Privacy Policy

This Privacy and GDPR Compliance Policy governs the manner in which Erin Johns Educational Services (t/a Neurodiversity Tutor) collects, uses, maintains, and discloses information collected from customers and users (referred to as "Users" or "you") of our educational services in the United Kingdom.

1. Information Collection

We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our website, fill out a contact form, sign up to TutorBird, subscribe to our newsletter, place an order for our educational services, or interact with us in any other way. The types of personal information we may collect include, but are not limited to:

  • Name

  • Email address

  • Phone number

2. Lawful Basis for Processing

We will only collect and process personal data when we have a lawful basis to do so. The lawful bases for processing personal data include the necessity of processing for the performance of a contract, compliance with legal obligations, consent, protection of vital interests, the performance of a task carried out in the public interest, or legitimate interests pursued by the data controller or a third party.

3. Purpose of Data Collection

We collect and use personal information for the following purposes:

  • To provide and deliver our educational services to you.

  • To process and fulfill orders for our educational services.

  • To send periodic emails regarding your order or other related educational materials and updates.

  • To respond to inquiries, questions, and/or other requests related to our educational services.

4. Data Protection

Erin Johns Educational Services is committed to protecting the security of your personal information. We implement appropriate data collection, storage, and processing practices and security measures to protect against unauthorized access, alteration, disclosure, or destruction of your personal information, username, password, transaction information, and data stored on our site.

5. Data Retention

We will retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy and GDPR Compliance Policy, unless a longer retention period is required or permitted by law.

6. Consent

Whenever we rely on your consent to process personal data, we will obtain explicit consent that is freely given, specific, informed, and unambiguous. You have the right to withdraw your consent at any time, and we will promptly act upon your request.

7. Data Minimisation

We will ensure that personal data collected is limited to what is necessary for the purposes specified. We will also regularly review our data records and delete any unnecessary or obsolete information.

8. Data Subject Rights

As a User, you have certain rights regarding your personal information:

  • You have the right to access the personal information we hold about you.

  • You have the right to correct any inaccuracies in your personal information.

  • You have the right to request the deletion of your personal information in certain circumstances.

  • You have the right to restrict the processing of your personal information under certain conditions.

  • You have the right to object to the processing of your personal information under certain circumstances.

  • You have the right to data portability, which allows you to obtain and reuse your personal information for your own purposes across different services.

To exercise any of these rights, please contact us using the information provided at the end of this Privacy and GDPR Compliance Policy.

9. Data Breach Notification

In the event of a data breach that is likely to result in a risk to the rights and freedoms of individuals, we will notify the relevant supervisory authority and affected individuals within 72 hours of becoming aware of the breach.

10. Third-Party Websites and Data Processors

Our website may contain links to third-party websites for your convenience. However, we do not endorse or have control over the content or privacy practices of these websites. This Privacy and GDPR Compliance Policy applies solely to information collected by Erin Johns Educational Services. We encourage you to review the privacy policies of any third-party websites you visit.

Erin Johns Educational Services may engage third-party data processors to assist in providing services. These processors will be carefully selected and required to meet the GDPR standards of data protection.

11. Employee Training

All employees, freelancers and personnel involved in processing personal data will receive appropriate training on GDPR compliance and data protection practices.

12. Policy Review

This Privacy and GDPR Compliance Policy will be reviewed regularly and updated as necessary to ensure ongoing compliance with GDPR and any other relevant data protection laws.

13. Acceptance of These Terms

By using our educational services, you signify your acceptance of this Privacy and GDPR Compliance Policy. If you do not agree to this policy, please do not use our services. Your continued use of our educational services following the posting of changes to this Privacy and GDPR Compliance Policy will be deemed your acceptance of those changes.

14. Contact Us

If you have any questions about this Privacy and GDPR Compliance Policy, the practices of Erin Johns Educational Services, or your dealings with us, please contact us at:

Erin Johns Educational Services

Email: info@erinjohnseducational.co.uk

Reviewed: August 2024