The Corporate Law Academy (“TCLA”) is committed to being transparent with you about how we handle personal information.
This policy explains what data we collect and why, how we handle that data, and your rights to your data.
The policy applies to all products and services built and maintained by TCLA, including the TCLA website and forum, our subscription product TCLA Premium, our additional mock interviews and application review services, as well as the ways in which you otherwise interact with us.
Most of the personal information we process is provided to us directly by you for one of the following reasons:
The specific information we collect and why we collect this information, as well as the situations in which we indirectly collect personal information is as follows:
To access certain parts of TCLA, such as the forum, TCLA Premium, and our free courses, you'll need to register for an account with TCLA.
To do so, you'll need to provide us with certain personal information, such as your name, email address, and login details, such as your username and password.
Under the General Data Protection Regulation (“GDPR”), we process this information because we have a legitimate interest. By providing this information, we can personalise your new account, provide you with access to digital content and the forums, and we can send you updates, or other essential information based on what you have signed up for.
We also give you the option to add a profile picture that displays in our forum. This allows you to personalise your profile in the forum. The rest of the information you post in the forum Billing Information
When you pay for a TCLA product or service, such as TCLA Premium, application reviews, the video interview simulator, or our mock interview service, we ask for your credit card and billing details. Under the GDPR, we process this information because we have a contractual obligation, so we can deliver the service you have paid for.
Your credit card is passed directly to our payment processor and doesn’t ever go through our servers. We store a record of the payment transaction, including the last 4 digits of the credit card number and as-of billing address, for account history, invoicing, and billing support. We store your billing address to calculate any tax due, to detect fraudulent credit card transactions, and to print on your invoices.
We may verify whether you have a current subscription with us by looking at your account information and payment plan. We verify this information in order to approve your access to certain groups as part of your subscription and remove access when your subscription has lapsed, such as the TCLA Premium private forum and Gold members only forum. We may log cases where you use an alternative email address so we can make sure your access to the premium forums are uninterrupted.
From time-to-time, we may also look at your account information to analyse financial data, such as to calculate the payment to our affiliates or track subscription growth. Under the GDPR, we process this information on the basis of a legitimate interest. We take due care to balance this interest against the right of privacy and we only look at the information necessary for our calculations.
When you use some of the features of our Premium Services such as to book a mock interview or use the application review service, we may process additional information such as your employment history and education history. We may also process mitigating circumstances and other information present on your Curriculum Vitae.
We may process this information in order to provide you with our services in a way that is tailored to your particular circumstances. Under the General Data Protection Regulation (GDPR), we process this information because we have your consent and you voluntarily submit this information to us. You are able to remove your consent at any time. You can do this by contacting [email protected].
From time-to-time, we find that spam accounts use TCLA. We log all access to all accounts by full IP address so that we can always verify no unauthorised access has happened and to determine if an account is legitimate. We keep this login data for as long as your account is active.
We also log this information in case we need to ban a user’s IP address from TCLA for a breach of our terms and rules.
When you browse TCLA, your browser automatically shares certain information such as which operating system and browser version you are using. We may track that information, along with the pages you are visiting, page load timing, and which website referred you for statistical purposes like conversion rates and website traffic information. We may track specific link clicks to help inform some design decisions. This information is only processed in a way that does not directly identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
We use RECAPTCHA services across our applications as a means of spam protection. We have a legitimate interest in protecting our apps and the broader community from spam. When you log into your accounts and fill specific forms, the RECAPTCHA service evaluates various information (e.g IP address, how long the visitor has been on the app, mouse movements) to check whether the data is possibly filled out by an automated program instead of a human.
We do use persistent first-party cookies to store certain preferences, make it easier for you to use our applications, and support some in-house analytics. A cookie is a piece of text stored by your browser to help it remember your login information, site preferences, and more. You can adjust cookie retention settings in your own browser. To learn more about cookies, including how to view which cookies have been set and how to manage and delete them, please visit: www.allaboutcookies.org.
