TeacherMatic Privacy Notice
1. Who are we, and what is this about?
We are Innovative Learning Technology Ltd., 16 Great Queen Street, Covent Garden, London, WC2B 5AH28 City Road, London, EC1V 2NX, UK, and the controller of this website. This is our privacy notice (“PN”), in which we provide you, as the data subject, with the information required to enable you to exercise your rights and to ensure transparent data processing.
As a UK company, we primarily adhere to the Data Protection Act 2018. Where required, we comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation.
This PN forms the basis on which we process any personal data we receive in connection with your use of and interaction with this website or any other online presence managed by us, including our social media presences and applications (“Apps”) (collectively referred to as the “Website”).
We are part of a group of companies (see
avallain.com) that has centralised certain processing operations (e.g., hosting, IT security, communication tools) to increase efficiency, security, and optimise costs. As a result, the data collected on the website is shared within the group of companies so that the group’s internal service providers can fulfil their designated tasks. The data protection requirements have been complied with, and we remain your contact person.
This website may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that they have their own PN, and we cannot be held liable or responsible for them.
This PN is as of October 29th, 2024. We reserve the right to adapt it at any time. The PN, as published here, is the applicable one.
2. What personal data do we process from you, for what purpose and with whom do we share it?
2.1. When you visit our website
When you visit our website, our servers temporarily save each access in a log file. The following technical data is collected without your intervention, as is the case with every connection to a web server, and stored by us until automatic deletion:
- the IP address of the requesting computer,
- the name of the owner of the IP address range (usually your internet access provider),
- the date and time of access,
- the website from which the access was made (referrer URL), if applicable, with the search term used,
- the name and URL of the retrieved file,
- the status code (e.g. error message),
- the operating system of your computer,
- the browser you use (type, version and language),
- the transmission protocol used (e.g. HTTP/1.1).
This data is collected and processed to enable the use of our website (establishing a connection), ensure system security and stability on a permanent basis, optimise our Internet offering, and for internal statistical purposes. For the mentioned purposes, we rely on our legitimate interests (Article 6(1)(f) GDPR).
To this end, we are supported by our partners, who are subject to data protection regulations. We have carefully selected these partners, and they are contractually obliged to comply with data protection regulations, especially regarding data security.
These are (with links to their respective PN):
2.2. If you write to us via the contact form
This website allows you to contact us via a contact form. If you choose to contact us in this way, you consent (Article 6(1) point (a) GDPR) to us processing your email address, surname, first name, as well as the content of our conversation, to communicate with you until we are satisfied that you are happy with it, and then archiving or deleting the data in accordance with legal requirements.
2.3. If you contact us via email or telephone
You consent (Article 6(1)(a) GDPR) to us processing your personal data, including your email address, surname, first name, organisation (if applicable), country of residence, telephone number, and proposed appointment date (if applicable). We will also process the content of our conversation so we can communicate with you. We will retain this information until our communication is satisfactorily concluded, after which it will be archived or deleted in accordance with legal requirements.
To this end, we are supported by our partners, who are themselves subject to data protection regulations and are contractually obliged to comply with data protection, particularly with regard to data security.
These are (with links to their respective PN):
2.4. When you open an account with us and use our services
You can open an account to use our services. We need your personal data to do this; otherwise, we cannot open the account for you or provide you with our services.
The creation and subsequent use of an account is voluntary and based on your consent (Article 6(1)(a) GDPR). We require your surname, first name, and email address. If you are a business customer, we may also ask for your billing address. We subsequently process when you were logged in and for how long, your account settings and preferences, your interaction with the website, use of the services, email personalisation, resolving support enquiries, for features such as autocompletion and sharing outputs (should you have chosen to do so) and for the creation and management of your customer account, including contacting you in this regard.
If you have an account, you are free to enter additional information about yourself, such as the address, which you can subsequently delete.
This account data will be processed by us until your account is deleted and then archived for as long as we are legally or contractually obligated to do so. Components of the account data we are not obliged to archive will be anonymised for statistical analysis or deleted.
