Privacy Policy

About this document

This Privacy Notice explains what happens with any personal data we gather in relation to:

  • your use of this website at www.booosteducation.com (our “Website");

  • your use and/or licensing of our software products and apps (our “Software");

  • any customer service or other enquiries you submit to us.

We recognise our obligations under data protection legislation and we are committed to keeping your personal data safe and secure.

You should read this Privacy Notice so that you understand how we will handle your personal data.

Our aim is to only use and hold your personal data in ways that you would reasonably expect us to.

We reserve the right to amend this Privacy Notice from time to time. If we amend this Privacy Notice we will make you aware of this via updates posted on our Website.

Who we are

We are Booost Education Limited, a company registered in England and Wales under company number 13039225 with its registered office at 7 St John Street, Mansfield, Nottinghamshire, England, NG18 1QH.

Our registration number with the Information Commissioner’s Office is ZB249054.

If you have any questions regarding this Privacy Notice or how we process your personal data please contact us using the details below:

Data Protection Representative: info@booosteducation.com

What personal data do we gather about you?

Personal data” is any information about an individual from which that individual can be identified. It does not include data from which an individual cannot be identified, for example anonymised data. The types of personal data we may collect, use, store and transfer in relation to you may consist of the following:

Data Subject

Website visitor / user

Types of Personal Data

IP address and website usage data (such as search terms)

Data Subject

A Licensee of our Software (where the Licensee is an individual) or an individual employed by a Licensee of our Software (where the Licensee is a University, school, college, business or organisation)

Types of Personal Data

Full name, address, email, telephone number, position within company or organisation

Data Subject

User of our Software (e.g. an individual Licensee or a student or employee of an enterprise Licensee)

Types of Personal Data

Full name, email address, Software usage data (e.g. time and date of Software download, activation and use, click events), financial information, location (from IP address), as well as other personal data uploaded to, stored or created using our Software such as diary events and tasks.

Data Subject

Third parties whose personal data may be captured by Users of our Software (e.g. where the Software is used to upload details of the User's family and friends).

Types of Personal Data

Any personal data concerning third parties which may be captured (i.e. stored) by Users of our Software.

Data Subject

Individual making enquiries

Types of Personal Data

Name, address, email, telephone number and details of the enquiry.

What personal data do we gather about you?

We may collect personal data about you from the following sources:

  • Information you provide to us via our Website;

  • Information included in your online or offline Order Form if you purchase a licence of our Software;

  • Information you provide when you download or register to use our Software;

  • Information that is provided to us by your university, school, college or employer (e.g. so that you may use our Software under their Licence Agreement with us);

  • Information that is provided to us by your Disabled Students' Allowance assessor or supplier;

  • Information you upload to, store on, create using, or transmit using our Software;

  • Information which you provide when you contact us with an enquiry or correspond with us offline (e.g. via email or post).

Please note that, where you are a User of the Software and you upload any personal data concerning third parties you should inform those individuals that you have shared their personal data with us.

How do we store your personal data and keep it secure?

We use reasonable and up to date security methods to:

  • keep your data secure;

  • prevent unauthorised or unlawful access to your personal data;

  • prevent the accidental loss of or damage to your personal data.

All personal data provided to us is stored on our secure servers and in secure filing systems.

We have in place policies, procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction including procedures to deal with a security breach. For example, our website and applications use HTTPS encryption and our payment systems are protected by third party payment providers. We also undergo annual penetration testing to ensure the robustness of our cyber security and we maintain internal policies, procedures, and technologies, to ensure that your data remains safe.

We train our staff on the importance of data security, and we will ensure your personal data is only accessible by those who need to see it for their specific role.

We will only transfer your personal data to a third party if that third party agrees to comply with our procedures and policies or if they have put in place equivalent policies and procedures of their own. 

How and why we will use your personal data?

We will usually only process your personal data where:

  • you have consented to the processing; or

  • the processing is necessary to comply with our legal obligations; or

  • the processing is necessary for the performance of a contract (e.g. a Software licence agreement); or

  • the processing is necessary for our legitimate interests or the legitimate interests of third parties; or

  • the processing is necessary for the exercise or defence of legal claims.

The table below provides examples of the various ways in which we may use your personal data and which of the legal reasons we rely on when processing your personal data.

Data Subject

Website visitor / user

Purpose of Processing

To assist or improve the individual’s use of the website

Legal Reason for Processing

Legitimate Interests

Data Subject

Licensee of our Software

Purpose of Processing

To provide our Software for use by the Licensee; to process payments for Software licence fees; to enforce the terms of our Software licence.

Legal Reason for Processing

Performance of Contract
Legitimate Interests

Data Subject

User of our Software

Purpose of Processing

To enable the user to access, use, and store content in our Software; to improve our Software products and the user experience; to inform and support the user when Software has been updated (e.g. launch of a new feature); to ensure all use of our Software is properly licensed; to run analytics to assess and improve performance of Software, Website and services; to improve the usefulness of our email content, and the effectiveness of our support centre; to support research into future development of our Software to improve user experience.

