Privacy Policy

This Privacy Policy explains how Islington Partners LTD ("we", "us", or "our") collects, uses, and protects personal information through Client Guard Academy (the "Service"), accessible at https://clientguardacademy.com and related domains.

The Service provides cyber security and AI safety awareness training for accounting firms and professional services businesses, including online training courses, quizzes, team invitations, completion tracking, admin dashboards, and training records.

1. Who We Are

Islington Partners LTD is a UK company providing online cyber security and AI safety awareness training software for accounting firms and professional services businesses.

2. What Information We Collect

2.1 Account Information

When users create an account or are invited to the Service, we may collect:

• Full name
• Email address
• Password, stored in encrypted form
• Firm or organisation name
• Role within the firm or organisation
• Account permissions, such as owner, admin, or team member

2.2 Training and Progress Data

To provide the training platform, we may collect and process:

• Course enrolment details
• Lessons viewed or completed
• Quiz responses
• Quiz scores and pass/fail status
• Training completion status
• Completion certificates or training records
• Dates and times of training activity

2.3 Firm and Team Data

Firm owners or administrators may provide information about their organisation and team, including:

• Firm name
• Website
• Firm size
• Team member names and email addresses
• User roles and permissions
• Training progress for invited team members

2.4 Payment and Subscription Data

Where the Service includes paid subscriptions, we may collect and process:

• Subscription plan
• Billing status
• Payment confirmation details
• Invoice and renewal information
• Discount or promotion code usage

Payments are processed by third-party payment providers such as Stripe. We do not store full card details on our own systems.

2.5 Usage Data

We may automatically collect technical and usage information, including:

• IP address
• Browser type
• Device type
• Operating system
• Pages visited
• Actions taken within the Service
• Login activity
• Error logs and diagnostic information

3. How We Use Your Information

We use personal information to:

• Provide, maintain, and improve the Service
• Create and manage user accounts
• Allow firm administrators to invite and manage team members
• Deliver cyber security and AI safety training
• Track course, lesson, and quiz completion
• Generate completion records and certificates
• Process subscriptions and payments
• Provide customer support
• Monitor platform performance and security
• Prevent misuse, fraud, or unauthorised access
• Send service-related emails, such as invitations, account notifications, completion reminders, and billing updates
• Send marketing communications where permitted by law or where consent has been provided
• Comply with legal, regulatory, tax, and accounting obligations

4. Legal Basis for Processing

Where UK GDPR or EU GDPR applies, we process personal data based on one or more of the following legal bases:

• Contractual necessity: to provide the Service and manage user accounts, subscriptions, training records, and platform access.
• Legitimate interests: to improve the Service, support users, maintain security, prevent fraud, and develop our business.
• Consent: for certain marketing communications or optional tracking where required.
• Legal obligations: to comply with tax, accounting, regulatory, and legal record-keeping requirements.

5. Data Storage and Security

We take appropriate technical and organisational measures to protect personal information. These may include:

• Encrypted passwords
• HTTPS encryption in transit
• Access controls and role-based permissions
• Secure hosting infrastructure
• Database backups
• Logging and monitoring
• Restricted access to production systems
• Use of reputable third-party service providers

Data may be stored using cloud infrastructure and service providers located in the UK, European Economic Area, United States, or other jurisdictions where our service providers operate.

Although we take reasonable steps to protect personal information, no system can be guaranteed to be completely secure.

6. Sharing Your Information

We may share personal information with trusted third parties where necessary to provide and operate the Service. These may include:

• Hosting and infrastructure providers
• Payment processors, such as Stripe
• Email delivery providers
• Analytics and monitoring providers
• Customer support and operational tools
• Professional advisers, such as accountants, lawyers, or auditors
• Regulators, law enforcement, or public authorities where required by law

We do not sell personal information to third parties.

Firm administrators may be able to view training progress, quiz completion, certificates, and account activity for users within their own firm account.

7. International Transfers

Personal information may be transferred to, stored, or processed outside your country of residence.

Where required by law, we use appropriate safeguards for international transfers, such as Standard Contractual Clauses or equivalent lawful transfer mechanisms.

8. Retention Periods

We retain personal information for as long as necessary to provide the Service, maintain training records, comply with legal obligations, resolve disputes, enforce agreements, and maintain business records.

Training completion records may be retained for the duration of the firm's account and for a reasonable period afterwards, so firms can evidence staff training and compliance.

Account data is normally deleted or anonymised within 60 days of account termination, unless:

• A longer retention period is required by law
• The customer requests extended retention
• The data is needed for legitimate business, legal, security, or accounting purposes

9. Your Rights

Depending on your jurisdiction, including under UK GDPR, EU GDPR, or applicable US privacy laws, you may have rights relating to your personal information. These may include the right to:

• Access your personal information
• Request a copy of your data
• Correct inaccurate or incomplete information
• Request deletion of your information
• Object to certain processing
• Restrict certain processing
• Withdraw consent where processing is based on consent
• Request data portability
• Complain to a data protection authority

You can exercise these rights by contacting us at: office@islingtonpartners.com

If your account is managed by your employer or firm, we may direct certain requests to your firm administrator where appropriate.

10. Cookies and Tracking

We use cookies and similar technologies for authentication, security, user experience, analytics, and platform performance. Cookies may be used to:

• Keep users logged in
• Remember preferences
• Protect against fraud and misuse
• Understand how users interact with the Service
• Improve the website and platform

For more information, please see our Cookies Policy.

11. Children's Privacy

The Service is intended for use by businesses and professional organisations. It is not intended for children under 16, and we do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, technical, operational, or business changes.

If we make significant changes, we may notify users by email, in-app notification, or by posting a notice on the website.

The updated version will be effective from the date stated at the top of the policy.

13. Contact Us

If you have questions about this Privacy Policy or how we handle personal information, contact us at:

Islington Partners LTD
Email: office@islingtonpartners.com
Registered Address: Friarswood, Chipperfield Road, Kings Langley, Hertfordshire, England, WD4 9JB