Our partners, who are themselves subject to data protection regulations, support us in creating and managing customer accounts. We have carefully selected these partners and are contractually obliged to comply with data protection regulations, particularly concerning data security.
These are (with links to their respective PN):
- WooCommerce Ireland Ltd., Ireland, e-commerce platform and services provider,
https://automattic.com/privacy/
- OpenAI, USA, provider of LLM for our services via OpenAI API,
https://openai.com/policies/privacy-policy/
- Terus Technology Ltd, UK, education technology company used for development and support services,
https://teruselearning.co.uk/
- Amazon Web Services, Inc., USA, Infrastructure Hosting,
https://aws.amazon.com/privacy/,https://aws.amazon.com/compliance/data-protection/
- WPEngine, USA, System Infrastructure Provider,
https://wpengine.com/legal/privacy/
2.5. When you buy our services online
To benefit from our services, you or your organisation must conclude a contract with us. To do this, we need data such as your surname, first name, title, organisation (if applicable), telephone number, email address, billing address and payment method. This enables us to assess whether we should establish a business relationship with you or your organisation and make a decision based on that evaluation. Secondly, it allows us to provide the requested services to you or your organisation as part of fulfilling the contract (as outlined in Article 6(1)(b) of the GDPR).
We will retain all of this information as required by law. After your purchase as an existing customer, we reserve the right to inform you via email about our offers for goods or services similar to those you have already purchased, to invite you to events or to ask you to rate us and our performance if you do not object to this. We also analyse the purchasing behaviour of our existing customers on an individual and segmented basis to adapt our offer to the demand and thereby forecast. This includes advertising on social media (e.g., for so-called Lookalike Audience campaigns). If you use your customer account for a purchase, this transaction will be associated with your account.
For contract processing, delivery, credit assessment, analysis, communication, invoice, and card payment, we are supported by our partners, who are themselves subject to data protection regulations. We have carefully selected these partners and are accordingly contractually obliged to comply with data protection, particularly with regard to data security. Please note that we do not obtain your payment information from our payment processing providers.
These are (with links to their respective PN):
2.6. If you subscribe to our newsletter
If you decide to subscribe to our newsletter, you consent (Article 6(1)(a) GDPR) to us processing your email address, surname, first name, title, your organisation (if applicable) and your interaction with our newsletter to send you our newsletter by email, to ensure that you receive it and, if necessary, to improve our offering based on your interaction. This includes the use for further advertising purposes on social media (e.g. for so-called lookalike audience campaigns). You can withdraw your consent at any time via the options provided in the newsletter itself with effect for the future.
For the creation, sending, confirmation of receipt, and interaction tracking of our newsletter, we are supported by our partners, who are themselves subject to data protection regulations. We have carefully selected these partners and are correspondingly contractually obliged to comply with data protection, particularly with regard to data security.
These are (with links to their respective PN):
2.7. If you engage with us as an affiliate, reseller or distributor
If you participate in our affiliate program, we may require additional contact information, such as a telephone number and PayPal/bank information, as required by our onboarding and compliance procedures.
2.8. If you follow our presence on social media
If you decide to follow our presence on social media and communicate with us via social media, you consent to us processing your username for the purpose of managing and analysing our followers (including for advertising purposes) and the content of any interaction with us or our content. You can unsubscribe at any time with immediate effect.
We are responsible for the operation of such a presence together with the operator of the respective platform: we are responsible for the processing of your data as described above, the platform operator is responsible for the processing of your data in accordance with the participation agreement between you and the platform operator itself.
