Privacy Policy

Last updated: 5th January 2026

This Privacy Policy explains how English with Jade ("I", "me", or "the company") collects, uses, and protects your personal data when you visit my website, book classes, purchase class packs, or communicate with me.

As a business registered in Spain, I comply with the General Data Protection Regulation (GDPR) and Spain’s Organic Law 3/2018 (LOPDGDD).

1. Data Controller

English with Jade
Jade McDonald
Email: jade@englishwithjade.com

I am the Data Controller responsible for deciding how your personal data is used

2. Personal Data I Collect

Information you provide directly

• Name

• Email address

• Phone number (if provided)

• Booking information

• Payment information (processed securely by third‑party providers)

• Messages or emails you send me

Information collected automatically

• IP address

• Browser type

• Website usage data

• Cookies (see section below)

3. How I Use Your Data

I process your data only for legitimate purposes, including:

• Managing bookings and class schedules

• Delivering lessons and educational services

• Processing payments and invoices

• Communicating with you about classes or support

• Sending updates or relevant information (only with your consent)

• Improving my website and services

4. Legal Basis for Processing

Under GDPR and Spanish law, I rely on the following legal bases:

• Contractual necessity — to provide the classes or services you have purchased

• Legitimate interest — to manage my business and prevent misuse

• Legal obligation — for accounting and tax requirements

• Consent — for optional communications such as newsletters

5. Data Retention

I keep your data only as long as necessary:

• Booking and class information: 6 years (legal accounting requirement in Spain)

• Emails and messages: up to 2 years

• Class pack usage records: 6 months after expiry

• Marketing emails: until you unsubscribe

6. Who I Share Your Data With

I only share your data with trusted third‑party service providers when necessary:

• Payment processors (e.g., Stripe, PayPal)

• Booking platforms (e.g., Calendly, Jotform)

• Email service providers

• Website hosting provider

These providers comply with GDPR and process data securely on my behalf.

I do not sell or share your data with any other third parties.

7. International Transfers

If any service provider stores data outside the EU, transfers are protected by:

• Standard Contractual Clauses (SCCs), or

• Adequacy decisions approved by the European Commission

8. Your Rights

Under GDPR and Spanish law, you have the right to:

• Access your personal data

• Correct inaccurate data

• Request deletion

• Restrict processing

• Object to processing

• Request data portability

• Withdraw consent at any time

• File a complaint with the Spanish Data Protection Authority (AEPD)

To exercise your rights, contact me at: [your email]

9. Cookies

My website uses cookies to:

• Improve functionality

• Analyse website traffic

• Enhance user experience

You can manage or disable cookies through your browser settings.

10. Security

I take appropriate technical and organisational measures to protect your data from:

• Loss

• Misuse

• Unauthorised access

• Disclosure

However, no online system is 100% secure.

11. Children’s Privacy

My services are designed for adults. However, in some cases I may accept students aged 16–17. In these situations, where a student has declared their age to me, I require parental or legal guardian consent for data processing and for participation in lessons. All communication, scheduling, and lesson content must remain strictly professional, and I reserve the right to refuse or discontinue lessons if these standards are not met. 

12. Changes to This Policy

I may update this Privacy Policy from time to time. The latest version will always be available on this page.