New Money University™ GDPR Compliance & Data Protection Notice

Effective Date: September 5, 2025

New Money University (“we”, “us”, “our”) is committed to protecting the privacy and personal data of all users, including individuals located in the United Kingdom and the European Union. This GDPR Compliance & Data Protection Notice explains your rights under the General Data Protection Regulation (GDPR), how we process your data, and the safeguards we have in place.

This page should be read together with our Privacy Policy.

1. Data Controller Information

New Money University
Email: [email protected]
Website: www.newmoneyuniversity.com

We are the Data Controller for all personal information processed through our website and digital services.

2. What Personal Data We Collect

We may collect the following categories of personal data:

2.1 Information You Provide Directly

• Name

• Email address

• Phone number

• Billing information

• Account login details

• Messages or enquiries sent to us

• Information provided during course enrolment or coaching sessions
  

2.2 Automatically Collected Information

• IP address

• Device data

• Browser type

• Cookies and tracking data

• Usage and interaction statistics

• Location (approximate) based on IP
  

2.3 Data from Third Parties

• Payment processors

• Email marketing platforms

• Analytics tools

• Affiliate platforms
  

3. Legal Basis for Processing (GDPR Article 6)

We process personal data based on the following lawful grounds:

• Contractual Necessity: To provide course access, process payments, and deliver purchased services.

• Legitimate Interests: To improve services, maintain security, prevent fraud, and manage enquiries.

• Legal Obligations: To comply with tax, accounting, and regulatory requirements.

• Consent: For marketing communications, cookies, and newsletter sign-ups.
  

4. How We Use Your Data

Your personal data may be used for the following purposes:

• Providing access to courses, memberships, and coaching

• Processing payments and sending order confirmations

• Providing customer support

• Sending updates, newsletters, or marketing communications (with consent)

• Improving website experience through analytics

• Ensuring website security and detecting fraud

• Maintaining student records
  

5. Data Sharing & Third Parties

We may share personal data with selected third-party service providers, including:

• Payment processors (e.g., Stripe, PayPal)

• Email automation tools

• Analytics providers (e.g., Google Analytics)

• Cloud storage and hosting providers

• Affiliate tracking platforms

• Customer support tools
  

We do not sell personal data.

All third parties are required to comply with GDPR requirements and process data only on our instructions.

6. International Data Transfers

If your data is transferred outside the UK/EU:

• Transfers are made only to countries with an adequacy decision, or

• We use Standard Contractual Clauses (SCCs) or equivalent safeguards to ensure your data remains protected.
  

7. Data Retention

We retain personal data only as long as necessary for:

• Fulfilling contractual obligations

• Legal compliance (e.g., tax records)

• Resolving disputes

• Business operations
  

After retention periods end, data is securely deleted or anonymised.

8. Your GDPR Rights

You have the following rights under GDPR:

8.1 Right to Access

Request a copy of your personal data.

8.2 Right to Rectification

Request correction of inaccurate or incomplete data.

8.3 Right to Erasure (“Right to Be Forgotten”)

Request deletion of your personal data under certain conditions.

8.4 Right to Restrict Processing

Limit how your data is used.

8.5 Right to Data Portability

Receive your data in a structured, machine-readable format.

8.6 Right to Object

Object to processing based on legitimate interests or marketing.

8.7 Right to Withdraw Consent

You may withdraw marketing or cookie consent at any time.

8.8 Rights Related to Automated Decision-Making

We do not use data for automated decision-making or profiling that produces legal effects.

9. Exercising Your Rights

To exercise any of the above rights, contact us:

📩 [email protected]

We respond to all valid requests within 30 days as required by law.

10. Data Security

We implement appropriate technical and organisational measures to safeguard personal data, including:

• SSL encryption

• Secure authentication measures

• Access controls

• Data minimisation practices

• Staff confidentiality obligations

• Regular system monitoring and updates
  

11. Children’s Data

Our services are not intended for individuals under 18.

We do not knowingly collect children’s data. If you believe a minor has provided us information, please contact us immediately.

12. Updates to This GDPR Compliance Notice

We may update this notice periodically. Any changes will be posted on this page with a revised “Last Updated” date.