Privacy Policy

How we collect, use, and protect your personal information when you engage with Uexton's seasonal cooking education platform

Introduction and Controller Information

Uexton operates as a creativity-focused educational platform specialising in seasonal cooking instruction. We're committed to protecting your personal data in accordance with UK data protection legislation, including the Data Protection Act 2018 and UK General Data Protection Regulation (UK GDPR).

Data Controller Details

Company: Uexton
Address: 145, 147 East St, Bedminster, Bristol BS3 4EJ, United Kingdom
Contact: +447397521717
Email: [email protected]

This privacy policy explains our data handling practices when you visit our website, enrol in our programmes, or communicate with our team. We believe transparency about data processing helps build the trust essential for effective learning partnerships.

Information We Collect

We collect various types of personal data depending on how you interact with our services. Understanding what information we gather helps you make informed decisions about sharing your details with us.

Information You Provide Directly

  • Contact Information: Name, email address, phone number, postal address when you enquire about programmes or create an account
  • Educational Background: Previous cooking experience, dietary requirements, learning goals shared during enrolment
  • Payment Information: Billing details processed through secure payment providers (we don't store complete payment card details)
  • Communication Records: Messages, feedback, and correspondence exchanged with our team
  • Programme Participation: Assignment submissions, progress tracking, attendance records, and assessment results

Information Collected Automatically

  • Website Usage Data: Pages visited, time spent on site, browser type, device information, and IP address
  • Learning Platform Analytics: Course completion rates, time spent on materials, and engagement patterns
  • Technical Information: Operating system, screen resolution, and referring website details

Legal Basis for Processing

Under UK GDPR, we must have a lawful basis for processing your personal data. Different activities rely on different legal grounds:

Processing Activity Legal Basis Purpose
Programme delivery and administration Contract performance Fulfilling our educational services agreement
Marketing communications Legitimate interest / Consent Keeping you informed about relevant programmes
Website functionality and security Legitimate interest Ensuring proper site operation and user safety
Legal compliance and record keeping Legal obligation Meeting regulatory and tax requirements

How We Use Your Information

Your personal data supports various aspects of our educational services. We're thoughtful about how we use this information to enhance your learning experience while respecting your privacy.

  • Programme Administration: Managing enrolments, scheduling sessions, tracking progress, and providing personalised feedback on your seasonal cooking journey
  • Communication: Sending programme updates, responding to enquiries, sharing relevant seasonal cooking tips, and notifying you about schedule changes
  • Service Improvement: Analysing learning patterns to enhance our curriculum, identifying popular seasonal themes, and developing new content areas
  • Administrative Purposes: Processing payments, maintaining accurate records, and fulfilling legal obligations regarding educational provision
  • Safety and Security: Protecting against fraudulent activities, ensuring website security, and maintaining a safe learning environment

We never sell your personal data to third parties or use it for purposes unrelated to our educational mission.

Data Sharing and Third Parties

We work with carefully selected partners to deliver our services effectively. Any data sharing arrangements include strict contractual protections for your personal information.

Service Providers We Work With

  • Payment Processors: Secure handling of financial transactions (they process payment data under their own privacy policies)
  • Email Services: Delivery of programme communications and updates using reputable email platforms
  • Learning Management Systems: Hosting course materials and tracking progress through established educational technology providers
  • Analytics Providers: Understanding website usage patterns to improve user experience (using anonymised data where possible)
  • IT Support Services: Maintaining our technical infrastructure and ensuring data security

When We Might Share Information

Beyond our service providers, we only share personal data in specific circumstances:

  • When legally required by UK authorities or courts
  • To protect our legitimate business interests or prevent illegal activities
  • With your explicit consent for specific purposes
  • In connection with business transfers (with appropriate safeguards)

Your Privacy Rights

UK data protection law provides you with several important rights regarding your personal information. We're committed to helping you exercise these rights promptly and effectively.

Rights Available to You

  • Right of Access: Request copies of your personal data and information about how we process it
  • Right to Rectification: Ask us to correct inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Limit how we use your data while disputes are resolved
  • Right to Data Portability: Receive your data in a portable format for transfer elsewhere
  • Right to Object: Stop processing based on legitimate interests or for direct marketing
  • Rights Related to Automated Decision-Making: Challenge decisions made without human involvement

To exercise any of these rights, contact us at [email protected] or call +447397521717. We'll respond within one month, though complex requests might take slightly longer. We may need to verify your identity before fulfilling certain requests.

