Privacy Policy

Last updated: August 25, 2025

1. Introduction

Crystal Domes ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit our website crystal-domes.com and use our services.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

  • Name and contact details (email address, phone number, postal address)
  • Payment information for course purchases
  • Communication preferences
  • Course progress and completion data
  • Feedback and survey responses

2.2 Technical Information

We automatically collect certain technical information, including:

  • IP address and browser type
  • Operating system and device information
  • Website usage data and analytics
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use your personal information for the following purposes:

  • Providing access to our shopping course and related services
  • Processing payments and managing your account
  • Sending course materials, updates, and educational content
  • Responding to your inquiries and providing customer support
  • Sending marketing communications (with your consent)
  • Improving our website and services
  • Complying with legal obligations

4. Legal Basis for Processing

Under UK GDPR, we process your personal data based on:

  • Contract: To fulfill our obligations under our terms of service
  • Consent: For marketing communications and non-essential cookies
  • Legitimate Interest: For website analytics and service improvement
  • Legal Obligation: To comply with applicable laws and regulations

5. Information Sharing and Disclosure

We do not sell, trade, or transfer your personal information to third parties, except:

  • With your explicit consent
  • To trusted service providers who assist in operating our website and services
  • When required by law or to protect our rights
  • In connection with a business merger, acquisition, or sale

5.1 Third-Party Services

We may use third-party services such as:

  • Payment processors for secure transactions
  • Email marketing platforms for newsletters
  • Analytics services to understand website usage
  • Customer support tools

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • SSL encryption for data transmission
  • Secure servers and regular security audits
  • Access controls and staff training
  • Regular backup and recovery procedures

7. Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this policy:

  • Course enrollment data: Retained for the duration of your access plus 7 years for tax purposes
  • Marketing communications: Until you unsubscribe
  • Website analytics: Anonymized after 26 months
  • Support inquiries: Retained for 3 years

8. Your Rights

Under UK GDPR, you have the following rights:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Data Portability: Request transfer of your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for marketing communications

To exercise these rights, contact us at [email protected].

9. Cookies and Tracking

Our website uses cookies to enhance your browsing experience. We categorize cookies as:

  • Essential Cookies: Necessary for website functionality
  • Analytics Cookies: Help us understand website usage
  • Marketing Cookies: Used for personalized advertising (with consent)

You can manage your cookie preferences through our cookie banner or browser settings.

10. International Transfers

Your personal data may be transferred to and processed in countries outside the UK. We ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard contractual clauses
  • Binding corporate rules
  • Certification schemes

11. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately.

12. Changes to This Policy

We may update this privacy policy periodically to reflect changes in our practices or applicable laws. We will notify you of significant changes by:

  • Posting the updated policy on our website
  • Sending an email notification to registered users
  • Displaying a prominent notice on our website

13. Contact Information

If you have questions about this privacy policy or our data practices, please contact us:

Crystal Domes
123 High Street
London, SW1A 1AA
United Kingdom

Email: [email protected]
Phone: +44 20 7946 0958

14. Supervisory Authority

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection matters:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Phone: 0303 123 1113
Website: ico.org.uk