Privacy Policy
Last updated: 6 July 2026
This Privacy Policy explains how The Expert Academy Limited collects, uses, stores and protects personal information.
The Expert Academy Limited is a UK-based online learning business providing professional, business and workplace skills courses through its own websites, learning platforms, distribution partners and related sales channels.
For the purposes of UK data protection law, including the UK General Data Protection Regulation and the Data Protection Act 2018, The Expert Academy Limited is the controller of the personal information described in this Privacy Policy unless stated otherwise.
1. Who we are
Company name: The Expert Academy Limited
Company number: 11059503
Registered office: 36 Parma Crescent, London, England, SW11 1LT
Nature of business: Other education not elsewhere classified
For privacy enquiries, please contact us at:
Email: [email protected]
Postal address: The Expert Academy Limited, 36 Parma Crescent, London, England, SW11 1LT
If you access our courses through a third-party learning platform, marketplace, employer, training provider or distribution partner, that organisation may also act as a controller of your personal information. You should read their privacy policy to understand how they use your information.
2. Personal information we collect
We may collect and use the following types of personal information:
Information you provide directly
This may include:
- your name
- email address
- phone number, if provided
- billing address
- payment-related information
- account login details
- course enrolment information
- course progress, assessment results and certificate information
- messages, enquiries or support requests you send to us
- marketing preferences
- business contact details if you are a corporate customer, supplier, instructor, affiliate, partner or prospective partner
Information collected automatically
When you visit our website or use our online services, we may collect:
- IP address
- browser type and version
- device information
- operating system
- referral source
- pages viewed
- time spent on pages
- course usage data
- cookie and tracking information
- approximate location derived from technical data
Information from third parties
We may receive personal information from:
- course platforms and learning management systems
- payment processors
- affiliate or referral partners
- employers, training providers or business customers who provide access to our courses
- distribution partners and marketplaces
- analytics, advertising or marketing platforms
- publicly available sources, such as company websites, LinkedIn or Companies House
- business data providers, where permitted by law
3. How we use personal information
We use personal information for the following purposes:
To provide our courses and services
We use personal information to:
- create and manage user accounts
- enrol learners on courses
- provide access to online learning content
- track course progress and completion
- issue certificates or completion records
- provide customer support
- communicate service updates
- process purchases, invoices and refunds
Lawful basis: performance of a contract, legitimate interests and legal obligation where applicable.
To manage payments and financial records
We use personal information to:
- process payments
- manage subscriptions or purchases
- issue invoices and receipts
- prevent fraud
- keep accounting, tax and financial records
Lawful basis: performance of a contract, legal obligation and legitimate interests.
To communicate with customers, learners and partners
We use personal information to:
- respond to enquiries
- provide support
- manage business relationships
- send administrative messages
- manage partnership, licensing, affiliate or distribution discussions
- communicate with suppliers, instructors and commercial contacts
Lawful basis: performance of a contract, legitimate interests and legal obligation where applicable.
To send marketing communications
We may use personal information to send updates about our courses, offers, content, services, events, partnerships or business opportunities.
We will only send marketing communications where we have a lawful basis to do so. This may be consent, soft opt-in consent where permitted, or legitimate interests for relevant business-to-business communications.
You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly.
Lawful basis: consent or legitimate interests, depending on the context.
To improve our website, courses and services
We use personal information to:
- understand how people use our website and courses
- improve course content, user experience and technical performance
- monitor engagement and completion rates
- test and improve marketing campaigns
- analyse sales and platform performance
- develop new learning products, bundles or commercial propositions
Lawful basis: legitimate interests.
To manage platform, security and fraud risks
We use personal information to:
- keep our website and systems secure
- detect fraud, misuse or unauthorised access
- monitor technical errors
- enforce our terms and policies
- protect our business, users and partners
Lawful basis: legitimate interests and legal obligation where applicable.
To comply with legal and regulatory obligations
We may use personal information to:
- comply with tax, accounting and company law obligations
- respond to lawful requests from regulators, courts or public authorities
- maintain records required by law
- protect or defend legal rights
Lawful basis: legal obligation and legitimate interests.
4. Our legitimate interests
Where we rely on legitimate interests, those interests may include:
- operating and improving our online learning business
- providing customer service
- managing business, supplier, affiliate and partner relationships
- promoting relevant courses and services
- understanding commercial performance
- protecting our systems and users
- preventing fraud and misuse
- growing and developing our business
- maintaining accurate business records
- enforcing our terms and protecting legal rights
We only rely on legitimate interests where we consider that our interests are not overridden by your rights, freedoms or interests.
