Privacy Policy

Effective date: 01/03/2025
Last updated: 26/09/2025

ELT Specialist (“we”, “our”, “us”) is committed to protecting your privacy and handling your personal data in accordance with the UK GDPR, the Data Protection Act 2018, and other applicable laws. This Privacy Policy explains what data we collect, how we use it, and your rights.

1. Who We Are

We provide consultancy, training, and online courses in English language teaching and education. Our registered base is in the United Kingdom, and we work with clients and learners in the UK, EU, and internationally.

For questions about this Privacy Policy, contact:
Email: beatrice@eltspecialist.com

2. What Data We Collect

We may collect the following types of personal data:

  • Contact information – name, email address (e.g., for enquiries, course enrolments, newsletters, research clients).
  • Payment information – billing details processed securely via Stripe.
  • Learning progress – enrolment records, activity, and completion data when you use our online courses on LearnWorlds.
  • Newsletter data – your email address when you subscribe via Substack.
  • Research-related data – we may hold client contact details and, in some cases, data provided by clients about research participants, but clients remain the primary data controllers. Any participant data we hold will only be stored temporarily while research is conducted.
  • Technical data – IP address, browser type, device information (collected automatically when you use our website or platforms).
  • Website interactions – comments, login details, cookies, and any data submitted when using features of our site (see Section 8).

3. How We Collect Data

  • Directly from you (e.g., when you enrol, subscribe, contact us).
  • Through third-party platforms (LearnWorlds, Stripe, Substack, Zoom, Microsoft Teams) when you use our services.
  • Automatically, through website analytics and cookies (see our [Cookie Policy/section]).

4. Why We Use Your Data

We process your personal data for the following purposes:

  • To provide services, courses, and resources you request.
  • To process payments and issue invoices.
  • To track learning progress and issue certificates.
  • To send newsletters and updates (with your consent).
  • To communicate about research projects and deliver agreed services.
  • To manage website functionality, security, and spam detection.
  • To improve our services, maintain security, and meet legal obligations.

5. Our Legal Basis for Processing

We rely on the following lawful bases under UK GDPR:

  • Contract – to provide services or courses you purchase.
  • Consent – when you subscribe to newsletters or agree to cookies.
  • Legal obligation – to meet financial, tax, and regulatory requirements.
  • Legitimate interests – to run and improve our business in ways that do not override your rights.

6. Sharing Your Data

We only share data where necessary to deliver our services:

  • LearnWorlds – course hosting and learner progress tracking.
  • Stripe – payment processing (we do not store your card details).
  • Substack – newsletter management.
  • Zoom/Microsoft Teams – online classes or webinars.
  • Professional service providers – such as accountants or IT support.

We do not sell your data.

If data is transferred outside the UK/EU (e.g., by third-party providers), we ensure appropriate safeguards such as Standard Contractual Clauses.

7. How Long We Keep Data

  • Contact and client data – as long as necessary for our relationship and legal obligations.
  • Payment records – 6 years (for tax purposes).
  • Learning data – until you close your account or request deletion.
  • Newsletter subscriptions – until you unsubscribe.
  • Research participant data (if held) – only for the short period required to complete the project, after which it is securely deleted.
  • Website comments/accounts – retained as long as necessary (see Section 8).

8. Website Interactions

Comments

When visitors leave comments, we collect the data shown in the comments form, along with the visitor’s IP address and browser user agent string to help detect spam. An anonymised string created from your email address (hash) may be provided to the Gravatar service. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture may be visible to the public in the context of your comment.

Media

If you upload images, you should avoid uploading images with embedded location data (EXIF GPS). Visitors to the website can download and extract location data from images.

Cookies

If you leave a comment, you may opt-in to saving your name, email address and website in cookies (for convenience). These cookies last for one year.

  • Temporary cookies may be set when you log in to determine if your browser accepts cookies.
  • Login cookies last two days; display option cookies last one year.
  • If “Remember Me” is selected, login persists for two weeks.
  • Editing or publishing an article will save a cookie in your browser (no personal data included).

For further details on cookies, see our Cookie Policy.

Embedded Content from Other Websites

Articles may include embedded content (e.g., videos, images, articles). Embedded content from other websites behaves as if you visited that website directly and may collect data, use cookies, and track your interaction.

Website Accounts

If you register for an account, we store the personal information provided in your profile. You can view, edit, or delete your personal information at any time (except usernames). Website administrators can also access and edit this information.

Data Retention (Website)

  • Comments and their metadata are retained indefinitely (to recognise and approve follow-ups automatically).
  • Account data is retained until the account is deleted.
  • Password reset requests include the IP address.
  • Visitor comments may be checked via an automated spam detection service.

9. Your Rights

You have the following rights under UK GDPR:

  • To access, correct, or update your data.
  • To request deletion (“right to be forgotten”).
  • To restrict or object to processing.
  • To withdraw consent (e.g., unsubscribe from newsletters).
  • To request data portability.

To exercise these rights, contact us at beatrice@eltspecialist.com. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the UK.

10. How We Protect Your Data

We use technical and organisational measures including:

  • Secure servers and password protection.
  • Encrypted connections (SSL/HTTPS).
  • Restricted access to personal data.
  • Contracts with third-party providers requiring data protection compliance.

11. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in law or our practices. Updates will be published on our website, with the effective date shown at the top.