This policy explains what personal data Fortifise collects, why we collect it, how we use it, and the rights you have over it. We keep what we collect to a minimum.
1.Who is responsible for your data
Fortifise is a trading name of Jonathan Lewington, a sole trader based in the United Kingdom. For the purposes of UK data protection law, we are the "data controller" for the personal data described here. You can reach us about any privacy matter at hello@fortifise.com.
2.What we collect and why
When you contact or enquire with us
If you email us or use the "Get branded course" enquiry on our site, we receive your name, email address, organisation name and anything you choose to tell us. We use this to respond to you and to provide what you have asked for.
When you buy a course
Payments are handled by Stripe. We do not receive or store your full card details. We do receive confirmation of your purchase and associated details such as your name, email and billing information, which we use to fulfil your order, provide support, and keep proper financial records.
When we reach out to businesses
We may collect publicly available business contact details (such as a company name, a role-based or named work email, and a website) in order to introduce our training to organisations we think it could help. We only use this for considered, relevant business-to-business outreach, and we stop contacting anyone who asks us to.
When you visit our website
Our website is deliberately lightweight. We do not use advertising or tracking cookies. Our pages load the Sora typeface from Google Fonts, which means your browser contacts Google to fetch the font; this may expose your IP address to Google as part of serving the font. We use Google Search Console to understand how our site performs in search, which provides us with aggregated, non-identifying information.
3.Our legal bases
- Performance of a contract: to take payment for and deliver a course you have ordered, and to provide support.
- Legitimate interests: to respond to enquiries, run and improve our small business, and carry out proportionate business-to-business outreach. You can object to processing based on legitimate interests at any time.
- Legal obligation: to keep financial and tax records as the law requires.
- Consent: where we ask for it specifically; you can withdraw consent at any time.
4.Who we share data with
We do not sell your data. We share it only with service providers that help us run Fortifise, and only as needed:
- Stripe: to process payments.
- Zoho Mail: our email provider, used to send and receive correspondence.
- Cloudflare: hosts our website.
- Google: fonts and Search Console, as described above.
Some of these providers operate outside the UK. Where data is transferred internationally, it is protected by the safeguards those providers have in place (such as standard contractual clauses or equivalent approved mechanisms).
5.How long we keep it
We keep purchase and financial records for as long as the law requires (generally up to six years). We keep enquiry correspondence for as long as needed to deal with your query and a reasonable period afterwards, then delete it. Business outreach contact details are kept only while relevant and are removed on request.
6.Your rights
Under UK data protection law you have the right to:
- Ask for a copy of the personal data we hold about you;
- Ask us to correct data that is wrong or incomplete;
- Ask us to delete your data, where there is no legal reason to keep it;
- Object to, or ask us to restrict, certain processing;
- Ask us to transfer your data to another provider, where applicable;
- Withdraw consent where we relied on it.
To exercise any of these, email hello@fortifise.com. We will respond within the time the law allows.
7.Complaints
If you are unhappy with how we have handled your data, please tell us first so we can try to fix it. You also have the right to complain to the UK's data protection regulator, the Information Commissioner's Office (ICO), at ico.org.uk.
8.Changes to this policy
We may update this policy from time to time. The current version is dated at the top of this page.