Legal
Privacy Policy
Last updated: April 2026
In plain English:We collect only what we need to run our learning platform and services. We don't sell your data. You can ask us to delete it at any time. This policy explains exactly what we collect, why, and who sees it.
1. Introduction
Welcome to Swift Learn's privacy policy. Swift Learn is a brand of Brainy Cheeks Ltd, a company providing online learning solutions for organisations. We respect your privacy and are committed to protecting your personal information.
For UK GDPR purposes, Swift Learn (referred to as “Swift Learn”, “we”, “our”, or “us”) is the controller of the personal data you provide to us.
2. Contact Information
| Legal entity | Brainy Cheeks Ltd |
| Data protection contact | Data Protection Contact |
| support@swiftlearn.co.uk |
If you have any questions about this policy or wish to exercise your data protection rights, please contact us using the details above.
3. Data We Collect
3.1 Information You Provide to Us
- Name and contact information (email, phone number)
- Company name, job title, and role
- Account credentials (username, encrypted password)
- Communication preferences
- Payment and billing information
- Course enrolment and learning data
- Support enquiries and correspondence
3.2 Information We Collect Automatically
- Device type, operating system, and browser information
- IP address and approximate location
- Pages visited, time spent, and interaction patterns on our platform
- Referral source (how you found us)
- Course progress and completion data
3.3 Information from Third Parties
We may receive information about you from third parties, including:
- Payment confirmation from our payment processor (Stripe)
- Analytics data from Google Analytics
- Publicly available business contact information where we have a legitimate reason to contact you about our services
4. Lawful Basis for Processing
Under Article 6(1) of the UK GDPR, we process your personal data on the following bases:
| Purpose | Lawful Basis | Detail |
|---|---|---|
| Providing our services and managing your account | Contractual necessity (Art 6(1)(b)) | Processing is necessary to perform our contract with you |
| Processing payments | Contractual necessity (Art 6(1)(b)) | Required to fulfil our obligations under your service agreement |
| Sending service communications | Contractual necessity (Art 6(1)(b)) | Necessary to keep you informed about services you use |
| Website analytics and platform improvement | Legitimate interest (Art 6(1)(f)) | We anonymise data where possible and you can opt out via cookie preferences |
| Marketing communications | Consent (Art 6(1)(a)) | We only send marketing emails where you have given clear consent. You can withdraw consent at any time |
| Fraud prevention and platform security | Legitimate interest (Art 6(1)(f)) | We have a legitimate interest in protecting our platform and users |
| Compliance with legal obligations | Legal obligation (Art 6(1)(c)) | Required by law |
| Course progress tracking and certification | Contractual necessity (Art 6(1)(b)) | Necessary to deliver the learning services you or your employer have engaged us to provide |
5. Third-Party Service Providers
We share your personal data with the following categories of third-party processors, who process data on our behalf and under our instructions:
| Category | Provider(s) | Purpose | Data Shared |
|---|---|---|---|
| Payment processing | Stripe | Processing card payments securely | Name, email, payment card details (we do not store full card numbers) |
| Analytics | Google Analytics | Understanding platform usage and improving our services | Anonymised usage data, IP address (anonymised), device/browser info |
| Cloud hosting | Infrastructure provider | Hosting our platform and storing data securely | All platform data (encrypted at rest and in transit) |
| Email services | Email service provider | Sending transactional and marketing emails | Name, email address |
| Learning management | Moodle (self-hosted) | Delivering courses via swift1.co.uk | Account details, course progress, learning data |
We do not sell your personal data to any third party.
All third-party processors are bound by data processing agreements that require them to process your data only on our instructions and to maintain appropriate security measures.
6. International Data Transfers
We store your data in secure data centres located within the United Kingdom and the European Economic Area (EEA).
Where we transfer data outside the UK or EEA, we ensure appropriate safeguards are in place, including:
- UK International Data Transfer Agreements (UK IDTAs) or EU Standard Contractual Clauses (SCCs) with UK Addendum
- Verifying that recipients are in countries recognised by the UK Government as providing adequate data protection
- Implementing appropriate technical and organisational security measures
7. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account and profile data | Duration of your account plus 2 years | To allow account reactivation and handle post-contract queries |
| Course completion and certification records | 6 years after completion | Professional certification requirements and contractual obligations |
| Payment and billing records | 6 years after transaction | HMRC tax record-keeping requirements (legal obligation) |
| Marketing consent records | Duration of consent plus 2 years | To demonstrate consent was obtained (accountability) |
| Support correspondence | 3 years after resolution | To identify recurring issues and improve service |
| Website analytics data | 26 months (anonymised) | Platform improvement |
After the applicable retention period, data is securely deleted or irreversibly anonymised.
8. Cookies
Our website uses cookies and similar technologies. For full details of the cookies we use, why we use them, and how to manage your preferences, please see our Cookie Policy.
We do not set non-essential cookies (analytics or personalisation) until you have given your consent via our cookie preference tool.
9. Your Rights
Under UK data protection law, you have the following rights:
| Right | What It Means |
|---|---|
| Access | Obtain a copy of the personal data we hold about you |
| Rectification | Ask us to correct inaccurate or incomplete data |
| Erasure | Ask us to delete your personal data (subject to legal retention requirements) |
| Restriction | Ask us to limit how we process your data |
| Data portability | Receive your data in a structured, commonly used, machine-readable format |
| Object | Object to processing based on legitimate interest or for direct marketing |
| Withdraw consent | Where processing is based on consent, withdraw it at any time |
To exercise any of these rights, please email our Data Protection Contact at support@swiftlearn.co.uk. We will respond within one calendar month of receiving your request, as required by law.
There is no fee for exercising your rights, unless your request is manifestly unfounded or excessive.
10. Children's Data
Our services are designed for organisations and professionals. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it.
11. Changes to This Policy
We may update this policy from time to time. Where changes are material, we will notify you by email or by placing a prominent notice on our website. We encourage you to review this policy periodically.
12. Complaints
If you are unhappy with how we have handled your personal data, please contact us first so we can try to resolve the issue.
If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: https://ico.org.uk/make-a-complaint
- Telephone: 0303 123 1113
© 2026 Brainy Cheeks Ltd trading as Swift Learn. All rights reserved.
If you have any questions about this policy, please contact us at support@swiftlearn.co.uk