Privacy Policy | MindVera (LEARNITY GROUP LIMITED)

Privacy Policy

Effective date: 6 October 2025 — last updated: 6 October 2025

Summary: We collect the minimum personal data necessary to deliver digital learning services, process payments via Stripe, secure our platform, and—where you consent—measure analytics and deliver marketing. You control non‑essential cookies and marketing consent, and you can exercise your privacy rights at any time by contacting info@mindvera.net.

1) Who we are (Data Controller)

Controller
LEARNITY GROUP LIMITED (trading as MindVera)
Address
17, Raleigh Street, Plymouth, England, PL1 1ET
Email
Phone

2) What data we collect

  • Account & contact data: name, email, password, phone, country, billing address.
  • Payment data: processed by Stripe. We receive payment confirmation, masked card details (last 4 digits), transaction IDs, and billing metadata. We do not store full card numbers or CVV.
  • Service usage data: login timestamps, IP address, device/browser type, course progress and activity, support interactions.
  • Cookies & identifiers: cookie IDs, analytics IDs, advertising IDs, and similar technologies (see Cookie Policy).
  • Communications: messages you send to us (email or forms), and our responses.

3) Why we use your data (purposes & legal bases)

  • Provide the service (create/manage accounts, deliver content) — Contract.
  • Process payments & prevent fraudContract and Legitimate interests; compliance with legal obligations.
  • Security & service integrity (access controls, logging, abuse prevention) — Legitimate interests.
  • Customer support & communicationsLegitimate interests and Contract.
  • Analytics & improvementsLegitimate interests; where required, Consent via cookie banner.
  • Marketing communications (newsletters, offers) — Consent (you can withdraw any time).
  • Legal compliance (tax, accounting, regulatory requests) — Legal obligation.

4) Who we share data with (processors & recipients)

We share personal data with trusted service providers under data processing agreements:

  • Stripe (payments and fraud prevention).
  • Analytics & ads (e.g., Google Analytics, Meta Pixel) for measurement and advertising, where you consent.
  • Email/CRM (transactional emails, newsletters).
  • Hosting & infrastructure (cloud platforms, security tools).
  • Authorities & advisors where required by law or to establish/exercise legal claims.

We do not sell personal data. For California residents, we do not sell personal information as defined by the CCPA; some advertising or analytics may constitute “sharing” for cross‑context behavioral advertising. You may opt‑out as described below.

5) International transfers

Personal data may be transferred outside the UK/EU (for example, to the United States). Where we do so, we implement appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission/UK ICO and additional measures where necessary.

6) Data retention

  • Account and transaction records: retained for tax and accounting compliance, typically 6+ years (or longer where required).
  • Course activity & usage logs: typically up to 24 months, unless required for security or legal reasons.
  • Marketing data: retained until you unsubscribe or withdraw consent.
  • Support communications: typically 24 months after resolution.

7) Your privacy rights

EU/UK (GDPR/UK GDPR): You can request access, rectification, erasure, restriction, portability, and object to processing (including profiling). Where processing is based on consent, you may withdraw consent at any time.

California (CCPA/CPRA): You can request to know, delete, correct, and opt‑out of the sale or sharing of personal information. We do not sell personal information; you may opt‑out of sharing for targeted advertising via the cookie banner or by contacting us.

How to exercise rights: Email info@mindvera.net with the subject “Privacy Request.” We may need to verify your identity. We aim to respond within 30 days (GDPR/UK) or 45 days (CCPA), with possible extensions where permitted.

Complaints: You can contact the UK Information Commissioner’s Office (ICO) at ico.org.uk or your local supervisory authority. We encourage you to contact us first so we can resolve your concern.

8) Cookies & tracking

We use cookies and similar technologies for essential site functionality, analytics, personalization, and advertising. Non‑essential cookies are used only with your consent collected through our cookie banner. You can change your preferences at any time via the banner or browser settings. See our Cookie Policy for details, including categories, purposes, and retention periods.

9) Security

We apply administrative, technical, and physical safeguards to protect personal data (e.g., encryption in transit, access controls, least‑privilege access, audit logging). We use Stripe to process card data and do not store raw card numbers or CVV. No system is completely secure; if we become aware of a breach affecting your data, we will notify you and relevant authorities as required by law.

10) Children

Our services are intended for individuals aged 16 and over. If we learn that we have collected personal data from a child under the applicable minimum age without appropriate consent, we will take steps to delete such information.

11) Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version with a new “last updated” date and, if changes are material, we will provide additional notice.

12) Contact us

Privacy contact
Postal address
LEARNITY GROUP LIMITED, 17, Raleigh Street, Plymouth, England, PL1 1ET
Phone