Gramacri

Menu
Log In

Privacy Policy

1. INTRODUCTION

Gramacri Limited (“Gramacri”, “Company”, “we”, “us”, or “our”) respects your privacy and is committed to protecting personal data in accordance with applicable data protection legislation, including the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018 and other applicable laws of England and Wales.

This Privacy Policy explains how we collect, use, store and protect personal data when you:

  • use our website;
  • access our membership platform;
  • purchase subscriptions or services;
  • contact us;
  • subscribe to marketing communications;
  • interact with our educational resources and services.

This policy also explains your privacy rights and how the law protects you.

2. WHO WE ARE

Gramacri Limited is a company registered in England and Wales under company number 14109123.

Registered office:

211 Holloway Head
Birmingham
B1 1UJ

Contact email:
info@gramacri.com

3. THE TYPES OF PERSONAL DATA WE COLLECT

Depending on how you use our services, we may collect and process the following categories of personal data:

Identity and Contact Data

  • Name
  • Email address
  • Telephone number
  • School or organisation details
  • Billing address
  • Work address

Account and Membership Data

  • Username and login information
  • Subscription and membership details
  • Order history
  • Account activity

Payment and Transaction Data

Payments are processed securely by third-party payment providers such as Stripe. Gramacri Limited does not store full payment card details.

We may retain limited payment-related information including:

  • billing records;
  • invoices;
  • transaction references;
  • subscription status.

Technical and Usage Data

  • IP address
  • Browser type
  • Device information
  • Operating system
  • Website activity
  • Login activity
  • Referral pages
  • Cookies and analytics information

Marketing and Communications Data

  • Preferences relating to marketing communications;
  • newsletter subscriptions;
  • responses to surveys or promotions;
  • interactions with emails and advertising campaigns.

4. EDUCATIONAL AND SCHOOL-RELATED DATA

Some services provided by Gramacri Limited may involve educational data entered by schools or teachers, including:

  • teacher-created class information;
  • student first names;
  • year groups;
  • assessment or progress-related information.

Schools and educational settings remain responsible for ensuring that any pupil or educational data uploaded to or entered into the platform is processed lawfully and in accordance with applicable data protection legislation.

Where Gramacri Limited processes educational data on behalf of schools, we generally act as a data processor and the relevant school or educational setting remains the data controller.

Gramacri Limited does not knowingly collect unnecessary special category data relating to pupils unless specifically required for the delivery of services and appropriately authorised.

5. HOW WE COLLECT PERSONAL DATA

We may collect personal data:

  • when you complete forms on our website;
  • when you purchase services or subscriptions;
  • when you create an account;
  • when you subscribe to emails or newsletters;
  • when you contact us;
  • when you use our platform or services;
  • through website functionality, analytics tools and related technologies;
  • through social media interactions or advertising platforms where appropriate.

6. HOW WE USE YOUR PERSONAL DATA

We may use personal data for the following purposes:

Providing Services

  • creating and managing accounts;
  • providing membership access;
  • delivering educational resources and services;
  • processing subscriptions and purchases;
  • managing customer support.

Operational and Administrative Purposes

  • maintaining records;
  • communicating with users;
  • responding to enquiries;
  • managing platform functionality and security.

Safeguarding and Legal Compliance

  • complying with safeguarding responsibilities where applicable;
  • responding to legal requests or regulatory requirements;
  • protecting the rights, safety and integrity of the company, users and services.

Marketing and Communications

  • sending newsletters and updates;
  • providing information about services, resources and promotions;
  • analysing engagement with communications.

Users may unsubscribe from marketing communications at any time.

Improving Services

  • monitoring website and platform performance;
  • analysing usage trends;
  • improving educational resources and user experience;
  • developing and improving services.

7. LAWFUL BASIS FOR PROCESSING

Under UK GDPR, Gramacri Limited relies on one or more of the following lawful bases for processing personal data:

Contract

Where processing is necessary to provide services, subscriptions or resources requested by users.

Legitimate Interests

Where processing is reasonably necessary for:

  • operating and improving our business;
  • platform administration;
  • service monitoring;
  • fraud prevention;
  • safeguarding;
  • customer support;
  • limited marketing activities.

Consent

Where users voluntarily submit information through forms, free lessons downloads, registrations or subscriptions, Gramacri Limited may process that information for the purposes explained within this Privacy Policy. Users may unsubscribe from marketing communications at any time using the unsubscribe links provided within emails or by contacting Gramacri Limited directly.

