top of page

Privacy Policy

​

​

​

Effective Date: October 21, 2025

 

Sport Smarts Education Ltd ("we", "us", "our", or the "Company") is committed to protecting your privacy and ensuring the security of your personal data. We operate the website www.sportsmartsedu.com (the "Website") and provide online and blended training courses in sports coaching and education. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), and relevant international laws, including the EU GDPR where applicable to EU residents. We also adhere to customer protection principles under the Consumer Rights Act 2015 and equivalent international standards.

By using our Website or services, you consent to the practices described herein. If you do not agree, please do not use our services.

 

Who We Are

Sport Smarts Education Ltd is a limited company registered in England and Wales under company number [16362463], with its registered office at [176 Brougham Street, Manchester, M28 0SW United Kingdom]. We are the data controller responsible for your personal data. For queries, contact us at:
Email: sportsmartseducation@hotmail.com

 

What Personal Data We Collect

We collect personal data to provide and improve our educational services. This includes:

 

  • Identity Data: Name, date of birth, gender, and photographs (e.g., for course certification).

  • Contact Data: Email address, postal address, and telephone number.

  • Course and Enrolment Data: Course selections, progress records, assessment results, and qualifications.

  • Technical Data: IP address, browser type, device information, and usage data (e.g., pages visited).

  • Marketing and Communications Data: Preferences for receiving updates and feedback.

  • Special Category Data (processed only where necessary): Health information (e.g., for accessibility accommodations) or details relevant to coaching certifications.

 

We do not collect sensitive data without explicit consent or legal basis. For users under 18, we require parental/guardian consent in line with child protection laws, including the Children's Online Privacy Protection Act (COPPA) for US users under 13.

 

 

 

 

How We Collect Your Data

 

  • Directly from You: Via enrolment forms, course bookings, contact forms, or communications.

  • Automatically: Through cookies, analytics tools, and Website interactions (see Section 9 for cookies).

  • From Third Parties: Payment processors (e.g., Stripe), learning management systems (e.g., Moodle), or partners for verification (e.g., qualification bodies like Sports Coach UK).

 

How We Use Your Personal Data

 

We process your data fairly, lawfully, and transparently. Our legal bases under UK GDPR Article 6 include:

Purpose

Examples of Use

Legal Basis

Service Delivery

Administering enrollments, delivering courses, issuing certificates.

Contract (Art. 6(1)(b))

Communication

Sending course updates, invoices, or support queries.

Contract/Legitimate Interests (Art. 6(1)(b)/(f))

Improvement

Analyzing usage to enhance courses; feedback surveys.

Legitimate Interests (Art. 6(1)(f))

Marketing

Sending newsletters or promotions (opt-out available).

Consent (Art. 6(1)(a))

Compliance

Preventing fraud, meeting regulatory requirements (e.g., CPD logging).

Legal Obligation (Art. 6(1)(c))

Special Category Processing

Accessibility support or health-related accommodations.

Explicit Consent or Substantial Public Interest (Art. 9(2)(a)/(g))

For special category data, we conduct Data Protection Impact Assessments (DPIAs) as required.

 

Sharing Your Personal Data

 

We share data only where necessary and with safeguards:

 

  • Service Providers: Hosting (e.g., AWS UK region), payment gateways (e.g., Stripe, compliant with PCI DSS), and email tools (e.g., Mailchimp, DPA processors).

  • Partners: Accrediting bodies (e.g., for certification) or collaborators for blended courses.

  • Legal/Regulatory: If required by law, courts, or authorities (e.g., ICO audits).

  • Business Transfers: In mergers, with equivalent protections.

 

We do not sell your data. International transfers (e.g., to EU partners) use Standard Contractual Clauses (SCCs) or adequacy decisions, ensuring UK GDPR-equivalent protections.

​

Data Security

 

We implement appropriate technical and organizational measures, including:

 

  • Encryption (e.g., SSL/TLS for transmissions).

  • Access controls, firewalls, and regular audits.

  • Anonymization where possible for analytics.

 

In case of a breach, we notify affected individuals and the ICO within 72 hours, as per UK GDPR Article 33.

 

Data Retention

 

We retain data only as long as necessary:

  • Course records: 6 years post-completion (for audits/tax).

  • Marketing data: Until opt-out or 2 years inactivity.

  • Technical data: 26 months for analytics.

Afterwards, data is securely deleted or anonymized. See our full retention policy upon request.

 

Your Rights

 

Under UK GDPR Chapter III, you have rights regarding your data. Contact our DPO to exercise them (free of charge, subject to limits):

  • Access: Request a copy.

  • Rectification: Correct inaccuracies.

  • Erasure: Delete data (subject to legal holds).

  • Restriction: Limit processing during disputes.

  • Portability: Receive data in structured format.

  • Object: To marketing or legitimate interests processing.

  • Withdraw Consent: At any time (without affecting prior processing).

We respond within one month. For complaints, contact the ICO at www.ico.org.uk or 0303 123 1113.

 

Cookies and Tracking

 

Our website uses cookies for functionality, analytics (e.g., Google Analytics, anonymised), and preferences. You can manage via browser settings or our cookie banner. Essential cookies cannot be rejected. See our Cookie Policy for details.

               International Considerations For international users:

  • EU/EEA: Full GDPR equivalence applies.

  • US: Compliance with state laws (e.g., CCPA/CPRA for California residents: rights to know, delete, opt-out of sales; no sales occur).

  • Other Jurisdictions: We align with local laws (e.g., PIPL for China) via adequacy or clauses.

We monitor global laws like Brazil's LGPD.

            

Children's Privacy

 

Our services may involve users aged 14+ (per course requirements). For under-18s, we obtain verifiable parental consent. We do not knowingly collect data from children under 13 without consent.

 

Changes to This Policy

 

We may update this policy to reflect legal changes or operations. Significant updates will be notified via email or Website notice. Continued use constitutes acceptance.

 

Contact Us

 

For questions: sportsmartseducation@hotmail.com. This policy complies with ICO guidance on transparency and best practices

​

​

bottom of page