Last updated: 27 May 2026
Introduction
This privacy notice explains how The Law Academy collects, uses, stores, shares and
protects personal data when you use our website, microsites, online enquiry and enrolment
forms, and related online learning services.
For the purposes of UK data protection law, The Law Academy Limited is the controller of
the personal data covered by this notice. If you have any questions about this notice, or want
to exercise your rights, please contact us at The Law Academy Limited, The Plaza, 100 Old
Hall Street, Liverpool L3 9QJ, by telephone on 0151 227 2666, or by email at
info@thelawacademy.co.uk.
Personal data we collect:
Website enquiries and course information
When you ask about a course or request information, we may collect your name, email
address, phone number, previous qualifications, employer details where relevant, and any
other information you choose to share with us. We use this information to reply to your
enquiry, advise on course suitability, support you before enrolment, and keep a record of our
communications with you.
This information is shared internally only where needed and is stored securely in Google
Workspace and related systems. If you do not enrol during the same academic year, we will
normally delete your details at the end of that year unless we have a lawful reason to keep
them for longer.
Applying and studying with us
When you apply or enrol, we may collect your identification and contact details, address,
course and membership information, previous qualifications, employer details where
relevant, and health or learning support information where needed to support your studies or
assessments. Most of this information will come directly from you, but where your employer
is funding your studies, we may also receive relevant information from that employer.
How we use your personal data and our lawful bases
We use personal data in different ways depending on why you interact with us. If you ask
about a course or request information, we use your personal data to respond to you, advise
on course suitability and support you before enrolment. We normally do this because it is
necessary to take steps at your request before entering into a contract, and also because it
is in our legitimate interests to manage enquiries and promote our training services in a
targeted and proportionate way.
If you apply or enrol, we use your personal data to administer your application, deliver
teaching and learning support, manage attendance and assessments, communicate with
you, and maintain student records. This is usually necessary for our contract with you and to
comply with legal obligations such as accounting, tax and regulatory requirements. We may
also rely on our legitimate interests to keep appropriate records, protect our systems,
improve our services, and manage our day-to-day operations in ways people would
reasonably expect and that have a limited privacy impact. Where we process health or
learning support information, we will do so only where there is a valid special category
condition, such as your explicit consent or another condition permitted by UK data protection
law, and with appropriate safeguards in place. If we send electronic marketing, we will do so
only where there is a compliant route under PECR, such as valid consent or another route
permitted by law.
How we share and store personal data
We collect personal data directly from you through our website, online enquiry and
enrolment forms, email, and online learning interactions. We store it in business systems
used to support our services, including Google Workspace and Zoom where relevant for
online learning.
We use service providers to host systems, support teaching delivery, process payments, and
provide IT and cloud services. When we use third-party providers, we put appropriate
contractual, technical and organisational safeguards in place.
We may share personal data with tutors, awarding or accreditation bodies, funding
employers where relevant and lawful, professional advisers, payment providers, IT and cloud
service providers, and public authorities where disclosure is required by law or necessary to
protect rights, safety or our legitimate interests.
We keep personal data only for as long as reasonably necessary for the purposes for which
it was collected and in line with our retention schedule. Retention periods may reflect
academic administration needs, legal and regulatory requirements, accounting and tax rules,
complaint handling, limitation periods, and any ongoing need to verify prior study or
examination outcomes.
Where appropriate, we may retain core student record information for longer to support
continuing or returning study, provide references or verification, address complaints or
claims, and meet legal, regulatory or business record-keeping requirements.
International transfers
Some of our service providers may handle personal data outside the UK. Where that
happens, we will check whether UK data protection law treats this as a restricted transfer
and, if so, we will use an appropriate safeguard such as UK adequacy regulations, the UK
International Data Transfer Agreement (IDTA) or the UK Addendum. We will also take
reasonable and proportionate steps to make sure the recipient protects personal data to an
appropriate standard.
Roles and responsibilities
The Law Academy is responsible for deciding how and why personal data is used and for
making sure appropriate privacy, security and governance measures are in place. Staff,
tutors, contractors and service providers who handle personal data on our behalf must do so
in line with our instructions, confidentiality requirements and applicable legal obligations.
Helen Miller is the contact for subject access requests, data protection queries and complaints.
Cookies, analytics and marketing
Our websites and microsites use cookies and similar technologies for core site functions,
analytics and limited marketing. Where the law requires consent, we will ask for it before
setting non-essential cookies or similar technologies. Where we rely on a legal exception,
such as certain limited statistical analytics used only to improve our website or services, we
will provide clear information and a simple, free way for you to object.
• Essential cookies may be used where needed to provide website functions requested by
you.
• Analytics technologies will be used only in line with applicable legal requirements. If an
analytics tool is used only for limited statistical purposes to help us improve our website
or services, we may rely on a legal exception where available, but we will still explain this
clearly and provide a simple way to object.
• You can update your cookie preferences using the options made available on our
websites.
• If you choose to receive marketing from us, or if we contact you using another route
permitted by PECR, you can opt out at any time using the unsubscribe option in the
message or by contacting us.
• We will keep our cookie information and marketing preferences processes under review
and update them when needed.
Your rights and how to complain
Under UK data protection law, you have rights over your personal data, subject to certain
exemptions. These may include the right to be informed, the right of access, the right to
rectification, the right to erasure, the right to restrict processing, the right to data portability,
the right to object, and rights relating to automated decision-making where applicable.
If you want to exercise any of your rights, or if you have a concern about how we use your
personal data, please contact info@thelawacademy.co.uk in the first instance. We will
review and respond within the timescales required by law. If you remain dissatisfied, you
have the right to complain to the Information Commissioner’s Office (ICO).
We may update this privacy notice from time to time to reflect changes in our services,
systems or legal obligations. The latest version will always be available on our website.