When you write to TCLA with a question or to ask for help, we keep that correspondence, including the email address, so that we have a history of past correspondences to reference if you reach out in the future.
We also store any information you volunteer like surveys. Sometimes when we do customer interviews, we may ask for your permission to record the conversation for future reference or use. We only do so if you give us your express consent.
You may choose to provide us with other personal information. For example, we may collect your name, email address and other personal information when you fill out a survey, participate in a TCLA contest or promotion, request customer support, or otherwise communicate with us.
We access or share your information to support the running of our business or provide you with the products and services you have requested:
With service providers: We use service providers to support our business. In doing so, we share personal information with independent contractors, consultants, agencies and payment processors, and other service providers that provide us with certain services and process personal information on our behalf. These services may include providing customer support, performing business and sales analysis, managing our subscription database, supporting our website functionality and design, facilitating payment processing, and supporting contests, surveys, and other features offered on TCLA. These service providers are not permitted to use your personal information for any other purpose, and their use of such personal information will be subject to appropriate confidentiality and security measures.
With third party services: We do use some third-party services to run our applications and only to the extent necessary to process some or all of your personal information via these third parties. Having subprocessors means we are using technology to access your data. No person looks at your data for these purposes unless an error occurs that stops an automated process from working and requires manual intervention to fix. These are rare cases and when they happen, we look for root cause solutions as much as possible to avoid them from reoccurring.
All data is encrypted via SSL/TLS when transmitted from our servers to your browser. Where personal data is stored on our project management tool Basecamp, these servers are protected by biometric locks and interior and exterior surveillance monitoring. Basecamp’s authorised personnel have access to the data center. 24/7/365 onsite staff provides additional protection against unauthorized entry and security breaches. All credit card transactions are processed using secure encryption—the same level of encryption used by leading banks.
We retain the majority of your personal information for as long as your account is active and therefore open; this allows you to continue accessing our content, products and services. Where we don’t need the information in full, we will obfuscate or aggregate it. This is to ensure that we do not retain your information for any longer than is necessary. Where we don’t need any of the information, we will delete it.
We retain billing information for 7 years for regulatory purposes, as we are required to keep accounting records.
We retain support queries and communication history for 5 years, so we have a record of what communications we have sent you to respond to queries you have in the future.
We retain subscription information for 5 years post-subscription to improve and maintain our website performance and to personalise our services and products.
We retain website analytical information for 3 years in order to improve and maintain our website performance and to personalise our services and products.
We retain application information, such as employment history, education history and CV information for 2 years in order to assist you with future support.
It is sometimes necessary for us to keep your personal information for longer periods of time, for example:
If we require the information for legal reasons or there is a legitimate business need for us to retain it;
Under data protection law, you have rights including:
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at [email protected] or at The Corporate Law Academy Limited, 21 Cedar Close, Buckhurst Hill, Essex, IG9 6EJ if you wish to make a request.
You can access and update your personal information by logging into the TCLA Forum or TCLA Premium, selecting your account profile and update the personal information we have on file.
If you'd like TCLA to delete your account or delete personal information it holds about you, you can submit a deletion request. Note that when we delete your account, personal information that you have shared with others (for example, through comments or an intake form) may still be visible. TCLA will also retain certain personal information about you where reasonably necessary to comply with our legal obligations or for our legitimate business purposes.
If you believe that any personal information we are holding about you is incorrect or incomplete, we will work with you to make corrections deemed necessary. Note that we may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
If you have any concerns about our use of your personal information, you can make a complaint to us at [email protected] or at The Corporate Law Academy Limited, 21 Cedar Close, Buckhurst Hill, Essex, IG9 6EJ.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Finally, If you have any queries about this policy, please contact us at: [email protected].
Name: The Corporate Law Academy Limited
Address: 21 Cedar Close, Buckhurst Hill, Essex, IG9 6EJ
E-mail: [email protected]
Adapted from the Basecamp open-source policies / CC BY 4.0