Data Security and Protection

Protecting your personal information is fundamental to our operations. We implement multiple layers of security to safeguard data throughout its lifecycle with us.

Technical Security Measures

  • Encryption: All data transmissions use SSL/TLS encryption, and sensitive stored data is encrypted at rest
  • Access Controls: Staff access is limited to necessary data only, with regular access reviews and strong authentication requirements
  • System Monitoring: Continuous monitoring for unusual activity and regular security assessments
  • Backup and Recovery: Secure data backups with tested recovery procedures
  • Software Updates: Regular security patches and system updates to address vulnerabilities

Organisational Security Measures

  • Regular staff training on data protection responsibilities and best practices
  • Clear data handling procedures and incident response protocols
  • Background checks for personnel with access to sensitive information
  • Regular review and testing of security measures effectiveness

Despite our robust security measures, no system is completely immune to risks. We continually evaluate and enhance our security practices to stay ahead of evolving threats.

Data Retention and Deletion

We retain personal data only as long as necessary for the purposes it was collected or as required by law. Different types of information have different retention periods based on their purpose and legal requirements.

Data Type Retention Period Reason
Student records and assessments 7 years after programme completion Educational certification requirements
Financial and payment records 6 years from end of tax year UK tax and accounting obligations
Marketing communications data 3 years from last engagement Maintaining relevant communications
Website analytics and usage data 2 years from collection Service improvement and security
General correspondence 3 years from last contact Customer service and relationship management

When retention periods expire, we securely delete or anonymise personal data. In some cases, we may retain anonymised information for statistical purposes, ensuring no individual identification is possible.

International Data Transfers

While we primarily process data within the UK, some of our service providers may transfer data internationally. When this occurs, we ensure appropriate safeguards protect your information.

  • Adequacy Decisions: Transfers to countries recognised by the UK as providing adequate data protection
  • Standard Contractual Clauses: Using UK-approved contractual terms that require recipients to protect your data
  • Additional Safeguards: Extra security measures when transferring to countries without adequate protection
  • Regular Reviews: Ongoing assessment of international transfer arrangements to ensure continued protection

You can request specific information about international transfers affecting your data by contacting our privacy team.

Cookies and Website Technologies

Our website uses cookies and similar technologies to enhance functionality and understand usage patterns. We're transparent about what technologies we use and give you control over non-essential cookies.

Types of Cookies We Use

  • Essential Cookies: Required for basic website functionality, security, and user authentication
  • Analytics Cookies: Help us understand how visitors use our website to improve user experience
  • Preference Cookies: Remember your settings and customisation choices
  • Marketing Cookies: Track effectiveness of our communications and display relevant content (with your consent)

You can manage cookie preferences through your browser settings or our cookie management tool. Disabling certain cookies may affect website functionality but won't prevent you from accessing essential information about our programmes.

Children's Privacy

Our programmes are designed for adults aged 18 and over. We don't knowingly collect personal information from children under 16 without appropriate parental consent. If we discover we've collected such information, we'll delete it promptly.

For participants aged 16-18, we may require additional consent from parents or guardians and implement extra safeguards appropriate for younger learners in our programmes.

Changes to This Privacy Policy

We review and update this privacy policy regularly to reflect changes in our practices, legal requirements, or service offerings. Significant changes will be communicated directly to active students and posted prominently on our website.

This privacy policy was last updated in January 2025. Previous versions are available upon request.

Complaints and Regulatory Contact

If you're not satisfied with how we handle your privacy concerns, you have the right to complain to the UK's data protection regulator:

Information Commissioner's Office (ICO)

Website: ico.org.uk
Phone: 0303 123 1113
Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

However, we'd appreciate the opportunity to address your concerns directly before you contact the ICO. Many privacy questions can be resolved quickly through direct communication with our team.

Privacy Questions and Contact

For any questions about this privacy policy or how we handle your personal data, please contact us:

Email: [email protected]
Phone: +447397521717
Address: 145, 147 East St, Bedminster, Bristol BS3 4EJ, United Kingdom

We aim to respond to privacy enquiries within 48 hours during business days.