By accessing or using our website and services, you acknowledge that you have read and understood this Privacy Policy.

Legal Obligations

Where processing is necessary to comply with legal, safeguarding, tax, accounting or regulatory obligations.

8. SHARING PERSONAL DATA

Gramacri Limited may share personal data where reasonably necessary with:

  • payment providers;
  • website hosting providers;
  • analytics providers;
  • email marketing providers;
  • educational platform providers;
  • IT and technical support services;
  • professional advisers;
  • legal or regulatory authorities where required.

Examples of third-party services used by Gramacri Limited may include:

  • Stripe
  • MailerLite
  • WordPress-related services
  • analytics and advertising platforms

We aim to ensure that third-party service providers process data appropriately and securely.

We do not sell personal data.

9. INTERNATIONAL DATA TRANSFERS

Some third-party service providers used by Gramacri Limited may process personal data outside the United Kingdom, including providers involved in:

payment processing;

website hosting;

analytics;

email marketing;

cloud-based educational services;

advertising and communication services.

Where international transfers of personal data occur, Gramacri Limited aims to take reasonable and proportionate steps to ensure that appropriate safeguards are in place in accordance with UK GDPR requirements.

Such safeguards may include:

using reputable third-party providers with recognised data protection and security standards;

relying on UK adequacy regulations where applicable;

relying on approved contractual protections, including Standard Contractual Clauses (SCCs), where appropriate;

limiting access to personal data to authorised individuals only;

using password-protected systems, encrypted connections and secure authentication measures where reasonably practicable;

reviewing third-party privacy and security commitments where appropriate.

While reasonable efforts are made to work with providers that maintain appropriate safeguards, Gramacri Limited cannot guarantee the security practices of independent third-party providers.

10. DATA RETENTION

Gramacri Limited retains personal data only for as long as reasonably necessary for the purposes for which it was collected, including:

  • providing services;
  • complying with legal obligations;
  • resolving disputes;
  • maintaining safeguarding or financial records where appropriate.

Retention periods may vary depending on:

  • the nature of the data;
  • contractual requirements;
  • legal or accounting obligations;
  • safeguarding considerations.

Certain financial and transactional records may be retained for up to six years in accordance with legal and accounting requirements.

Where data is no longer required, it will be securely deleted or anonymised where reasonably practicable.

11. DATA SECURITY

Gramacri Limited takes reasonable technical and organisational measures to help protect personal data against:

  • unauthorised access;
  • misuse;
  • loss;
  • disclosure;
  • alteration.

However, no internet-based service or electronic storage system can be guaranteed to be completely secure. Users should exercise reasonable care when sharing information online.

12. COOKIES AND ANALYTICS

Our website may use:

  • strictly necessary cookies;
  • functionality cookies;
  • analytics cookies;
  • marketing or advertising cookies.

Some cookies help:

  • improve website functionality;
  • analyse website traffic;
  • support advertising and marketing campaigns.

Further information is available in our Cookie Policy.

13. THIRD-PARTY WEBSITES

Our website or services may contain links to third-party websites or services.

Gramacri Limited is not responsible for the privacy practices, security or content of third-party websites.

Users should review the privacy policies of external websites before providing personal information.

14. YOUR RIGHTS

Under UK GDPR, individuals may have the right to:

  • request access to personal data;
  • request correction of inaccurate data;
  • request deletion of personal data;
  • request restriction of processing;
  • object to certain processing activities;
  • request transfer of personal data where applicable;
  • withdraw consent where processing relies on consent.

Requests may be submitted to:

info@gramacri.com

Gramacri Limited may request reasonable proof of identity before responding to requests.

15. COMPLAINTS

If you have concerns regarding how your personal data is handled, please contact Gramacri Limited in the first instance.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

https://www.ico.org.uk

16. CHILDREN’S DATA

Gramacri Limited provides educational services intended primarily for schools, teachers and educational professionals.

Children do not normally create accounts directly with Gramacri Limited.

Where educational data relating to pupils is processed as part of school services, schools remain responsible for ensuring lawful collection and sharing of pupil data.

17. CHANGES TO THIS POLICY

Gramacri Limited reserves the right to review and update this Privacy Policy where appropriate.

The latest version will always be available on our website.

18. CONTACT DETAILS

Gramacri Limited
211 Holloway Head
Birmingham
B1 1UJ

Email: info@gramacri.com

We are launching
our Foreign Language Platform soon.

If you want to be notified once it is live please subscribe here.
We can’t wait to see you on board!