Privacy Policy

1. Introduction

Recolearn Limited ("Recolearn", "we", "us", or "our"), a company registered in England and Wales, is dedicated to safeguarding and upholding your privacy. We operate the website recolearn.com and the Recolearn AI Learning Management System (LMS) platform.

This Privacy Policy outlines how we collect, use, store, and share personal information from visitors, customers, and registered users of our website and services.

By using our platform, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our services.

2. Data Controller

The data controller responsible for your personal information is:

Recolearn Limited
The Long Lodge
265-269 Kingston Road
Wimbledon, London
SW19 3NW, United Kingdom
Email: privacy@recolearn.com
Phone: +44 33 3303 4006
Website: www.recolearn.com

3. Information We Collect

When enrolling on or using our platform, we may collect the following categories of personal data:

3.1 User Account Information

Full name
Email address
Password (encrypted and stored securely)

3.2 Profile Information

User preferences and settings
Profile picture
Bio or description

3.3 Contact Information

Postal address
Phone number

3.4 Educational & Learning Data

Courses enrolled in and completed
Learning progress and milestones
Grades, assessments, and quiz results
Certificates earned

3.5 Device & Technical Information

IP address
Browser type and version
Operating system
Device identifiers

3.6 Usage & Behavioural Data

Navigation patterns within the platform
Interactions with course content
Session duration and frequency of use

3.7 Payment & Billing Data

Billing name and address
Payment transaction records (processed by Paddle)
Subscription and plan details

Note: We do not store full card details. All payment processing is handled securely by Paddle (paddle.com), our authorised payment processor.

4. Legal Basis for Processing (UK GDPR)

As a UK-registered company, Recolearn Limited processes personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We rely on the following legal bases:

Contract Performance: Processing necessary to provide our LMS services under our Terms & Conditions.
Legitimate Interests: Processing for business interests such as improving our platform, fraud prevention, and security.
Consent: Where you have explicitly given consent, such as for marketing communications or optional cookies.
Legal Obligation: Where we are required to process data to comply with applicable laws.

5. How We Use Your Information

User Authentication: Secure login and access to the platform.
Personalised Learning: Tailoring course recommendations based on your preferences and activity.
Progress Tracking: Monitoring course completion, assessments, and learning milestones.
Performance Analysis: Analysing usage data to improve the platform experience.
Feedback & Assessment: Providing feedback on quizzes, assignments, and assessments.
Account Administration: Managing enrollments, subscriptions, and administrative tasks.
Customer Support: Addressing your enquiries and support requests.
Platform Improvement: Using aggregated and anonymised data to enhance features.
Billing & Transactions: Processing payments for courses and managing subscriptions.
Legal Compliance: Meeting our obligations under applicable laws.
Marketing Communications: Sending updates or promotional content where you have given consent (you may opt out at any time).

6. Data Retention

Active accounts: Data is retained for the duration of your account.
Deleted accounts: Personal data is deleted or anonymised within 90 days of account deletion.
Financial records: Retained for 7 years in accordance with UK tax and accounting regulations.
Learning records: Course completion records and certificates retained for up to 5 years.

7. Data Security

Encryption: SSL/TLS encryption for all data transmission.
Access Controls: Role-based access restrictions for authorised personnel only.
Firewalls: Network firewalls to monitor and control traffic.
Regular Security Audits: Periodic vulnerability assessments of our systems.
Data Backups: Regular encrypted backups to prevent data loss.
Privacy by Design: Data protection integrated into platform development.
Data Minimisation: We collect only information strictly necessary to provide our services.

In the event of a personal data breach, we will notify the Information Commissioner's Office (ICO) within 72 hours and inform affected users without undue delay, as required under UK GDPR.

8. Cookies

8.1 Types of Cookies We Use

Essential Cookies: Required for the platform to function correctly (session management, authentication). These cannot be disabled.
Analytics Cookies: Used to understand how users interact with our platform, including Google Analytics and Google Tag Manager.
Preference Cookies: Used to remember your settings and preferences for future visits.
Marketing Cookies: Used to track advertising effectiveness and deliver relevant content

8.2 Managing Cookies

You can control and manage cookies through your browser settings. Disabling certain cookies may affect platform functionality. For more information, visit www.allaboutcookies.org.

9. Third-Party Service Providers

Paddle (paddle.com): Payment processing and subscription management.
Google Analytics & Google Tag Manager: Platform usage analytics.
Cloud Hosting Providers: Secure server infrastructure to host our platform and data.
Customer Support Tools: Software used to manage and respond to support tickets.

We do not sell, trade, or otherwise transfer your Personally Identifiable Information to third parties for marketing purposes.

10. International Data Transfers

Recolearn Limited operates primarily from the United Kingdom, with an additional office in India. Your personal data may be transferred to and processed in countries outside the UK or EEA. Where such transfers occur, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the relevant data protection authorities.
Transfers only to countries with an adequate level of data protection as recognised by the UK ICO.

11. Children's Privacy

Recolearn's platform may be used by organisations to deliver courses to learners of all ages, including children. Where courses are made available to users under the age of 13, the organisation (business customer) is responsible for obtaining appropriate parental or guardian consent in compliance with applicable laws including COPPA and UK GDPR. Recolearn Limited acts as a data processor in such cases and processes data only on the instructions of the organisation.Recolearn's platform is not intended for children under the age of 13. We do not knowingly collect personal data from children under 13 without verifiable parental consent.

12. Your Rights Under UK GDPR

Right to Access: Request a copy of the personal data we hold about you.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure: Request deletion of your personal data ("right to be forgotten").
Right to Restrict Processing: Request that we limit how we use your data.
Right to Data Portability: Request your data in a structured, machine-readable format.
Right to Object: Object to processing based on legitimate interests or for direct marketing.
Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at privacy@recolearn.com. We will respond within 30 days.

13. Complaints & Supervisory Authority

If you are not satisfied with how we handle your personal data, you may lodge a complaint with:

Information Commissioner's Office (ICO)
Website: www.ico.org.uk
Helpline: 0303 123 1113
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We would appreciate the opportunity to address your concerns first — please contact us at privacy@recolearn.com.

14. Updates to This Privacy Policy

When we make material changes, we will update the "Last Updated" date at the top of this policy and notify registered users via email or a prominent notice on our platform.

Your continued use of our platform after any changes constitutes your acceptance of the updated policy.

15. Contact Us