transactions

Provide you with technical and customer support

Provide you with service messages about our products and services, including website developments

We may use session cookies to authenticate your account. For more information on the use of Cookies, please see our Cookie Policy.

Where you are an Affiliate:

Establish a relationship with you for the purposes of affiliate marketing;

Review your suitability as an affiliate marketer, including social media following;

Generate a ‘sales lead’ figure based on sales generated by you;

To facilitate commission payments to be paid to you for successful, completed lessons

What grounds do we process your data under?

Both the UK and the EU General Data Protection Regulations (UK/EU GDPR) forbids the processing of personal data unless we are collecting and using your in line with one of 6 lawful bases. The lawful bases we rely on are: 

Consent: when an individual has given clear consent for their personal data to be processed for a specific purpose. This consent must be well-informed, freely given and can be withdrawn by you at any time by contacting info@athletebs.com or by clicking ‘unsubscribe’ at the footer of any email correspondence you receive from us. 

Performance of a Contract: the processing is necessary for a performance of a contract, or because they have been asked to take specific steps before entering into a contract.

Legal Obligation: the processing is necessary for us to comply with the law (not including contractual obligations)

Vital Interests: the processing is necessary to protect someone’s life. 

Public Task: the processing is necessary to perform a task in the public interest or your official functions, and the task or function has a clear basis in law.

Legitimate Interests: the processing is necessary for legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests 

Age Restrictions

We are committed to ensuring that no data is processed about any living individual under the age of 18 during their use of our website and our products.

Should we later discover that data relating to a child under 18 has been processed by us without our knowledge, we will securely destroy it immediately upon discovery. 

How long do we keep your personal data?

We process your personal data only for as long as necessary to achieve the purposes for which it was originally collected. Once you purchase one of our course products, we create an account for you so you may review your past purchases and access your courses at your convenience. If you instruct us to, we will delete your Athlete Business School account and all of your personal data involved.

Please note that on some occasions, we may retain elements of your personal information after our relationship has ended, where we are required to keep this data for as long as necessary to comply with our legal and regulatory obligations.

Who do we share your data with? We may share your data with third parties for the purposes of fulfilling our commitment to you. The data that we collect and receive from a customer is solely processed for the purposes of product provision, within the scope of this policy. Please note that we will never share or sell your data to a third party for commercial gain. We share data with third parties only when they provide part of the service to us:

Athlete Business School platform providers (“developers”) for the purposes of managing your account preferences beyond personal configuration

Payment Service Providers who assist us in processing your payment card details and transactions on our behalf, such as Stripe (PCI-DSS Compliant). Please note that payment details are processed directly on Stripe’s payment gateway and are not visible to Athlete Business School. 

Technology service providers who host our information systems, backup servers or that offer us technological support, including Converdy.com, Google, Krystal.co.uk, FreshLMS.com and Wordpress. These third parties will be subject to the terms of this Privacy Policy, our terms of Use and their own security and privacy obligations. 

Administrative, judicial and/or legal authorities in response to requirements, as long as they are required in accordance with the applicable law and regulations;

Our legal advisors in the event a claim is presented in relation to our services and products. 

In the event that we sell or buy any business or assets, in which case we may need to disclose your data to the prospective seller, buyer or business partner. 

Where we use a third party or service provider to provide our Service to you, we enter into written agreements with them as sub-processors, including specific data processing terms with the same level of protection as afforded by us. 

As part of our business model, we work with trusted, professional affiliate marketers who promote our products on our behalf. If you purchase one of our products through an affiliate link, the affiliate will receive a commission payment for sharing your details with us as our customer. 

International Transfers of Data

Our data is hosted in the United Kingdom (London) and Amsterdam, Netherlands, both of which are subject to GDPR. For those users who are in a country or region outside of the United Kingdom, please be advised the laws governing your private information may differ significantly from those laws in the United Kingdom that govern the collection and securing of personal information.  

Where we use certain service providers outside the UK/EEA, we may use specific contracts approved by the European Commission which give personal data the same protection as it has in Europe called Standard Contractual Clauses (SCCs).

We ensure that all ex-EEA third party providers and Data Processors that we rely on have embedded Standard Contractual Clauses into their business model before we engage with them. 

