Nimble Elearning Limited (Nimble) processes data for and on behalf of the Account Holder. As a Data Processor, Nimble is committed to protecting and respecting the security and integrity of your personal data in line with GDPR (General Data Protection Regulation) and ISO 27001. We collect information only which we can justify as reasonable and justifiable for the provision and communication of Nimble-related products and services as detailed on our marketing website.
The EU General Data Protection Regulation (GDPR) marks a step change for data protection and replaces the Data Protection Directive on 25 May 2018. GDPR simplifies and clarifies rules, and strengthens citizens’ rights in relation to their personal data. The GDPR abolishes the single country data protection acts and combines the data protection for all EU member states. When the UK leaves the EU, it will become an approved country and GDPR will continue to form part of UK law.
Data security and integrity is of paramount importance to Nimble. We’ve gone to great lengths to ensure that your personal data is secure and that our service is available 24/7. As a sign of our commitment to information security, we have developed our information security management procedures in accordance with ISO 27001 standards. In September 2017 we were awarded ISO 27001 accreditation by the BSi, who continue to audit our information security management procedures bi-annually.
1. Information we may collect from you
We may collect and process the following data about you:
- Information that you provide by filling in forms on our product websites. This includes information provided at the time of registering to use the Site, subscribing to our service, posting material or requesting further services. We may also ask you for information when you report a problem with the Site.
- If you contact us, we will keep a record of that correspondence.
- Nimble Elearning may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of your visits to the Site and the resources that you access, including your IP address and internet browsing preferences.
- We do not store credit/debit card details.
2. IP Addresses and Cookies
We may collect information about your computer, including (where available) your IP address, operating system, and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive.
3. Where we store your personal data
Nimble Elearning will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with the GDPR.
Your personal data is stored within the EU and, unless explicitly agreed with the Account Holder, will not be transferred outside the EU. Your learners’ and users’ data is kept securely on your own password-protected database and will not be used for any purpose other than the delivery of online learning through your Nimble account.
Where you have been given (or where you have chosen) a password which enables you to access certain parts of the Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
4. Uses made from the information
Nimble Elearning will use personal information only to provide you with services relating to the Site. Personal information will not be passed to third parties.
We use information held about you in the following ways:
- To ensure that content from the Site is presented in the most effective manner for you and for your computer.
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered into between you and us.
- To allow you to participate in interactive features of our service, when you choose to do so.
- To notify you about changes to our service.
5. Retention of your information
The personal data that we collect shall be kept for no longer than is necessary for the purposes for which it is being processed. Should your Nimble account remain unused for a period of two years, or you request removal of your personal data without Nimble having legal grounds to object, then your personal information will be scheduled for deletion.
Data scheduled for deletion will be moved to a secure, encrypted ‘vault’ for no more than three years, before being permanently removed from all Nimble servers and backups.
6. Disclosure of your information
7. Your rights
You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at firstname.lastname@example.org.
You have a right to withdraw consent for Nimble to use your personal data by contacting us. Should you feel that the personal information we hold about you is incorrect or inaccurate, you have the right to request that we rectify this. In both cases, please contact email@example.com.
You have a right to lodge a complaint with Nimble or with ICO (The Information Commissioner’s Office) directly, should you have a concern about our information rights practices at https://ico.org.uk/concerns/.
The Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
8. Access to information
The GDPR gives you the right to access information held about you, to know why we have it, and how it will be used. Your right of access can be exercised in accordance with the GDPR and will be free of charge. However, we may charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.
Children aged 16 or under wishing to provide personal details to Nimble Elearning should get their parent/guardian’s permission to do so.
11. Contact us