PRIVACY POLICY - Last updated: May 2026

This Privacy Policy explains how I, Victoria Phipps, trading as Victoria Phipps Courses, collect, use and protect your personal data when you visit victoriaphippscourses.com or purchase my courses and programmes.

I am committed to handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who I Am

I am Victoria Phipps, a sole trader based in the United Kingdom, trading as Victoria Phipps Courses. As the data controller, I am responsible for your personal data. If you have any questions about this policy or how I handle your data, please contact me at [email protected].

2. What Personal Data I Collect

I may collect the following types of personal data:

       Name and email address (when you sign up to my mailing list, join the waitlist or purchase a course)

       Billing information such as your name and address (processed securely via my payment provider — I do not store your card details)

       Communications you send to me, such as emails or messages

       Website usage data, such as pages visited, time on site and how you arrived at my website (collected via cookies and analytics tools)

 

3. How I Use Your Data

I use your personal data to:

       Deliver courses, programmes and content you have purchased or enrolled in

       Send you emails about my courses, launches and resources — but only if you have opted in or I have a legitimate interest as your course provider

       Process payments and manage your account

       Respond to your enquiries and provide customer support

       Improve my website and understand how visitors use it

       Meet my legal and regulatory obligations

 

4. My Legal Basis for Processing

Under UK GDPR, I rely on the following lawful bases:

       Contract: to fulfil a purchase or enrolment you have made

       Legitimate interests: to improve my services and communicate with existing customers

       Consent: to send marketing emails to those who have opted in

       Legal obligation: where I am required to process data to comply with the law

 

5. Third-Party Services

I use the following third-party platforms to run my business. Each has its own privacy policy and data practices:

       Mastermind Business System (US-based): my course delivery, email marketing and payment processing platform. Your data may be transferred to and stored in the United States. Where this occurs, appropriate safeguards are in place in line with UK GDPR requirements.

       Meta (Facebook/Instagram): I use the Meta Pixel to track website activity and deliver relevant advertising on Facebook and Instagram. You can manage your ad preferences via your Facebook settings.

       Google: I may use Google services for analytics and advertising. You can opt out of Google Analytics tracking via your browser settings or Google’s opt-out tools.

I do not sell your personal data to any third party.

6. Cookies

My website uses cookies — small text files stored on your device — to help me understand how visitors use the site and to deliver relevant advertising.

The types of cookies I use include:

       Essential cookies: required for the website to function correctly

       Analytics cookies: to help me understand visitor behaviour (e.g. pages visited, session duration)

       Marketing cookies: used by Meta and other advertising platforms to show relevant ads

You can control cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of the website.

7. How Long I Keep Your Data

I retain your personal data only for as long as necessary. Customer records are kept for up to seven years to comply with HMRC requirements. Email marketing data is retained until you unsubscribe or ask me to remove you. Website analytics data is typically retained for up to 26 months.

8. Your Rights

Under UK GDPR, you have the right to:

       Access the personal data I hold about you

       Request correction of inaccurate data

       Request deletion of your data (the ‘right to be forgotten’)

       Object to or restrict how I process your data

       Withdraw consent at any time (where processing is based on consent)

       Data portability — to receive your data in a structured, machine-readable format

       Lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk

To exercise any of these rights, please contact me at [email protected]. I will respond within 30 days.

9. Data Security

I take the security of your personal data seriously. My platform uses industry-standard security measures including SSL encryption. Payment information is handled directly by my payment processor and is never stored on my servers.

10. Changes to This Policy

I may update this Privacy Policy from time to time. When I do, I will update the date at the top of this page. I encourage you to review this policy periodically.

11. Contact Me

If you have any questions about this Privacy Policy or how I handle your data, please get in touch:

Email: [email protected]

Website: victoriaphippscourses.com

If you are not satisfied with my response, you have the right to complain to the Information Commissioner’s Office (ICO): ico.org.uk | 0303 123 1113

© 2026 Victoria Phipps - All rights reserved