Legal Reason for Processing

Performance of Contract
Legitimate Interests

Data Subject

User of our Software (excluding those under 18)

Purpose of Processing

To provide the user with content, information and opportunities that they may be interested in (such as promotions, free trials, discounts, surveys and rewards); to request the user's feedback on new ideas in order to inform product development research.

Legal Reason for Processing

Consent

Data Subject

Third Parties (whose personal data may uploaded or stored by Users of our Software)

Purpose of Processing

To enable Users to use our Software; to improve our Software products and the user experience.

Legal Reason for Processing

Legitimate Interests

Data Subject

Individual Making Enquiries

Purpose of Processing

Providing details of our services/products

Legal Reason for Processing

Legitimate Interests

Where the legal reason for processing is the performance of a contract with you, if you do not provide relevant personal data we will not be able to fulfil our contractual obligation(s) to you and this may have a detrimental impact on you.

We do not sell or rent personal data which you provide to us.

If you have any questions about the contents of the above table (for example, if you would like to understand what our “legitimate interests” are for any specific processing activity) please contact our Data Protection Representative.

Our Software is only intended to be used by Users under the age of 18 years old, under the guidance of a teacher or parent or guardian. We treat all personal data from children fully in  accordance with UK GDPR and data protection laws, and we do not use personal data from children for the purposes of advertising or marketing. All Users of our Software will receive onboarding and product emails, however marketing emails will be removed for Users under the age of 18.

How we keep your personal data accurate?

We will keep the personal data we store about you accurate and up to date. 

We will take every reasonable step to erase or rectify inaccurate data without delay.

Please tell us if your personal details change or if you become aware of any inaccuracies in the personal data we hold about you.

We will contact you if we become aware of any event which is likely to result in a change to your personal data.

How long will we keep your personal data?

We will not keep your personal data for longer than is necessary for the purpose(s) for which we process it.

This means that data will be destroyed or erased from our systems when it is no longer required.

For guidance on how long certain data is likely to be kept before being destroyed, contact our Data Protection Representative.

What rights do you have in respect of your personal data?

You have the right to:

  • request access to any personal data we hold about you;

  • request for any inaccurate personal data which we hold about you to be rectified;

  • request to have your personal data erased;

  • request to have the processing of your personal data restricted (for example, if you think the personal data we hold about you is inaccurate you can ask us to stop processing it until we will either correct it or confirm it is accurate);

  • request the transfer of your personal data to another data controller;

  • object to certain types of processing, including processing based on legitimate interests, automated processing (which includes profiling) and processing for direct-marketing purposes; and

  • withdraw consent to the processing of your personal data (where the legal reason for the processing of your personal data was your consent).

If you wish to exercise any of the rights set out above, you must make the request in writing to our Data Protection Representative. Please note some of these rights are restricted in some circumstances.

Automated decision-making

We do not conduct automated decision making (including profiling) in connection with your personal data.

Who will have access to the data we hold?

Our personnel who need to access your personal data will view it in order that we can provide our services to you. All of our personnel understand the need to keep your personal data confidential and to use it only for legitimate purposes.  

In addition to our own personnel, other personnel from our service providers may process your personal data on our behalf (for example, third party hosting companies; external software developers who assist us to further develop the Software). We carry out due diligence on our service providers and make sure we have a contract with them which satisfies the requirements of data protection legislation.

We may disclose your personal information to third parties:

  • if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;

  • if we or substantially all of our assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets; and

  • if we are under a duty to disclose or share your personal data in order to comply with legal obligations or to protect the rights, property or safety of others.

If your personal data is provided to any third parties you are entitled to request details of the recipients of your personal data or the categories of recipients of your personal data.

Apart from the situations referred to above, we will not disclose your personal data to a third party without your consent unless we are satisfied that they are legally entitled to access your personal data.

Transferring your data outside the UK/ European Economic Area (EEA)

We will not transfer your personal data outside the UK/ EEA unless such transfer is compliant with data protection legislation.

This means that we cannot transfer any of your personal data outside the UK/ EEA unless:

  • the UK ICO or EU Commission has decided that another country or international organisation ensures an adequate level of protection for your personal data;

  • the transfer of your personal data is subject to appropriate safeguards, which may include binding corporate rules or standard data protection clauses adopted by the UK ICO or EU Commission; or

  • an exception applies (including if you explicitly consent to the proposed transfer).

Cookies

Our website uses cookies to distinguish you from other users of our website. These cookies sometimes process personal data. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website.

For detailed information on the cookies we use and the purposes for which we use them, please see our Cookie Policy.

Right to make a complaint

If you have any issues with our processing of your personal data and would like to make a complaint, you may contact us via our Data Protection Representative or the Information Commissioner’s Office on 0303 123 1113.

This Privacy Notice was last updated on 23 October 2024.