Data Protection Policy

Wholesale Automation Academy is committed to providing a superior learning experience for everyone we work with. We know that our users are committed to their success and we are equally committed to ensuring that each interaction that someone has with our content is optimized for maximum educational potential. To enable us to do this, Wholesale Automation Academy needs to gather and use certain information about individuals.

Individuals who we gather information about includes customers, affiliates, business contacts, employees, and other people the organization has a relationship with or may need to contact.

This policy describes how this personal data is collected, handled, and stored to meet the company’s data protection standards — and to comply with the law.

Why This Policy Exists

This data protection policy ensures Wholesale Automation Academy:

• Complies with data protection law and follows industry best practices
• Protects the rights of staff, customers, affiliates, and partners
• Is open about how it stores and processes individuals’ data
• Protects itself from the risks of a data breach

EU General Data Protection Regulation (GDPR)

The GDPR (General Data Protection Regulation) protection law describes how organizations who conduct business with individuals or entities located in EU (European Union) nations — including Wholesale Automation Academy — must collect, handle, and store personal information.

These rules apply regardless of whether data is stored electronically, on paper, or in any other manner.

To comply with the law, personal information must be collected and used fairly, stored safely, and not disclosed unlawfully.

The EU GDPR is underpinned by eight core principles. These state that personal data must:

• Be processed fairly and lawfully
• Be obtained only for specific, lawful purposes
• Be adequate, relevant, and not excessive
• Be accurate and kept up to date
• Not be held for any longer than necessary
• Processed in accordance with the rights of data subjects
• Be protected in appropriate ways
• Not be transferred outside the European Economic Area (EEA), unless that country or territory also ensures an adequate level of protection

1. Policy Statement

Every day our business will receive, use, and store personal information about our customers, affiliates, partners, and colleagues. It is important that this information is handled lawfully and appropriately, in line with the requirements of the Data Protection Act 2018 and the General Data Protection Regulation (collectively referred to as the ‘Data Protection Requirements’).

We take our data protection duties seriously, because we respect the trust that is being placed in us to use personal information appropriately and responsibly.

2. About This Policy

This policy and any other documents referred to in it, sets out the basis on which we will process any personal data that we collect or process. This policy does not form part of any employee’s contract of employment and may be amended at any time.

The company as a whole is responsible for ensuring compliance with the Data Protection Requirements and with this policy. Any questions about the operation of this policy or any concerns that the policy has not been followed should be referred in the first instance to the Data Protection Officer.

3. What is Personal Data?

Personal data is defined as data, (whether stored electronically or paper based) relating to a living individual who can be identified directly or indirectly from that data, (or from that data and other information in our possession).

Processing is any activity that involves use of personal data. It includes obtaining, recording, or holding the data, organizing, amending, retrieving, using, disclosing, erasing, or destroying it. Processing also includes transferring personal data to third parties under privacy control conditions.

Sensitive personal data includes contact info, address, session activity on the platform, IP location etc. Sensitive personal data can only be processed under strict conditions, and used for express purpose that it was collected for.

4. Use of Information

Information we collect

We receive and store information about you such as:

• Information you provide us: We collect information you provide to us which includes: your name, email address, address or postal code, payment method, and telephone number. We collect this information in a number of ways, including manual entry while you are using our service, interact with our customer service, or otherwise provide information to us through our service or elsewhere.
• Information we collect automatically: We collect information regarding you and your use of our service, your interactions with us and our advertising, as well as information regarding your computer or other device used to access our service. This information includes your activity on our platform, details regarding your interactions with customer service, device IDs, connection information, referral URLs, IP address, and standard web log information.

How we use this information

We use the information we collect to provide, analyze, administer, enhance, and personalize our services and marketing efforts, to process your registration, your orders, your payments, and your communication on these and other topics. Our primary aim is always to enhance the user experience. We do so in several ways using the data that we collect. For example, we may analyze your usage to understand difficulties you might face, which we can then use to improve the platform. We collect other information, such as most visited links on our website, which enables us to create additional content geared toward our users’ needs and personal preferences.

5. Data Subject’s Rights

We will process all personal data in line with data subjects’ rights, in particular their right to:

• Confirmation as to whether or not personal data concerning the individual is being processed.
• Request access to any data held about them by a data controller.
• Request rectification, erasure or restriction on processing of their personal data.
• Lodge a complaint with a supervisory authority.
• Data portability.
• Object to processing including for direct marketing.
• Not be subject to automated decision making including profiling in certain circumstances.

6. Data Security

We will take appropriate security measures against unlawful or unauthorized processing of personal data and against the accidental or unlawful destruction, damage, loss, alteration, or unauthorized disclosure of or access to personal data transmitted, stored, or otherwise processed.

We will maintain data security by protecting the confidentiality, integrity, and availability of the personal data.

• Confidentiality: Only people who are authorized to use the data can access it.
• Integrity: Personal data should be accurate and suitable for the purpose for which it is processed.
• Availability: Authorized users should be able to access the data if they need it for authorized purposes.

7. Subject Access Requests

Individuals must make a formal request for information we hold about them. Employees who receive a request should forward it to the data department immediately. When receiving telephone enquiries, we will only disclose personal data we hold on our systems if we can check the caller’s identity to make sure that information is only given to a person who is entitled to it.

8. Changes to this Policy

We may modify this Privacy Statement at any time, but we will provide prominent advance notice of any material changes to this Statement, such as posting a notice through the Services, on our websites, or sending you an email, to provide you the opportunity to review the changes and choose whether to continue using the Services.