We have presence on the following social media (with links to their respective PN):
- Meta Platforms Ireland Limited, Ireland, Facebook,
www.facebook.com/about/privacy
- LinkedIn Ireland Unlimited Company, Ireland, LinkedIn,
https://de.linkedin.com/legal/privacy-policy
- X (Twitter) International Unlimited Company, Ireland,
https://x.com/en/privacy
- Google Ireland Limited, Ireland, YouTube,
https://policies.google.com/privacy?hl=de#intro
3. Which third-party technologies have we embedded?
We use various technologies from (other) third parties on our website, e.g. cloud infrastructure, analytics, segmentation, marketing, social media integration, security, media display, CRM integration, etc. In their respective PNs, these
explain,
which data they process for which purposes, for how long, with whom they share it, what rights you have, and how you can exercise them. If applicable, you may opt out of such processing, for which we provide the relevant links below in such cases. You can also make appropriate settings in your Internet browser that prevent, for example, cookies from being stored on your device or tracking technologies from being used. Depending on the provider, you can create and manage these settings in your Internet browser under privacy, security or data protection settings. You can also always manage your cookie preferences and settings in our cookie consent management tool
CookieYes.
These third-party providers are (with links to their respective PNs and opt-out options, if applicable):
- Google Workspace API, integration of Google Classroom, data processing are limited to providing core functionalities (UID, course information, assignment submissions, grades); such data is not used for AI or ML training purposes (see Google above)
- Heap, automatic event tracking and data analytics of website and app usage, improving user experience and conversion rates,
https://www.heap.io/privacy,
https://help.heap.io/category/data-privacy/
- Meta Platforms, Inc., USA, Meta (Facebook) Pixel & Conversion API, analysis of website use and optimisation of advertisement,
https://www.facebook.com/privacy/policy/
- LinkedIn Ireland Unlimited Company, Ireland, LinkedIn Insight Tag for conversion tracking, website audiences and website demographics,
https://www.linkedin.com/legal/privacy-policy
- Hotjar Ltd., EU, analysis of website use,
https://www.hotjar.com/legal/policies/privacy/, Opt-out:
https://www.hotjar.com/policies/do-not-track/
- CHEQ, ClickCease service for click fraud detection and prevention, data collection for fraud prevention purposes, including IP addresses, device information, and cookies, in compliance with GDPR and CCPA regulations,
https://support.clickcease.com/hc/en-us/articles/16111797774865-CHEQ-s-GDPR-and-CCPA-Ready
- AnnounceKit, a service for displaying announcements and updates on our website, collects data such as user interactions and preferences to improve user experience and engagement,
https://announcekit.app/gdpr-compliance
4. Do we disclose your personal data abroad?
We work with various partners at home and abroad (see above). In principle, these are located in countries with an appropriate level of data protection. If disclosure to individual countries requires additional protection, we ensure this by agreeing to standard data protection clauses approved by the authorities with such partners such as the SCC as adopted by the European Commission in its Implementing Decision (EU) 2021/914 of June 4, 2021, on standard contractual clauses for transfers of personal data to third countries in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) or by relying on the self-certification of such partners under the relevant frameworks such as the EU-US Data Privacy Framework with the UK Extension. You may obtain a copy of these upon request.
5. What are your rights towards us?
You have the right:
- To request information about, correction or deletion of your personal data;
- To request us to restrict the processing of your personal data, in particular, to object to the processing of your personal data for marketing purposes;
- To request us to provide a digital file of your personal data (data portability) to yourself or a legal person appointed by you.
You can withdraw your consent to processing your personal data for the specified purposes at any time with immediate effect.
You also have the right to file a complaint with the competent authority.
6. Applicable Law
The law applicable to our processing of personal data is primarily UK law, particularly UK data protection laws and regulations. Where and to the extent required by mandatory law, we also adhere to EU and Swiss data protection laws.
We are Registered with the UK Information Commissioner’s Office — reference number ZB626058.
7. How can you exercise your rights against us?
If you have any questions about this PN or wish to exercise your rights, please contact us in writing either by postal mail (see above) or by email as follows:
dpo@teachermatic.com
8. Updates to this Privacy Notice
We may update this Privacy Notice periodically to reflect legal changes or modifications in our data handling practices.
New versions will be promptly published on our website, and by continuing to use our site after updates, you agree to the revised terms. We suggest reviewing this page regularly to stay informed of any changes.