Privacy Policy
Effective Date: January 2021
Last Updated: 25 September 2025
Who we are
This Privacy Policy explains how Peter Paul Parker, trading as Bright Beings Academy (“we”, “us”) collects and uses your information when you use our websites:
https://brightbeingsacademy.com
(including any subdomains, together the “Sites”).
We are the data controller for personal data processed through the Sites. Contact: [email protected].
This Policy does not cover information we collect offline (e.g., at live events, by phone or post).
Changes to this Policy
We may update this Policy occasionally. We’ll post changes on this page and adjust the “Last Updated” date. Continued use of the Sites means you accept the updated Policy.
What we collect
We may collect:
Identity & Contact Data: name, email, phone, postal address.
Account Data: login details, preferences, support queries.
Transaction Data: purchases, subscriptions, order history (payment details are handled by our payment processors; we don’t store full card numbers).
Marketing & Communications Data: your preferences for receiving updates.
Technical & Usage Data: IP address, device identifiers, browser type, time zone, page views, referral URLs, and interactions with our content (collected via cookies, pixels and similar tech).
User-Generated Content: comments, messages, uploads you provide via forums, forms or social platforms.
How we collect it
Directly from you: forms, account sign-ups, purchases, emails, event registrations.
Automatically: cookies, pixels, beacons and similar technologies.
From third parties: analytics providers (e.g., Google), ad platforms (e.g., Facebook), payment processors, email service providers, webinar/learning platforms.
Cookies & similar technologies
We use cookies and similar tools to operate the Sites, remember preferences, analyse traffic, and personalise content/ads. You can control cookies in your browser settings. Blocking some cookies may impact site functionality.
Google’s partner policy: https://policies.google.com/technologies/partner-sites
Manage Google Ads settings: https://adssettings.google.com
Network Advertising Initiative opt-out: https://optout.networkadvertising.org
Lawful bases (UK GDPR)
We process personal data on the following bases:
Contract: to provide products/services you request.
Consent: e.g., email marketing, certain cookies/advertising.
Legitimate Interests: running our Sites, preventing fraud, improving content, relevant marketing to our audience.
Legal Obligation: tax, accounting and compliance requirements.
How we use your information
Provide and manage your access to programmes, events, courses and resources.
Process orders, payments, and customer service.
Send service messages (e.g., receipts, access links, policy updates).
Send marketing you’ve opted into (you can unsubscribe anytime).
Personalise content and measure effectiveness of our Sites and campaigns.
Run analytics, diagnostics, testing and security.
Comply with laws and enforce our terms.
Google Analytics (Advertiser Features)
We may enable features including Remarketing, Display Network Impression Reporting, DoubleClick integrations, and Demographics & Interests. First-party identifiers (e.g., the Google Analytics cookie) and third-party identifiers (e.g., DoubleClick) may be used together to understand site usage and improve ads (e.g., showing relevant ads to past visitors, or reminding you if you abandoned checkout).
You can opt out via Google Ads settings and/or the NAI link above.
As advertisers on Facebook, we may collect content or information from Facebook users consistent with this Policy and Facebook’s terms. We abide by Facebook’s Data Use Restrictions. Any Facebook advertising data is only shared with service providers acting on our behalf, and we require them to keep it secure and confidential. We do not use Facebook advertising data to build or append profiles beyond permitted purposes, and we do not transfer such data to ad networks or data brokers.
Sharing your information
We may share personal data with:
Service providers/Processors: payment processors, email/SMS platforms, CRM, analytics, hosting, webinar/LMS and customer support tools (only what’s necessary to perform their services).
Professional advisers: legal, accounting, compliance.
Authorities: where required by law or to protect rights, property or safety.
Business transfers: if we reorganise, merge or sell assets, data may transfer under equivalent safeguards.
We do not sell your personal data.
International transfers
Some providers may be outside the UK/EEA. Where this occurs, we rely on appropriate safeguards (e.g., UK Addendum to the EU SCCs or other lawful transfer mechanisms).
Retention
We keep personal data only as long as necessary for the purposes set out in this Policy, including satisfying legal, accounting or reporting requirements. We apply clear retention criteria (e.g., purchase records retained for statutory periods; marketing data retained until you unsubscribe or your consent is withdrawn).
Your rights (UK GDPR)
You may have the right to:
Access your personal data.
Rectify inaccurate or incomplete data.
Erase your data (“right to be forgotten”).
Restrict or object to processing.
Portability of certain data.
Withdraw consent where processing is based on consent (this won’t affect prior lawful processing).
To exercise rights, email [email protected]. You can also complain to the ICO (Information Commissioner’s Office) at https://ico.org.uk if you’re unhappy with our response.
Children’s privacy
Our Sites are not directed to children under 13, and we do not knowingly collect personal data from children under 13. If we learn we’ve collected such data, we’ll delete it. We do not knowingly allow children under 13 to post personal information publicly on the Sites.
Community areas & social media
Information you make public (e.g., comments, forums, social posts) can be seen and used by others. Please take care before sharing personal data in public areas; we’re not responsible for how third parties use information you make public.
Email marketing & unsubscribing
Our emails include an unsubscribe link. You can remove yourself from our mailing list at any time by clicking that link or contacting [email protected].
Security
We use appropriate technical and organisational measures to protect personal data. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
Third-party links & partners
Our Sites may link to third-party websites, apps or services. Their privacy practices are governed by their own policies. When you visit or purchase from a third party, your data is handled by them, not us.
Business changes
If our business is restructured or assets are transferred, customer information may be included in the transfer, subject to applicable law.
Contact
Questions, requests, or complaints about this Policy:
Email: [email protected]