top of page

Privacy
&
Data Policy

A legal disclaimer

At Global Dec Ltd, we are committed to handling your personal information with clarity, transparency and full respect for your privacy. This policy explains how we collect, use, store, transfer and protect your data when you visit our website, communicate with us, or engage any of our services. We operate under the United Kingdom’s data protection framework (UK GDPR, incorporated via the Data Protection Act 2018), and we also voluntarily align our practices with the European General Data Protection Regulation (Regulation EU 2016/679 – GDPR) due to the international scope of our activities

Personal Data We Collect

Depending on how you interact with us, we may collect and process the following information:

 

  • Contact details: your name, email address, phone number, billing address;

  • Booking data: the services requested, dates, language level or education background;

  • Communication records: emails, messages via WhatsApp, Telegram or contact forms;

  • Payment details: transaction references (handled via Stripe, PayPal or Wise — we do not store card data directly);

  • Sensitive information: in some cases, we may process personal data classified as “special category”, for example concerning health, language disorders, educational needs, or other context-specific matters relevant to our educational or consultancy work.

​

We never request or process sensitive data unless it is strictly necessary for the performance of the requested service, and we always handle it with heightened safeguards.

Legal Basis for Processing

We collect and process your data based on one or more of the following legal grounds:

 

  • Your explicit consent (e.g. when submitting forms or opting into communications);

  • Contractual necessity (e.g. to deliver a service you have requested);

  • Legal obligations (e.g. accounting, taxation, invoicing);

  • Our legitimate interest (e.g. to respond to your enquiries or improve user experience), provided this does not override your fundamental rights and freedoms.

​

You are never obliged to provide personal data, but please note that if you choose not to, we may be unable to offer certain services.

Data Retention

We retain your personal data only for as long as strictly necessary for the purposes for which it was collected:

 

  • Booking records and communications: up to 12 months after the last contact;

  • Invoices and financial transactions: 6 years (UK standard) for tax compliance;

  • Sensitive data: retained only for the duration of the service, and deleted within 30 days of termination unless legally required otherwise.

​

You may request deletion of your data at any time, subject to the legal limits mentioned above.

Third-Party Providers and Data Processors

In order to operate efficiently and securely, we rely on the following third-party platforms, all of which comply with UK and/or EU data protection standards:

 

  • Wix.com Ltd (website and contact form provider – servers located in the EU and US, certified under recognised frameworks);

  • Google LLC (Google Analytics – used to monitor and optimise site traffic, with anonymised IP settings enabled);

  • Stripe Payments UK Ltd, PayPal (Europe) S.à r.l., and Wise Payments Ltd (payment processors – all PCI DSS compliant);

  • Google Workspace (business communication and cloud storage – end-to-end encrypted).

​

We ensure that all third-party processors are contractually bound to protect your data and not to use it for purposes beyond the delivery of their services to us.

Data Transfers Outside the UK or EEA

Some of our service providers store or process data outside the UK and/or European Economic Area (EEA). Whenever this occurs, we ensure that adequate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or other recognised mechanisms that ensure lawful transfer and protection of your information.

 

We do not sell or trade your data. Ever.

Your Rights

As a data subject, you have the following rights:

 

  • To access the data we hold about you;

  • To correct inaccurate or incomplete data;

  • To request deletion (the “right to be forgotten”), when applicable;

  • To object to processing based on legitimate interest;

  • To request a restriction of processing or data portability.

​

You may exercise these rights by emailing us at office@global-dec.com. We aim to respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO), or with your national data protection authority if you are based in the EU.

Security Measures

We take data protection seriously. All systems are protected by password authentication, HTTPS encryption, and secure cloud environments. Access to personal data is limited to authorised personnel only. Sensitive information is subject to additional controls, including temporary storage and prompt deletion after service completion.

 

In the unlikely event of a data breach, we have protocols in place to notify affected individuals and regulatory bodies as required by law.

Cookies

This website uses cookies for essential functionality, performance analysis and service improvement. Some cookies are placed by third-party services such as Google Analytics. You may manage your cookie preferences through your browser settings. For more detail, please refer to our separate [Cookie Policy].

Updates and Contact

This policy may be updated occasionally to reflect changes in the law or our business model. The latest version will always be available on this page, with a revision date.

 

If you have any questions, please contact us at:

 

Global Dec Ltd

Company Number: 14242250

Registered Office: Oakwood Gardens, Consett, DH8 0BX, United Kingdom

Email: office@global-dec.com

bottom of page