Privacy Policy

Launch offer: Certificates are currently free when you create a free account and log in. Log in for free access

Privacy Policy

1. Introduction

This Privacy Policy explains how Mecourse Lifelong Learning ("Mecourse", "we", "our", or "us") collects and uses personal data when you use the Mecourse Lifelong Learning website ("Website").

The controller for the Website is Mecourse Lifelong Learning.

This policy should be read alongside our Terms and Conditions, Cookie Policy, Data Retention & Deletion Policy, and other policies published on the Website.

2. Personal data we collect

We may collect and use the following types of personal data:

  • account details, such as your name, email address, login details, account status, and email verification records;
  • learning activity, such as course page views, course progress, assessment attempts, answers, scores, pass or fail status, and course completion records;
  • CPD certificate information, such as your name as shown on the certificate, course title, award date, expiry date, certificate code, QR code or verification link, and certificate status;
  • feedback, error reports, enquiries, and support messages you choose to send to us;
  • text or messages you submit to AI-assisted features, where you choose to use those features;
  • technical and security data, such as IP address, browser and device information, session data, cookies, request logs, timestamps, and security or audit records.

We do not ask ordinary users to provide a postal address or telephone number for the free public beta.

3. How we use your personal data

We use personal data to:

  • create and manage user accounts;
  • authenticate users and keep accounts secure;
  • provide course access, progress tracking, assessments, and CPD certificates;
  • issue, display, manage, and verify CPD certificates;
  • respond to enquiries, feedback, error reports, and support requests;
  • operate, test, secure, monitor, and improve the Website;
  • detect and prevent misuse, fraud, technical problems, or security issues;
  • provide AI-assisted features where you choose to use them;
  • comply with legal obligations and protect our legal rights.

4. Lawful basis for processing

Depending on the context, we may rely on the following lawful bases under UK data protection law:

  • contract, where processing is needed to provide account-based features, learning records, assessments, or certificates;
  • legitimate interests, where processing is needed to operate, secure, improve, and protect the Website, respond to users, maintain certificate verification, and prevent misuse;
  • consent, where we ask for consent for a specific purpose;
  • legal obligation, where processing is needed to comply with the law.

5. Certificate verification

CPD certificates may include a certificate code, QR code, or verification link.

A certificate verification page may be accessed by anyone who has the certificate code, QR code, or verification link. It may show information needed to verify the certificate, such as the learner name, course title, award date, expiry date, certificate code, and whether the certificate is valid or expired.

Expired certificates may remain available for historic verification, but they should be treated as expired from the expiry date shown on the certificate.

6. Account deletion and certificate records

If your account is closed or deleted, we may retain limited certificate records where necessary to support certificate verification, regulatory evidence, audit, fraud prevention, dispute handling, or legal obligations.

Limited certificate records may include information such as your name as shown on the certificate, course title, award date, expiry date, certificate code, and certificate snapshot.

Further information is provided in our Data Retention & Deletion Policy.

7. AI-assisted features

The Website may include AI-assisted features, such as learning support, feedback support, reflection prompts, or content tools.

If you use an AI-assisted feature, the text you submit and related context may be processed by AI service providers, such as OpenAI, so that the feature can work.

You should not submit information to AI-assisted features that you do not want processed for that purpose.

8. Sharing personal data

We do not sell or rent your personal data.

We may share personal data where necessary with:

  • service providers who help us operate the Website, such as hosting, database, email, security, support, and AI service providers;
  • certificate verifiers who use a certificate code, QR code, or verification link;
  • professional advisers, insurers, or technical advisers where needed;
  • regulators, public authorities, courts, or other third parties where required by law or necessary to protect rights, safety, security, or the integrity of the Website.

9. International processing

Some service providers may process personal data outside the UK.

Where this happens, we will take steps intended to ensure that personal data is protected in line with applicable data protection law.

10. Cookies and sessions

We use cookies and similar technologies for essential website functions, including login sessions, security, and site operation.

Further information is provided in our Cookie Policy.

11. Security

We use technical and organisational measures intended to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.

No online service can be guaranteed to be completely secure, so you should keep your login details confidential and tell us promptly if you believe your account has been accessed without permission.

12. Data retention

We keep personal data only for as long as needed for the purposes described in this policy, unless a longer period is required or permitted by law.

Retention periods may vary depending on the type of data and why it is held. Certificate records may be retained for longer where needed for verification, regulatory evidence, audit, fraud prevention, dispute handling, or legal obligations.

Further information is provided in our Data Retention & Deletion Policy.

13. Your rights

Under UK data protection law, you may have rights to:

  • access your personal data;
  • correct inaccurate personal data;
  • request deletion of personal data;
  • restrict or object to certain processing;
  • request data portability in some circumstances;
  • withdraw consent where processing is based on consent;
  • complain to the Information Commissioner's Office.

These rights are not absolute and may depend on the circumstances.

14. Contact

To ask a privacy question or exercise your data protection rights, please email us at [email protected] or contact us through the enquiries page on the Website.

15. Changes to this policy

We may update this policy from time to time. Updated versions will be published on the Website.

Site Policies

Media Credits