Privacy Policy
Last updated: 1 July 2025. This Privacy Policy explains how Golden Ridge Drawing Courses collects, uses, and protects your personal data in accordance with UK GDPR and the Data Protection Act 2018.
Who we are
Golden Ridge Drawing Courses, UK. Contact: [email protected], +44 20 4525 6789.
Scope of this policy
This policy applies to visitors of our website, enrolled learners, and prospective students who interact with our services online. It covers data collected via our site, emails, and course enrolment workflows.
Data Controller
Golden Ridge Drawing Courses is the data controller responsible for your information. For EU residents, we apply UK GDPR-equivalent protections and standard contractual clauses where required.
Data we collect
Account and contact details, course selections, payment intent metadata (no card details stored), and usage analytics.
Categories of data
- Identity and contact: name, email, phone, billing country.
- Educational: course selections, progress preferences.
- Transaction metadata: payment intent ID, status, timestamps (no full card numbers or CVV stored).
- Technical: IP address, device and browser, pages viewed, referrer, and approximate location derived from IP.
- Cookies and similar: session identifiers, theme preference, consent choices.
Sources
Directly from you during registration or contact. Automatically through your device when using our site. Limited information from payment processors strictly for fraud prevention and reconciliation.
Legal bases
- Contract performance for enrolment.
- Legitimate interests for improvements.
- Consent for newsletters.
More on legitimate interests
We aggregate site usage to understand what content helps learners, prevent abuse, and secure our services. We balance these interests against your rights and implement safeguards such as IP truncation and retention limits.
Cookies
We use essential cookies for session and preferences. Analytics cookies are optional.
Types of cookies
- Essential: security, load balancing, authentication, consent status.
- Preferences: theme, dismissed alerts.
- Analytics (optional): page performance and engagement metrics.
You can manage your choices at any time via the “Cookie settings” control on this page.
Data sharing
We do not sell personal data. Limited processors under UK/EU standard clauses.
Processors
- Cloud hosting and storage vendors for secure infrastructure.
- Email delivery providers for transactional notices.
- Payment processors for secure checkout and fraud prevention.
International transfers
Where data is transferred outside the UK/EEA, we use appropriate safeguards such as Standard Contractual Clauses and supplementary measures.
Your rights
- Access, rectification, deletion.
- Restriction and portability.
- Withdraw consent at any time.
Exercising your rights
To exercise any right, please email [email protected] or use the request form below. We may need to verify your identity before we act.
Retention
We retain account data for as long as necessary to provide services and meet legal obligations.
Typical retention periods
- Account records: for the life of the account and 6 years after closure (legal/accounting).
- Transactional metadata: up to 6 years (tax and fraud prevention).
- Analytics: 14 months or less, stored in aggregate form where possible.
Next policy review in: —
Contact
For privacy requests email [email protected].
Complaints
You have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO). We encourage you to contact us first so we can address your concerns quickly.