School of Biomagnetism
Privacy & Cookie Policy
Effective Date: 01 January 2026 | Last Updated: 25 March 2026
school-of-biomagnetism.com
This Privacy and Cookie Policy explains how the School of Biomagnetism ('we', 'us', 'our') collects, uses, stores, and protects your personal data when you visit our website at school-of-biomagnetism.com, register for our courses, or otherwise interact with us.
We are committed to complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR). Please read this policy carefully.
1. Who We Are
Data Controller:
School of Biomagnetism (operated by Mrs Faye Usher)
167-169 Great Portland Street, London, W1W 5PF, United Kingdom
Email: [email protected]
ICO Registration Reference: ZB992133
If you have any questions about how we handle your personal data, please contact us at the email address above.
2. What Personal Data We Collect
We collect personal data in the following categories:
2.1 Data You Provide Directly
Name, email address, and phone number — via contact forms, course enrolment, and booking forms
Billing and payment information — processed securely by Stripe (we do not store card details)
Communications — emails, messages, and enquiries you send to us
2.2 Data Collected Automatically
IP address, browser type, device type, operating system, and pages visited
Website usage data collected via cookies and tracking technologies (see Section 6)
Interaction data from advertising platforms (Meta Pixel, Google Ads conversion tracking)
Session recordings and heatmap data via Hotjar
We do not knowingly collect personal data from children under 18 years of age.
3. Lawful Basis for Processing
Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following:
- Contract performance — to process course enrolments, deliver course access, and handle purchases
- Legitimate interests — to improve our website and services, understand how users interact with our content, and prevent fraud
- Consent — for non-essential cookies and tracking technologies (e.g. analytics, advertising pixels), and for email marketing where required. You may withdraw consent at any time
- Legal obligation — where we are required to retain data by law (e.g. financial records)
4. How We Use Your Personal Data
- To process course enrolments and provide access to our learning platform
- To send you course-related communications, updates, and support
- To send you marketing emails about our courses and services (you can unsubscribe at any time)
- To improve our website and user experience using analytics data
- To deliver targeted advertising on Meta (Facebook/Instagram) and Google platforms
- To analyse website visitor behaviour using Hotjar (session recordings and heatmaps)
- To comply with legal and regulatory obligations
5. Third-Party Data Processors
We use the following trusted third-party services to process data on our behalf. Each operates under its own privacy policy and appropriate data processing agreements where required.
GoHighLevel (GHL)
Website hosting, CRM, email marketing, forms, landing pages, and course delivery. Data may be stored on servers in the United States under appropriate safeguards.
Privacy policy: https://www.gohighlevel.com/privacy-policy
Stripe
Secure payment processing. We do not store card or bank details on our systems.
Privacy policy: https://stripe.com/gb/privacy
Meta Platforms (Facebook / Instagram)
We use the Meta Pixel to measure the effectiveness of our advertising and to deliver targeted ads to people who have visited our site. Meta may use this data for its own purposes in accordance with its Data Policy.
Privacy policy: https://www.facebook.com/privacy/policy
Google (Analytics & Ads)
We use Google Analytics 4 to understand website traffic and user behaviour. We also use Google Ads conversion tracking to measure the performance of paid advertising campaigns.
Privacy policy: https://policies.google.com/privacy
Hotjar
We use Hotjar to record anonymised session data including mouse movements, clicks, and scrolling behaviour, to help us improve our website. Hotjar does not capture passwords or payment information.
Privacy policy: https://www.hotjar.com/legal/policies/privacy
To opt out of Hotjar tracking, visit: https://www.hotjar.com/legal/compliance/opt-out
ManyChat
We use ManyChat to automate Instagram DM interactions, including comment-to-DM flows, email and phone opt-ins, and links to our course pages. When you interact with our ManyChat flows via Instagram, ManyChat may collect your name, Instagram profile data, and any information you voluntarily provide (such as your email address or phone number). This data is used to respond to enquiries and to send information about our courses. Data collected via ManyChat may be passed into our GoHighLevel CRM.
Privacy policy: https://manychat.com/privacy
6. Cookies & Tracking Technologies
6.1 What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences, understand usage patterns, and deliver personalised content and advertising.
