Privacy Policy

  • Blue Lotus (hereafter referred to as the “Company”, “we”, “us”, and “our”). The Company takes data protection very seriously and abide by the EU General Data Protection Regulation (GDPR). We encourage prospective clients to read the Company’s terms and conditions, prior to any purchases, in parallel to this privacy statement.What data we collect?

    We collect the following information from you through the use of enquiry and contact forms on the Website, and within Emails or telephone communications too:

    • Name and contact data: We collect your first and last name, email address, postal address, phone number, in order to respond sufficiently and appropriately to your enquiry.
    • Billing data: We collect data necessary billing information to process your payment if you make a purchase.

    We also store personal information from you when you communicate with us regarding the provision of services, including by email, postal mail or telephone.

    We collect certain information about the visitors of our Website. Please refer to Cookies policy for more details.

    If you do not wish to be contacted for any marketing purposes your consent can be removed by clicking “unsubscribe” on our formal marketing emails.

    Use of data collected

    The information that we collect and store relating to you is primarily used to enable us to provide our Services to you. Additionally, we may use the information for the following purposes:

    • To provide you with information you request from us
    • To maintain the account you create or use on our Website
    • To process your booking and purchase
    • To respond to your queries efficiently
    • To provide information on other products and Services which we feel may be of interest to you in line with your communications preferences
    • To meet our contractual commitments to you
    • To act on your behalf where the Service is delivered to you with the help of external providers/ third parties
    • To notify you about any changes to the Website and/or our Services that may have an impact on your actions
    • To notify you of similar products that may be of interest to you

    Lawful Basis for Processing Data

    There are three causes for the Company to process personal data, including:

    • Fulfilling a contractual agreement – if you purchase a product the Company shall process your data sufficiently and only where appropriate in servicing the prevailing agreement..
    • Legitimate Interests – if you have purchased a product from the Company, we may process your data and contact you if we believe we can enhance your career with a similar product. Please see our “Direct Marketing” term for further details.
    • Consent – if you give us explicit consent to contact you regarding an enquiry or for direct marketing purposes, we shall contact you via only the mediums consented to. Please see our “Consent” term for further details.

    Direct Marketing

    The Company will rely on the GDPR’s legitimate interests clause and/or PECR’s Soft Opt-in to send direct marketing communication, in the form of emails and telephone calls, to market similar products to customers that have purchased our services. Such advertisement within the direct marketing shall be similar to the product purchased, in accordance with the expectations of the customer. Our Company’s interest is to develop our business, whilst providing learning and career development opportunities to our customers. Given the nature of the service provision, we do not expect the rights or freedoms of the data subjects to be at risk to harm.

    Consent

    By using our websites or agreeing to do business with us you consent to the collection and use of information as outlined within this page and as informed at the point of data entry too with explicit statements of consent and tick boxes.

    If you have any concerns regarding your personal information that we may hold please contact us using the URL given at the bottom of this page.

    Information We Share

    We do not sell or otherwise disclose personal data that you provide to us or that we collect, except as described within this statement.  We may share personal data with service providers that perform services, in this case, all service providers have entered into legally binding agreements require them to use or disclose personal data only as necessary to perform services on our behalf or comply with applicable legal requirements. To summarise, we may share personal data you provide to us or that we collect with other entities.

    In addition, we may disclose personal data about you if we are required or permitted to do so by law or legal process, for example, due to a court order or request from a law enforcement agency when we believe the disclosure is necessary or appropriate to prevent physical harm or financial loss.

    Storing, Managing, and Transferring data

    The personal information that we collect is stored centrally on secure servers within the EU.

    The Company has a strict data retention policy, where it has a justifiable business or legitimate legal reason to store data. Data with no legal or business purpose to retain, is erased with immediate effect and is not stored. Please note that the transmission of information via the internet (including email) is not completely secure and therefore, although we endeavour to protect the personal information you provide to us, we cannot guarantee the security of data sent to us electronically and the transmission of such data is therefore entirely at your own risk.

    The Company shall process data in accordance with the relevant provisions in your county, for example if you are located in the European Economic Area (EEA), the GDPR shall be adhered to and your data protected accordingly. If an international transfer of data must take place in order to provide the service agreed, data shall only be transferred where:

    • The applicable country meets the requirements and has therefore been granted a European Commission on Adequacy
    • A US-EU Privacy Shield Exists
    • Appropriate safeguards have been applied, such as a EU Model Contract

    Exercising Your Data Rights

    Should you wish to access or update the personal information that we hold about you please contact us using the URL below or via email to submit a Subject Access Request.

    You can view, edit or delete your personal data you might have provided in prior communication with the Company, by exercising your Right to Erasure or Rectification. How you can access or control your personal data will depend on which products you use and what communication medium it is on.

    You can always choose whether you wish to receive promotional emails or promotions through telephone calls. You can also unsubscribe from receiving interest-based advertising from us by contacting [email protected]

    Internal access to data is only granted to privileged users, to ensure security. In addition, appropriate security measures are implemented to ensure the security of your personal data.

    Where you have given us consent to process your data, you can retract this consent, by sending an appropriate email to [email protected]

    Updates to our Notice

    We may update this privacy statement periodically, in accordance with the updates to relevant data protection laws. Such updates will not be notified, so it is advised you check the statement upon every purchase.