Privacy Policy

1. Who We Are

Asbiverse Limited (Company No. 13891216), trading as Asbiverse Group and Commercial Excellence Academy, registered at Dairy House, Money Row Green, Holyport, Maidenhead, Berkshire, SL6 2ND, is the data controller for personal data collected through this platform.

For any data-related queries, contact us at info@commercialexcellenceacademy.com.

2. What Data We Collect

Data you provide directly

  • Name and email address when registering or purchasing
  • Billing address and payment method details processed via our payment provider
  • Country and professional information provided in forms, including the Commercial Excellence Scorecard and classroom booking forms
  • Messages and enquiries submitted via contact forms
  • Your responses to the Commercial Excellence Scorecard

Data collected automatically

  • Login activity and session data
  • Course and module progress
  • Video viewing activity, including which videos have been accessed and when
  • Study guide download activity
  • Purchase and transaction history
  • Checkout waiver confirmations, recorded at the point of purchase
  • Email engagement (opens, clicks)
  • IP address and browser type for security and fraud prevention

3. Why We Use Your Data

Contract performance

To process your purchase, grant access to your membership, deliver study guides and course content, and send transactional emails including receipts, access confirmations and classroom booking confirmations.

Legitimate interests

To track and log learning progress and content access activity, including video views, module completions and study guide downloads. This logging serves two purposes: to personalise your learning journey and to assess refund eligibility in accordance with our Refund Policy. To send relevant follow-up content based on your scorecard results and course completion, and to improve the platform based on usage patterns.

Legal obligation

To retain financial and transaction records as required by HMRC and UK company law.

Consent

To send marketing emails. You may withdraw consent at any time by clicking unsubscribe in any email or by contacting us directly.

4. Who We Share Data With

General principle

We share your personal data only where it is necessary to provide our services, meet a legal obligation or pursue a legitimate business interest. In every case, data is shared on a minimum necessary basis and only with parties who are contractually obliged to handle it securely and in accordance with applicable data protection law.

We do not sell, rent or trade your personal data to any third party for their own marketing purposes, at any time.

Hosting and infrastructure providers

We use cloud hosting and server providers to store and serve the platform. These providers have access to data only to the extent necessary to provide their hosting service. Where providers are based outside the UK or EEA, we require that appropriate safeguards are in place and take reasonable steps to satisfy ourselves that they maintain appropriate transfer mechanisms. Responsibility for maintaining those mechanisms rests with the relevant provider. Current provider: IONOS (United Kingdom).

Payment processors

We use a third-party payment processor to handle all financial transactions. We do not store card or payment details on our own servers. We take reasonable steps to satisfy ourselves that our payment processor maintains appropriate security standards, but we cannot guarantee the security of data once it has entered their systems. Current provider: Stripe (EU / USA).

Email delivery and CRM providers

We use email service providers to send transactional and, where consented, marketing communications. These providers process your name and email address and engagement data on our behalf. Current providers: FluentCRM (self-hosted, United Kingdom); SendGrid (USA).

Video and content delivery providers

Course videos are delivered via a third-party video hosting and content delivery network. These providers may process technical data such as your IP address and viewing activity in order to stream content to you. Current provider: Bunny.net Stream (EU).

Assessment and lead generation tools

We use a third-party scorecard platform to deliver the Commercial Excellence Scorecard. Your scorecard responses, name and email address are processed by this provider and passed back to our CRM. Current provider: ScoreApp (EU / USA).

Automation and integration platforms

We use workflow automation tools to connect our systems. These platforms process data in transit but do not store it independently for their own purposes. Current provider: Make.com (EU).

Legal, financial and professional advisers

We may share personal data with our accountants, legal advisers or auditors where required to fulfil a legal or regulatory obligation. These parties act under professional confidentiality obligations.

Law enforcement and regulatory authorities

We may disclose personal data to courts, regulators, law enforcement agencies or other public authorities where we are legally required to do so, or where it is necessary to establish, exercise or defend legal claims.

Keeping this information up to date

The providers listed above reflect our current technology stack at the date shown on this policy. We review our third-party relationships regularly. If you would like to know which specific providers are currently processing your data, please contact us at info@commercialexcellenceacademy.com.

5. International Data Transfers

Some of our third-party providers are based outside the UK or EEA. Where this is the case, we require that appropriate safeguards are in place to protect personal data in accordance with UK data protection law. We take reasonable steps to satisfy ourselves that providers operating outside these regions maintain appropriate transfer mechanisms, which may include the UK International Data Transfer Agreement, Standard Contractual Clauses or reliance on an adequacy decision. Responsibility for maintaining those mechanisms rests with the relevant provider. We encourage you to review the privacy policies of any third-party provider you interact with directly. If you have concerns about a specific transfer, please contact us.

6. How Long We Keep Your Data

  • Active member data: retained for the duration of your membership plus 2 years
  • Transaction and financial records: 7 years (HMRC requirement)
  • Content access logs (video views, module completions, study guide downloads): retained for the duration of your membership plus 2 years. These logs may be used to assess refund eligibility in accordance with our Refund Policy
  • Checkout waiver confirmations: retained for the duration of your membership plus 7 years as a record of contractual agreement
  • Scorecard and enquiry data: 3 years from last interaction
  • Email marketing records: until you unsubscribe or request deletion

7. Your Rights Under UK GDPR

Right What it means
Access Request a copy of the personal data we hold about you
Rectification Ask us to correct inaccurate or incomplete data
Erasure Request deletion of your data where we have no lawful reason to retain it
Restriction Ask us to restrict processing of your data in certain circumstances
Portability Receive your data in a structured, machine-readable format
Object Object to processing based on legitimate interests or for marketing purposes
Withdraw consent Withdraw marketing consent at any time without affecting prior processing

To exercise any of these rights, email info@commercialexcellenceacademy.com. We will respond within 30 days. If you are not satisfied with how we handle your request, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.

8. Data Security

We take reasonable and appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction or alteration. These measures include, where applicable, encrypted connections (HTTPS), access controls and secure hosting environments. The specific measures in place may evolve as our technology stack changes and as security best practice develops.

No method of electronic transmission or storage is completely secure. While we take our obligations seriously, we cannot guarantee absolute security and we encourage you to take reasonable precautions to protect your own account credentials.

9. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices, technology or legal obligations. Where changes are material, we will endeavour to notify active members by email where reasonably practicable. We encourage you to review this policy periodically.

This policy is governed by the laws of England and Wales. Asbiverse Limited is in the process of registering with the Information Commissioner’s Office (ICO) where required under UK GDPR. If you have questions about our registration status, please contact us at info@commercialexcellenceacademy.com. Registered address: Dairy House, Money Row Green, Holyport, Maidenhead, Berkshire, SL6 2ND.