Privacy Policy
Your privacy matters to us. This comprehensive policy explains how monabmalvia collects, uses, and protects your personal information when you use our business finance education platform.
Last Updated: January 15, 2025
Introduction and Scope
monabmalvia operates as an educational platform focused on business finance fundamentals for professionals and entrepreneurs in the United Kingdom. This privacy policy applies to all services provided through monabmalvia.com, including our learning programs, resources, and communication channels.
We are committed to protecting your personal data in accordance with the UK Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR). This policy explains your rights and how we fulfil our obligations as a data controller.
By using our services, you acknowledge that you have read and understood this privacy policy. If you do not agree with our practices, please do not use our platform.
Information We Collect
Personal Information You Provide
- Contact details including name, email address, phone number, and postal address
- Professional information such as job title, company name, and industry sector
- Educational background and learning preferences
- Payment information for course enrollments and services
- Communication preferences and marketing consent
Automatically Collected Information
- Device information including IP address, browser type, and operating system
- Usage data such as pages visited, time spent on platform, and interaction patterns
- Technical data including cookies, session tokens, and authentication records
- Performance metrics and error logs for platform improvement
How We Use Your Information
We process your personal data based on legitimate interests, contractual necessity, and your consent where applicable. Our primary purposes include:
| Purpose | Legal Basis | Data Types |
|---|---|---|
| Course delivery and progress tracking | Contractual necessity | Contact details, learning progress |
| Customer support and communication | Legitimate interest | Contact information, inquiry details |
| Platform improvement and analytics | Legitimate interest | Usage data, technical information |
| Marketing communications | Consent | Contact details, preferences |
We do not sell your personal information to third parties. Any data sharing occurs only within the boundaries described in this policy and with appropriate safeguards in place.
Data Sharing and Third Parties
We work with carefully selected third-party service providers to deliver our educational services effectively. These relationships are governed by strict data processing agreements:
Service Categories
- Payment processors for secure transaction handling
- Email service providers for communication and marketing
- Cloud hosting services for platform infrastructure
- Analytics providers for usage insights and improvement
- Customer support platforms for inquiry management
All third-party processors are required to implement appropriate technical and organizational measures to protect your data. We conduct regular assessments of their security practices and data handling procedures.
Your Rights Under UK GDPR
As a data subject, you have comprehensive rights regarding your personal information. We have implemented straightforward procedures to help you exercise these rights:
Right of Access
Request copies of your personal data and information about how we process it
Right to Rectification
Correct inaccurate or incomplete personal information we hold about you
Right to Erasure
Request deletion of your personal data under specific circumstances
Right to Portability
Receive your data in a structured, machine-readable format
Right to Object
Object to processing based on legitimate interests or for marketing purposes
Right to Restrict
Limit how we process your data while we address your concerns
To exercise any of these rights, contact our Data Protection Officer using the details provided at the end of this policy. We will respond to your request within one month, though complex requests may take up to three months with appropriate notification.
Data Security and Protection
We implement robust security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security framework includes:
- End-to-end encryption for data transmission and storage
- Multi-factor authentication for administrative access
- Regular security audits and vulnerability assessments
- Secure backup procedures with encrypted off-site storage
- Staff training on data protection and security protocols
- Incident response procedures for potential data breaches
While we implement comprehensive security measures, no system can guarantee absolute security. We continuously monitor and update our security practices to address emerging threats and maintain the highest standards of data protection.
Data Retention and Deletion
We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy and to comply with legal obligations. Our retention periods vary based on data type and usage:
Retention Periods
- Account information: Retained while account is active plus 3 years after closure
- Course progress and certificates: Retained for 7 years to support continuing education records
- Marketing communications: Retained until consent is withdrawn or 2 years of inactivity
- Payment records: Retained for 6 years to comply with financial regulations
- Technical logs: Retained for 12 months for security and performance analysis
When retention periods expire, we securely delete or anonymize your data using industry-standard procedures. You can request early deletion of your data, subject to any legal obligations that require retention.
Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your experience on our platform, analyze usage patterns, and provide personalized content. Our cookie usage includes:
Essential Cookies
These cookies are necessary for platform functionality, including user authentication, session management, and security features. They cannot be disabled without affecting core site functionality.
Analytics Cookies
We use analytics cookies to understand how users interact with our platform, identify popular content, and improve user experience. These cookies collect anonymized data about page visits and user behavior.
Marketing Cookies
With your consent, we use marketing cookies to deliver relevant content and track the effectiveness of our campaigns. You can manage these preferences through our cookie consent banner.
You can control cookie settings through your browser preferences or our cookie management tool. Disabling certain cookies may affect your experience on our platform.
International Data Transfers
While we primarily process data within the United Kingdom, some of our service providers may process data outside the UK and European Economic Area. When international transfers occur, we ensure adequate protection through:
- Standard Contractual Clauses approved by UK authorities
- Adequacy decisions recognizing equivalent protection levels
- Binding Corporate Rules for multinational service providers
- Additional safeguards and security measures as appropriate
We regularly review international data flows and update our safeguards to ensure continued compliance with UK data protection requirements.
Changes to This Policy
We may update this privacy policy periodically to reflect changes in our practices, legal requirements, or service offerings. When we make significant changes, we will:
- Notify you via email if you have an active account
- Display a prominent notice on our platform
- Update the "Last Updated" date at the top of this policy
- Provide a summary of key changes when appropriate
We encourage you to review this policy regularly to stay informed about how we protect your privacy. Continued use of our services after changes indicates acceptance of the updated policy.