Contact:+44 7399324221
Home > Privacy Policy

Privacy Policy

Privacy Policy for NIFM Academy
 
1. About us
NIFM Academy ("we", "us" or "our") operates nifmacademy.com as an online academy that helps people develop skills in finance, investments, stock?market analysis, accounting and related subjects. We are based in London, United Kingdom and offer educational courses to help you build your knowledge. We do not provide regulated financial advice – our content is for general information only and does not take your personal circumstances into account (see our Financial Disclaimer below). If you have questions about this policy or wish to exercise your rights, please contact us at info@nifmacademy.com.
 
2. What information we collect
We collect and process the following categories of personal data:
  • Contact information (such as your name, email address, postal address and telephone number) when you register an account, enrol on a course, submit an enquiry or subscribe to updates. This information is provided directly by you.
  • Account and profile data such as usernames, password hashes, course enrolments and progress records.
  • Payment and transaction data if you purchase a course; we use third?party payment processors and do not store full card details.
  • Communications including emails, support tickets, comments and messages that you send us.
  • Technical and usage data (IP address, browser type, device identifiers, pages visited, time spent on pages, clicks, referring pages) collected through cookies and analytics tools. We only place non?essential cookies and analytics trackers with your consent. For further details see Cookies below.
We do not intentionally collect special category data (such as health data or information about race or beliefs), nor do we knowingly collect data from children; the site is designed for adults aged 16 years and over. If we discover that we have inadvertently collected personal data from a child, we will delete it promptly.
 
3. Why we use your data and lawful bases
Under the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018, we must have a lawful basis for each purpose of processing. The table below summarises our purposes and the lawful bases we rely upon:
Purpose
Description
Lawful basis
To provide and administer our courses and website
Creating and maintaining your account; delivering course materials; providing access to content and support; notifying you about course progress.
Necessary for the performance of a contract between you and us (our terms of service) or to take steps at your request prior to entering into a contract.
To process payments
Facilitating course purchases via third?party payment processors; issuing invoices and receipts; keeping transaction records.
Necessary for performance of a contract and to comply with legal obligations (e.g., accounting, tax).
To communicate with you
Responding to your enquiries, technical support requests and feedback; sending administrative messages (e.g., password resets, order confirmations).
Our legitimate interests in running our business and providing customer service; contract (for enrolment communications).
Direct marketing (promotional emails)
Sending newsletters, updates or information about new courses, events or offers.
Consent (we will only send marketing emails if you have opted in). You may withdraw your consent at any time by clicking the unsubscribe link or contacting us.
Analytics and site improvement
Analysing usage patterns to improve our courses, website functionality and user experience.
Consent for non?essential analytics cookies; our legitimate interests in understanding how our services are used.
Legal and compliance
Complying with legal obligations, accounting, tax rules or law?enforcement requests; enforcing our terms and protecting our rights.
Legal obligation, legitimate interests or necessary for the establishment, exercise or defence of legal claims.
Where we rely on consent, you have the right to withdraw your consent at any time. Where we rely on legitimate interests, we have undertaken a balancing test to ensure that our interests do not override your fundamental rights and freedoms. We will explain the consequences of not providing your personal data if it is required to form a contract with us or meet statutory obligations.
 
4. How we share your data
We only share personal data when necessary:
  • Service providers – we engage trusted third parties to host our website and learning platform, process payments, provide email services, perform data analytics (e.g., aggregated website usage statistics) and provide customer support. These providers are contractually required to process your data only on our instructions and subject to confidentiality safeguards.
  • Legal requirements – we may disclose your data if required by law, to respond to legal requests, or to protect the rights and safety of our users and the public.
  • Business transfers – if we reorganise or sell our business, your data may be transferred to the acquiring entity, subject to the same protections.
We do not sell or rent your personal data to third parties for their own marketing purposes.
 
5. International transfers
Our service providers may be located outside the United Kingdom. When personal data is transferred outside the UK it becomes a restricted transfer. We will ensure that either the destination country has been deemed adequate by the UK government or appropriate safeguards such as the UK International Data Transfer Agreement or standard contractual clauses are in place. We will only transfer data where there is a lawful basis and we have assessed the level of protection. You may request a copy of the safeguards we rely upon via the contact details above.
 