5. Cookies and similar technologies
Our website may use cookies, pixels, tags and similar technologies to:
- make the website work properly
- remember user preferences
- understand website usage
- improve performance
- support analytics
- measure marketing effectiveness
- provide relevant advertising or retargeting, where used
Some cookies are essential. Others, such as analytics or advertising cookies, may require your consent.
You can manage cookies through your browser settings and, where available, through our cookie banner or cookie preference tool.
This Privacy Policy should be read alongside our Cookie Policy, where applicable.
6. Who we share personal information with
We may share personal information with the following categories of recipient:
- website hosting providers
- learning management systems and course platforms
- payment processors
- email, CRM and marketing platforms
- analytics and advertising platforms
- customer support tools
- cloud storage and IT service providers
- accountants, lawyers, insurers and professional advisers
- instructors, course contributors or certificate providers where necessary
- affiliates, resellers, marketplaces and distribution partners where necessary to provide or manage access to courses
- employers, training providers or corporate customers where they have arranged or paid for learner access
- regulators, courts, law enforcement or public authorities where required by law
- potential buyers, investors or advisers in connection with a business sale, merger, investment or restructuring
We do not sell personal information in the ordinary sense of the word. If we share information with partners or platforms, we do so for the purposes described in this Privacy Policy.
7. International transfers
Some of our service providers, platforms or partners may process personal information outside the UK.
Where personal information is transferred outside the UK, we will take appropriate steps to protect it in line with UK data protection law. This may include using UK adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses or other approved safeguards.
8. How long we keep personal information
We keep personal information only for as long as necessary for the purposes described in this Privacy Policy.
Typical retention periods include:
- account and course records: for as long as your account is active and for a reasonable period afterwards
- payment, invoice and accounting records: normally up to 6 years, or longer if required by law
- customer support records: normally up to 3 years after the matter is resolved
- marketing records: until you unsubscribe, object or your details are no longer reasonably required
- business contact and partner records: for as long as there is an active relationship or reasonable commercial purpose
- legal and compliance records: for as long as necessary to comply with legal obligations or protect legal rights
- website analytics data: for a limited period depending on the analytics tools used
We may retain anonymised or aggregated information for longer, provided it no longer identifies you.
9. How we protect personal information
We use appropriate technical and organisational measures to protect personal information against unauthorised access, loss, misuse, alteration or disclosure.
These measures may include:
- access controls
- password protection
- secure cloud services
- encryption where appropriate
- staff and contractor access restrictions
- secure payment processing through third-party providers
- supplier due diligence
- regular review of systems and processes
No website, platform or online service can be guaranteed to be completely secure. You are responsible for keeping your login details confidential.
10. Your rights
Under UK data protection law, you may have the following rights:
- the right to be informed about how your personal information is used
- the right of access to your personal information
- the right to have inaccurate personal information corrected
- the right to have personal information erased in certain circumstances
- the right to restrict processing in certain circumstances
- the right to object to processing in certain circumstances
- the right to data portability in certain circumstances
- the right to withdraw consent where we rely on consent
- the right to object to direct marketing at any time
- rights relating to automated decision-making and profiling, where applicable
These rights are not absolute and may depend on the lawful basis for processing and the circumstances of the request.
To exercise your rights, please contact us using the details in section 1.
We may need to verify your identity before responding to a request.
11. Marketing preferences
You can opt out of marketing communications at any time by:
- clicking the unsubscribe link in our marketing emails
- adjusting your account or communication preferences, where available
- contacting us directly
If you opt out of marketing, we may still send you service-related messages, such as account, payment, course access or legal updates.
12. Automated decision-making
We do not use personal information to make decisions that have a legal or similarly significant effect on individuals based solely on automated processing.
We may use limited profiling or segmentation to understand customer interests, improve our services and make marketing more relevant.
13. Children’s privacy
Our services are intended for professional, business and adult learning audiences. They are not directed at children.
We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can review and delete it where appropriate.
14. Links to other websites and platforms
Our website and courses may contain links to third-party websites, platforms or services.
We are not responsible for the privacy practices of those third parties. You should read their privacy policies before providing them with personal information.
15. Complaints
If you have concerns about how we use your personal information, please contact us first so we can try to resolve the issue.
You also have the right to complain to the Information Commissioner’s Office, the UK supervisory authority for data protection.
Website: https://ico.org.uk/make-a-complaint/
16. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business, services, legal obligations or data processing practices.
The latest version will be published on our website with the updated date shown at the top.