Cadence
ITIL 4 Academy
Legal

Privacy Policy

Last updated 22 April 2026

This Privacy Policy explains what personal information Cadence ITIL 4 Academy ("Cadence", "we") collects when you use our learning platform, how we use it, who we share it with, and the rights you have over it. We aim to collect only what's necessary to run a useful learning experience.

1. Information we collect

You provide

  • Account data: email, password (hashed), display name.
  • Profile data (optional): professional title, company, location, headline, bio, role tags, environment tags, focus areas.
  • Learning activity: lessons completed, scenarios attempted, exam answers and scores, battle cards viewed.
  • Communications: messages you send to support.

Collected automatically

  • Technical data: IP address, browser type, device, approximate location (from IP), timestamps.
  • Cookies and local storage: see our Cookie Policy.

2. How we use your information

  • To create and operate your account and authenticate you.
  • To deliver lessons, track progress, and personalise your dashboard.
  • To improve the platform — bug fixes, content quality, performance.
  • To respond to support requests.
  • To prevent fraud, abuse, and security incidents.
  • To comply with legal obligations.

3. Legal bases (GDPR / UK GDPR)

  • Contract: providing the Service you signed up for.
  • Legitimate interests: improving the Service, securing it, and basic analytics.
  • Consent: optional cookies and marketing emails (where applicable).
  • Legal obligation: tax, accounting, and lawful requests from authorities.

4. Sharing your information

We do not sell your personal data. We share it only with:

  • Infrastructure providers who host the Service and database (acting as our data processors under written agreements).
  • Authorities when required by law, subpoena, or to protect rights, safety, and property.
  • A successor entity in the event of a merger, acquisition, or asset sale (you will be notified).

5. International transfers

Your data may be processed in countries other than your own. Where required, we use appropriate safeguards (e.g. Standard Contractual Clauses) for transfers from the EEA, UK, or Switzerland.

6. Data retention

We keep account and learning data for as long as your account is active. If you delete your account, we delete or anonymise personal data within 30 days, except where we must retain certain records for legal, tax, or security reasons.

7. Your rights

Depending on your jurisdiction, you may have the right to:

  • access the personal data we hold about you;
  • correct inaccurate data;
  • delete your data ("right to be forgotten");
  • restrict or object to certain processing;
  • port your data to another service;
  • withdraw consent at any time;
  • lodge a complaint with your local data protection authority.

To exercise these rights, contact us via the Contact page.

8. Children

Cadence is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us so we can delete it.

9. Security

We use industry-standard safeguards including encryption in transit (TLS), hashed passwords, access controls, and Row-Level Security on our database. No system is perfectly secure; if you suspect a vulnerability, please report it via the Contact page.

10. Changes to this policy

We may update this Privacy Policy occasionally. Material changes will be announced in-app or by email. The "Last updated" date at the top reflects the latest version.

11. Contact

Privacy questions or requests can be sent via the Contact page.

TermsPrivacyCookiesDisclaimerAcceptable useContact