6. Cookies and similar technologies
We use cookies and similar technologies on our website. Cookies are small text files placed on your device to enable core functionality or to remember your preferences. Essential cookies are required for the website to work (for example, to keep you logged in or maintain your shopping basket) and do not require consent. Non?essential cookies (e.g., analytics and advertising cookies) require your opt?in consent; we do not set them unless you actively agree. Our cookie banner gives you equal options to accept or reject non?essential cookies and explains what each cookie does. You can withdraw consent and change your preferences at any time via our cookie settings link.
 
7. Data retention
We keep personal data only for as long as necessary for the purposes we collected it. The criteria we use to determine retention periods include legal requirements (e.g., keeping transaction records for at least six years for tax compliance), contractual obligations and our legitimate interests. When data is no longer needed, we either delete it or anonymise it so that it can no longer identify you. For example:
  • Account information is retained while your account is active and for up to seven years after closure to deal with queries or disputes.
  • Transaction records are retained for at least six years in line with tax laws.
  • Marketing preferences are kept until you opt out or withdraw consent.
  • Technical logs and analytics data are retained in aggregate form for site optimisation and then deleted or anonymised.
 
8. Security
We take appropriate technical and organisational measures to protect your personal data. These include:
  • encryption of data in transit (HTTPS) and at rest where possible;
  • regular security audits, vulnerability assessments and access controls;
  • limiting access to your data to authorised staff who need it to perform their duties;
  • secure coding practices and regular backup procedures to ensure data integrity and availability.
No system is completely secure, but we continually evaluate and improve our security measures to reduce risk. If we become aware of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the UK Information Commissioner’s Office where required by law.
 
9. Your rights
The UK GDPR provides individuals with several rights regarding their personal data. You can:
1. Right to be informed – You have the right to clear, transparent information about how we use your data. This Privacy Policy forms part of that information.
2. Right of access – You can request a copy of your personal data and other information about how we process it.
3. Right to rectification – You can ask us to correct inaccurate or incomplete personal data.
4. Right to erasure – You can request deletion of your personal data under certain circumstances (for example, when the data is no longer needed or you withdraw consent).
5. Right to restrict processing – You can ask us to suspend processing of your data if you contest its accuracy or object to our use of it.
6. Right to data portability – You can request that we provide your data to you or to another organisation in a structured, commonly used, machine?readable format.
7. Right to object – You can object to processing based on legitimate interests or direct marketing; we must stop unless we have compelling legitimate grounds.
8. Rights related to automated decision?making and profiling – We do not use your data to make solely automated decisions that have legal or similarly significant effects.
You may exercise your rights by contacting us. We may need to verify your identity to protect your data and we will respond within one month as required by law. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you are unhappy with how we handle your personal data (see www.ico.org.uk for contact details).
 
10. Direct marketing and preferences
You have an absolute right to object to direct marketing. When you opt in to receive promotional emails, we use your consent to send newsletters and course information. You can withdraw consent and opt out at any time by clicking the “unsubscribe” link in any marketing email or by contacting us. We maintain a suppression list of individuals who have opted out to ensure we do not send unwanted communications.
 
11. Financial Disclaimer
NIFM Academy provides educational content on finance, investments, accounting and related topics. The information we provide is general in nature and for educational purposes only; it is not tailored to your personal circumstances and does not constitute legal, tax or financial advice. We are not authorised or regulated by the Financial Conduct Authority, and we do not offer personal recommendations or portfolio management services. Any examples, analyses or strategies described are for illustration and should not be construed as recommendations. Before making any financial decisions, you should consider seeking independent financial advice. The FCA’s guidance notes that giving factual information about investments without making a personal recommendation does not constitute regulated advice. Conversely, personalised recommendations about specific financial instruments may amount to regulated financial advice; we do not provide such recommendations.
 
12. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we do, we will revise the “last updated” date at the top of the policy and, where appropriate, notify you via email or through a notice on our website. We encourage you to review this policy periodically. If you continue to use our services after we update the policy, you agree to the revised terms.