1. Who we are
Suggested text: Our website address is: https://fastguitaracademy.com.
Data-controller details
| Legal entity | Monster Trax Studio Ltd |
| Company no. | 069 82 344 (England & Wales) |
| privacy@fastguitaracademy.com | |
| Postal address | Monster Trax Studio, Thorpe, Newark NG23 5PX, UK |
2. What data we collect & why
| Activity | Data collected | Purpose / lawful basis |
|---|---|---|
| Account creation / checkout(WooCommerce or SureCart) | Name, email, postal address, payment token, IP | Contract – to deliver your course and process payment. |
| Course activity (LearnDash) | Progress, quiz scores, completion dates | Legitimate interest – to run the academy, issue certificates and improve lessons. |
| Comments | Data you enter, IP, browser user-agent | Legitimate interest – spam detection & community safety. |
| Contact / support forms | Name, email, message content | Contract – to answer your query. |
| Marketing opt-in | Email, first name, course tags | Consent – to send tips & offers; you can unsubscribe any time. |
| Analytics (Google Analytics 4, cookieless) | Anonymised IP (truncated), device type, pages viewed | Legitimate interest – site optimisation; no personal identification. |
| Chat widget (Tawk.to) | Name/email if you choose to provide it | Consent – real-time support. |
We never store raw payment card numbers; Stripe processes all payments on PCI-DSS-compliant servers
3. Comments
When you leave a comment we store the data shown in the form plus your IP and browser user-agent to help with spam detection. An anonymised hash of your email may be sent to Gravatar to fetch your avatar (see Automattic’s policy: https://automattic.com/privacy/). After approval your profile picture becomes public next to your comment.
3. Comments
4. Media uploads
Avoid uploading images containing EXIF GPS location data. Visitors can download and extract location data from images on the site.
5.Cookies
| Cookie | Duration | Purpose |
|---|---|---|
| comment_author_* | 1 year | Remembers your details for next comment (opt-in). |
| wordpress_logged_in_* | 2 days / 14 days with “Remember Me” | Keeps you logged into your student account. |
| wp-settings-* | 1 year | Saves screen-display choices. |
| ga_* (GA4) | up to 2 years | Anonymous analytics. |
| tawk_uuid_* | 6 months | Maintains chat session history. |
You can delete cookies in your browser or block them altogether, but the site may not function as intended.
6. Embedded content
Articles may include embedded videos, images or posts from third-party sites (e.g. YouTube). Embedded content behaves exactly as if you had visited that site directly; it may collect data, use cookies and track interaction if you are logged in to that service.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
7. Who we share your data with
We share data only with service providers necessary to run FGA:
| Provider | Data shared | Location & safeguards |
|---|---|---|
| Stripe (payments) | Name, email, order amount, IP | EU & US – Standard Contractual Clauses (SCCs) |
| WooCommerce / SureCart | Order meta, licence keys | EU servers |
| ConvertKit / HighLevel (email) | Name, email, course tags | US – SCCs |
| Amazon SES (transactional email) | Email address | EU region |
| Google Analytics 4 | Anonymised IP, device info | EU data-control mode enabled |
| Tawk.to (chat) | Name/email (if given), chat transcript | EU servers |
We never sell your data. Access is limited by role-based permissions.
8.How long we retain your data
Comments – indefinitely, so we can recognise follow-ups automatically.
Learner records – until you request deletion, or six years after your last order (legal/accounting requirement).
Support tickets – two years, then purged.
Marketing list – until you unsubscribe or your address hard-bounces.
9. Your rights
Under UK/EU GDPR you can:
- Access – ask for a copy of the data we hold.
- Rectify – correct inaccurate or incomplete data.
- Erase – request deletion (unless we must keep it for legal reasons).
- Restrict or object – to certain processing.
- Port – receive your data in a structured, machine-readable format.
Email privacy@fastguitaracademy.com and we’ll respond within 30 days.
If you believe we’re mishandling your data, you have the right to lodge a complaint with the UK ICO (https://ico.org.uk).
10. Where your data is sent
Visitor comments may be checked through Akismet automated spam detection (Automattic servers in the US). Email addresses for course access are sent to our email platform (ConvertKit/HighLevel) on US servers covered by SCC
11. How we protect your data
- SSL/TLS encryption across the entire site
- Two-factor admin logins
- Server-level firewalls & malware scanning
- Least-privilege user roles inside WordPress & Stripe
- Encrypted off-site backups stored in the UK / EU
12. Changes to this policy
We’ll update this page if regulations or our practices change. Significant changes will be announced via email to registered users.
Questions?
Email us at privacy@fastguitaracademy.com – we’re happy to clarify anything.