Welcome to the Epics Academy privacy policy.

Epics Academy respects your privacy and is committed to protecting your data.

  1. Introduction

This privacy policy tells you how the  Epics Academy uses your data when you visit our website, interact with us, and buy our goods and services.

It also tells you about your privacy rights and how the law protects you.

You must read this privacy policy, together with any other privacy policies we may provide, so that you are fully aware of how and why we are using your data.

This privacy policy was last updated on the 26th of March 2024.

If you have any questions or would like to exercise your privacy rights, please follow the instructions in this privacy policy. See How to contact Epics Academy about privacy below.

  1. Our website and the Epics Academy

Our website at epicsacademy.com sells event and membership services which are aimed at business users – from start-ups and independent businesses to larger organisations. This website is not intended for children and we do not knowingly collect data relating to children.

  1. Personal data which we collect about you

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We collect a variety of information about our wonderful customers (you!) and visitors to the Epics Academy website. This personal data falls into these categories:

Identity Data includes title, first name, last name, job title, company name or similar identifier and an encrypted version of your login/password. If you interact with us through social media, this may include your social media user name.

Contact Data includes a billing address, delivery address, email address and telephone numbers.

Transaction Data includes details about products and services you have purchased from us

Profile Data includes your username and password, purchases or orders made by you, preferences, feedback and survey responses.

Usage Data includes information about how you use our website, products and services.

Marketing and Communications Data includes your preferences in receiving direct marketing from us and your communication preferences.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

  1. How is your personal data collected?

We use different methods to collect data from and about you including through:

Direct interactions. You may give us your Identity, and contact us by filling in forms or by corresponding with us by post, phone, email or through chat or social media.

This includes personal data you provide when you:

  • sign up to receive the Epics Academy newsletter;
  • make enquiries or request information be sent to you;
  • create an account on our website;
  • order our products or services;
  • ask for marketing to be sent to you;
  • engage with us on social media;
  • enter a competition, promotion or survey;
  • contact customer services; or
  • leave comments or reviews on our products or services (please be kind!).

Third parties or publicly available sources. We may receive personal data about you from various types of third parties, including:

  • Identity and Contact Data from data partners; and
  • Data from any third parties who are permitted by law or have your permission to share your personal data with us, such as via social media or review sites. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
  1. How we use your personal data
  • Where we need to perform the contract we are about to enter into or have entered into with you. For example, when you purchase our products, that’s a contract.
  • Where we need to comply with a legal or regulatory obligation. For example, keeping records of our sales for tax compliance.

Generally, we do not rely on consent as a legal basis for processing your data other than where the law requires it, for example with sending certain direct marketing communications. Where our legal basis is consent, you have the right to withdraw consent at any time.

  1. Advertising, marketing, and  your communications preferences

We may carry out direct marketing by email, phone, text or post. For example, you might have the Epics Academy newsletter hit your inbox or a cool promotion land on your doormat.

On our website, we always try hard to make it clear what we are doing and what communications you will be sent, whether it’s you deciding to sign up to the Epics Academy newsletter or as part of creating an account or the purchase journey – and you have a right at any time to change your mind and say no thank you and opt out (but we’d be sorry to see you go, so please gives us a chance by fine-tuning your preferences before really leaving us!). The easiest way to opt out is to use the unsubscribe link at the bottom of the communication.

Of course, there are lots of different ways you’ll see adverts for Epics Academy out and about, and not all of these are based on using personal data – sometimes we just buy good old-fashioned advertising space in the real world and websites and social media. If you see Epics Academy ’s adverts on websites and in social media, these may not be directed specifically at you, we might just have bid for space. But here are some things we may do that may be specifically directed at you:

  • emails, for example, the Epics Academy newsletter;
  • text messages, for example with discount codes;
  • phone calls, to tell you something that might be relevant to you and your business.
  1. Payment information

Epics Academy uses third party payment processors GoCardLess, PayPal,  iZettle, and Square to process payments made for products and services via the Website. All online payments will be conducted in accordance with Payment Card Industry (PCI) data security standards (which are high!) and your billing information (which is only used by these payment processors to perform fraud protection) is encrypted before being communicated to them. Subject to the below exceptions, your credit card details are communicated directly from your browser to these payment processors – Epics Academy never (ever!) sees your full Permanent Account Number (PAN). This means that the payment form is either off-site or displayed in a frame on the payment page.

  1. Data security

We have put in place appropriate security measures to prevent your data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

  1. Third-party links

This website may include links to third-party websites, plug-ins, and applications (for example, the ability to sign in with Facebook). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

  1. Your legal rights

If the General Data Protection Regulation applies to you because you are in the European Union, you have rights under data protection laws in relation to your data:

  • The right to be informed – that’s an obligation on us to inform you how we use your data (and that’s what we’re doing in this privacy policy);
  • The right of access – that’s a right to make what’s known as a ‘data subject access request’ for a copy of the personal data we hold about you;
  • The right to rectification – that’s a right to make us correct any personal data about you that may be incomplete or inaccurate;
  • The right to erasure – that’s also known as the ‘right to be forgotten’ where in certain circumstances you can ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it);
  • The right to restrict processing – that’s a right for you in certain circumstances to ask us to suspend processing personal data;
  • The right to data portability – that’s a right for you to ask us for a copy of your data in a common format (for example, a .csv file);
  • The right to object – that’s a right for you to object to us processing your data (for example, if you object to us processing your data for direct marketing); and
  • Rights in relation to automated decision-making and profiling – that’s a right you have for us to be transparent about any profiling we do, or any automated decision-making.

These rights are subject to certain rules around when you can exercise them. You can see a lot more information on them, if you are interested, on the UK Information Commissioner’s Office website.

If you wish to exercise any of the rights set out above, please contact us.

You will not have to pay a fee to access your data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information about your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

You have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

  1. How to contact Epics Academy  about privacy

If you have any questions about this privacy policy or would like to exercise any of your rights, please email us at   admin@epicsacademy.com

  1. Changes to this privacy policy

The General Data Protection Regulation is new and the ICO is still issuing new bits of guidance about how businesses should follow it. So, you may see little updates to our privacy policy over the coming months. Be sure to check in and read every now and then.

Thank you.