Personal data and website privacy
Privacy and Cookie Policy
This policy explains how Understanding Academy collects, uses, protects and shares personal data when you visit our website, contact us, register for a course or join our educational community.
Last updated: 16 July 2026
1. Who Is Responsible for Your Personal Data?
Understanding Academy is responsible for the personal data described in this policy.
Understanding AcademyKeizersgracht 520H
1017 EK Amsterdam
The Netherlands
- KVK number: 80819842
- VAT ID: NL003492064B79
- Email: info@understanding-academy.com
- Telephone: +31 6 878 882 63
2. Personal Data We Collect
Depending on how you interact with us, we may collect:
- Your name and contact details.
- Your organisation, professional role and country.
- Your selected course, preferred dates and location.
- Information needed to prepare an invoice or process payment.
- Course attendance and certificate information.
- Messages and information you send by email, telephone or WhatsApp.
- Your email address and newsletter preferences.
- Accessibility, dietary or other support information that you voluntarily provide.
- Photographs, video or audio recordings when separate permission has been obtained.
- Technical information such as IP address, browser type, device information, requested pages and access times.
Please do not provide sensitive personal information unless it is necessary for us to make an appropriate course or accessibility arrangement.
3. How and Why We Use Personal Data
We may process personal data to:
- Respond to enquiries and provide information about our courses.
- Process course registrations and communicate with participants.
- Prepare programmes, attendance records and certificates.
- Provide mobility documentation and course-related support.
- Issue invoices and maintain legally required financial records.
- Process payments and monitor outstanding invoices.
- Send newsletters when a person has subscribed.
- Protect the security and operation of our website.
- Establish, exercise or defend legal claims.
- Comply with legal and regulatory obligations.
Depending on the situation, our legal basis for processing is:
- Taking requested steps before entering into a contract or performing a contract.
- Compliance with a legal obligation.
- Our legitimate interests in administering courses, responding to enquiries and protecting our services.
- Your consent, particularly for newsletters, optional photographs, marketing content and non-essential website technologies.
Where a participant’s organisation makes the booking, we may process participant information on the basis of our legitimate interest in administering the agreed course and mobility arrangements.
4. Course Registration and Participation
Our course registration form is provided through Google Forms. The Google Form is not loaded automatically when you visit the registration page.
You can choose to load the form within our website or open it directly in a new browser tab. In either case, your browser will connect to Google. Google may receive technical information such as your IP address, browser information and device information.
Information you enter into the form is transmitted to Google and made available to Understanding Academy for processing your registration, communicating with you and administering the selected course.
We may share necessary registration, attendance or certificate information with the participant's sending organisation when this is required for the booking, mobility documentation or course administration.
We do not sell participant information or provide it to unrelated organisations for their own marketing purposes.
6. Photographs, Video and Audio Recordings
We may take photographs or recordings during courses and cultural activities. We will request separate permission before using an identifiable participant’s image or recording for promotional purposes, including publication on our website or social media.
Refusing promotional photography will not affect a participant’s ability to attend a course.
Consent can be withdrawn by contacting us. Withdrawal does not make earlier lawful processing invalid, but we will consider requests to remove published material wherever reasonably possible.
8. External Service Providers
We use selected service providers to operate our website and educational services. Depending on how you use the website, these may include:
- Netlify for website hosting, delivery, security and technical logs.
- Google for the optional registration form, Google-hosted fonts and external links to Maps and reviewer profiles.
- Brevo for newsletter subscriptions and newsletter delivery.
- GTranslate for optional website translation activated by the visitor.
- SumUp and our bank for payment processing and financial administration.
- Padlet for access to our private Partnership Network.
- Content-delivery providers used to deliver Bootstrap, jQuery, Font Awesome and other technical website assets.
Padlet, WhatsApp, LinkedIn, Facebook, Instagram, Google Maps and Amazon are external websites. When you follow a link to one of these services, that provider processes information according to its own privacy policy.
We may also share necessary personal information with trainers, accountants, professional advisers, public authorities or a participant's sending organisation when required for course delivery, administration or legal compliance.
9. International Data Transfers
Some service providers may process information outside the European Economic Area. Where required, international transfers are protected through an adequacy decision, contractual safeguards or another transfer mechanism recognised under applicable data-protection law.
10. How Long We Retain Personal Data
We retain personal data only for as long as necessary for the relevant purpose or an applicable legal obligation.
- General enquiries that do not lead to a booking are normally retained for no longer than 24 months after the last contact.
- Course-registration and participation records are retained for as long as reasonably necessary for administration, documentation, certificate verification and possible claims.
- Invoices and relevant financial records are generally retained for seven years in accordance with Dutch record-keeping requirements.
- Newsletter information is retained until you unsubscribe or the newsletter service is discontinued.
- Photographs and recordings are reviewed periodically and retained while they remain relevant and the applicable permission remains valid.
- Technical logs are retained according to the security and retention settings of our hosting and service providers.
- The website's translation activation value is stored in session storage for the current browser tab and is normally removed when that tab is closed. After activation, GTranslate may use its own cookies or session technologies according to its privacy practices.
11. Your Privacy Rights
Subject to the conditions established by the GDPR, you may have the right to:
- Receive information about how your personal data is used.
- Request access to the personal data we hold about you.
- Ask us to correct inaccurate or incomplete information.
- Request deletion of information when there is no lawful reason to retain it.
- Request restriction of processing in certain circumstances.
- Object to processing based on legitimate interests.
- Object to direct marketing at any time.
- Withdraw consent at any time.
- Receive certain information in a structured, commonly used and machine-readable format where data portability applies.
These rights are not absolute. For example, we may need to retain information where Dutch law requires us to keep financial records.
We do not use personal data to make decisions based solely on automated processing that produce legal or similarly significant effects.
12. Data Security
We use reasonable technical and organisational measures to protect personal information against unauthorised access, loss, alteration or disclosure. Access is limited to people and providers who require the information for an authorised purpose.
No internet transmission or storage system can be guaranteed to be completely secure. Please contact us if you believe that personal information has been compromised.
13. Requests, Questions and Complaints
To exercise a privacy right or ask a question about this policy, contact:
info@understanding-academy.com
We may request additional information when reasonably necessary to verify your identity. We will normally respond without undue delay and within one month.
You also have the right to lodge a complaint with the Dutch Data Protection Authority: Autoriteit Persoonsgegevens .
14. Changes to This Policy
We may update this policy when our services, providers or legal obligations change. The most recent version will be published on this page together with its updated date.