6.2 Types of Cookies We Use
Strictly Necessary Cookies
These are essential for the website to function and cannot be switched off. They include cookies set by our hosting platform (GoHighLevel) for security and session management. No consent is required for these.
Analytics Cookies
Set by: Google Analytics 4, Hotjar
Purpose: To understand how visitors use our website — pages visited, time spent, and navigation paths. This helps us improve our content and user experience.
Legal basis: Consent
Marketing & Advertising Cookies
Set by: Meta Pixel, Google Ads
Purpose: To track conversions from our advertising campaigns, build retargeting audiences, and deliver relevant ads to people who have visited our website.
Legal basis: Consent
6.3 Managing Your Cookie Preferences
When you first visit our website, you will be presented with a cookie consent banner. You may accept all cookies, reject non-essential cookies, or customise your preferences. You can update your preferences at any time by clicking the cookie settings link in our website footer.
You can also manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of the website. For guidance on controlling cookies in popular browsers, visit:
Google Chrome: https://support.google.com/chrome/answer/95647
Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies
Safari: https://support.apple.com/en-gb/guide/safari/sfri11471/mac
Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge
To opt out of Google Analytics tracking specifically, you can use the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout
To opt out of Meta's advertising tracking, visit: https://www.facebook.com/adpreferences/ad_settings
To opt out of ManyChat data collection, you can contact us directly or block ManyChat via your Meta privacy settings.
7. Data Sharing & Disclosure
We do not sell your personal data. We may share data in the following limited circumstances:
With our third-party processors listed in Section 5, strictly as necessary to deliver our services
With members of our support team or wider network who assist with customer service (e.g. access to enquiries sent to [email protected])
Where required by law, regulation, or court order
In the event of a business transfer, merger, or acquisition
8. International Data Transfers
Some of our third-party processors (including GoHighLevel and Meta) store or process data outside the United Kingdom and European Economic Area. Where this occurs, we ensure that appropriate safeguards are in place, such as:
Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office
Transfers to countries with an adequacy decision from the UK Government
By using our website, you acknowledge that your data may be transferred to countries outside the UK, subject to these protections.
9. How Long We Keep Your Data
Course enrolment and transactional records: 7 years (required for tax and legal compliance)
Marketing email records: Until you unsubscribe, plus 12 months
Contact form enquiries: 2 years from last contact
Website analytics data: Up to 26 months (in line with Google Analytics default)
Hotjar session recordings: 365 days
When data is no longer needed, it is securely deleted or anonymised.
10. Your Rights Under UK GDPR
You have the following rights in relation to your personal data:
Right of access — to request a copy of the personal data we hold about you
Right to rectification — to ask us to correct inaccurate or incomplete data
Right to erasure — to request deletion of your personal data in certain circumstances
Right to restrict processing — to ask us to limit how we use your data
Right to data portability — to receive your data in a structured, machine-readable format
Right to object — to object to processing based on legitimate interests or for direct marketing
Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing
To exercise any of these rights, please contact us at: [email protected]
We will respond within one calendar month. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe your data rights have been infringed:
ICO website: https://ico.org.uk | ICO helpline: 0303 123 1113
11. Data Security
We take reasonable technical and organisational measures to protect your personal data, including SSL/TLS encryption on all data transmitted via our website, access controls on our systems, and secure third-party processors.
However, no method of transmission over the internet is completely secure. If you have concerns about the security of your data, please contact us immediately.
12. Email Marketing
We send marketing emails to people who have opted in via our website forms or purchased from us. Every marketing email includes an unsubscribe link. You may also opt out at any time by emailing [email protected].
We use GoHighLevel to manage our email list and communications. Data held in our mailing list is subject to GoHighLevel's data processing terms.
13. Updates to This Policy
We may update this policy from time to time to reflect changes in our practices or legal requirements. Significant changes will be communicated via email or a notice on our website. The effective date at the top of this policy will always reflect the most recent version. We encourage you to review this policy periodically.
14. Contact Us
If you have any questions, concerns, or requests relating to this policy or your personal data, please contact:
School of Biomagnetism
167-169 Great Portland Street, London, W1W 5PF
Email: [email protected]
Website: school-of-biomagnetism.com