Security of your data

Athlete Business School takes their obligation to protect data very seriously. We appreciate the trust you place in us when you engage in our products and we have incorporated technical and organisational security measures to protect that data.   Access to your Athlete Business School account is only available through authentication of one’s username and password, which should remain confidential to you  and never shared with others. If a discover that a password breach has occurred, you should notify Athlete Business School without undue delay by contacting info@athletebs.com

Your information is protected on a server that is behind a firewall; while utilising security software so as to maintain the confidentiality of the personal information we have accumulated.  In the unlikely event of a security breach of a user’s personal information, we shall notify all users whose information may have been compromised to both the data subject, in accordance with all applicable laws and regulations and in our capacity as data controller. All Athlete Business School personnel are bound by a duty of confidentiality within their employment terms and only strictly necessary personnel will have access to personal data. 

Links to other sites

Our website may contain links to other third-party websites and services. This Privacy Policy does not apply to any links provided to you by anyone other than us. Third parties will appoint their own privacy policies and these should be consulted should you have any queries about how they process your data. We have no control over such third party websites and have any responsibility for their actions.

Your Rights

Any personal information you supply will be treated in accordance with applicable data protection laws including the GDPR (UK and EU) and any other applicable or superseding laws. We are committed to delivering the rights that individuals are entitled to and upholding a transparent approach in processing data. These are:

The right to access (data subject access request) You are entitled to request an electronic copy of the personal information we hold about you, stemming from the beginning of our relationship, within 30 days. To do this, please contact us at info@athletebs.com to request a copy including full details of what you require. You may also be required to submit or demonstrate proof of your identity.

The right to object (right to be forgotten) to your personal information being used for certain purposes. Where required, we ensure we will obtain your consent before undertaking marketing or data selling and you will always have the ability to opt out at any time. 

The right to rectification: You may request that we correct any inaccurate and/or complete any incomplete personal information. You may review, update, correct and add or delete your personal information in your account. 

The right to withdraw consent: Where we are processing your personal information on the basis that you have given us your consent to do so, you may withdraw your consent at any time.

The right of erasure: You may request that we erase your personal information and we will comply, unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for retaining your personal information, such as a legal requirement to retain transaction data for a period of 6 years or to protect Athlete Business School in any legal disputes.

The right to data portability: Under GDPR, in certain circumstances, you may request that we provide your personal information to you in a structured, commonly used and machine readable format and have it transferred to another provider of the same or similar services to us. Where this right is applicable, we will comply with such transfer as far as it is technically feasible.

Other Rights and Responsibilities

Athlete Business School agree to fulfil their data privacy obligations, including the fulfilment of data subject right requests within the statutory deadline;

In the event that you submit to us a data subject access request, or require copies of your Data held by us, we will provide you with copies of requested data within a thirty (30) day period, starting on date of receipt;

We commit to ensuring that you will be notified in accordance with all applicable laws and regulations if a breach or unauthorised release of personal data occurs. We will notify you by email as permitted by law if it is determined that a data security incident occurred;

Athlete Business School will never require you, to disclose more information than is reasonably necessary to participate in an activity;

Any such newsletter, marketing, or promotional email will only be sent after you confirm your consent to receive communications from us via clicking a confirmation link sent to your email address. (This process is typically referred to as “double opt-in,” and is used for all email marketing activities conducted by Athlete Business School Ltd.)

If you have opted in to receive direct marketing from us and you have changed your mind (which you can do at any time), you may unsubscribe by just clicking on the unsubscribe link in the footer of any Athlete Business School email which was sent to you.  Another option is to contact us at info@athletebs.com and make this request.  We will honor your request and respond to you within a reasonable timeframe. 

The right to lodge a complaint with the supervisory authority We suggest that you contact us about any questions or if you have a complaint in relation to how we process your personal information. You can reach us at info@athletebs.com. However, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your Personal Data does not comply with legal requirements. For UK citizens, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you are unsatisfied with our processing of your data (www.ico.org.uk). Athlete Business School’s ICO registration number is ZB205354. 

A list of Data Protection Authorities within the European Union is available here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.