Privacy policy

Privacy Policy – Challenge Innovate Grow Limited

Last Updated: 18 May 2026

Challenge Innovate Grow Limited (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store, process, disclose, and protect your personal information when you use our websites, purchase products or services, enrol on courses, interact with our platforms, or otherwise engage with us.

This policy applies to:

  • If It Were Easy 

  • Challenge Innovate Grow Limited

  • associated Shopify storefronts;

  • Thinkific learning platforms;

  • online courses and memberships;

  • webinars, events, and communities;

  • downloadable resources and digital products;

  • related services, systems, and communications operated by Challenge Innovate Grow Limited.

By using our services, you acknowledge that you have read and understood this Privacy Policy.

1. Who We Are

Challenge Innovate Grow Limited is the data controller responsible for your personal data.

Contact Details

Challenge Innovate Grow Limited
124 City Road, London, England, EC1V 2NX

Email: dawn.taylor@challengeinnovategrow.com
Website: www.ifitwereeasy.org

For the purposes of UK data protection law, we are responsible for deciding how and why your personal information is processed.

2. The Platforms and Services We Use

We use a range of third-party platforms, systems, software providers, integrations, and service providers to operate our business, process payments, deliver courses, communicate with users, manage marketing, host content, analyse performance, and support our services.

These may include, but are not limited to:

  • Shopify

  • Thinkific

  • Stripe

  • PayPal

  • Mailchimp

  • Zoom

  • Microsoft

  • Microsoft 365

  • Google Workspace

  • Google Analytics

  • Google Ads

  • YouTube

  • LinkedIn

  • Meta platforms including Facebook and Instagram

  • analytics and cookie tools

  • artificial intelligence tools and systems

  • webinar, communication, automation, hosting, support, advertising, social media, and marketing platforms.

These third-party providers may process personal information on our behalf in accordance with their own privacy policies, terms, and applicable data protection laws.

We may change, add, or remove service providers, platforms, or integrations from time to time as part of operating and improving our services.

3. Personal Data We Collect

Depending on how you interact with us, we may collect, process, or infer the following categories of personal data:

Identity and Contact Information

  • name;

  • email address;

  • billing address;

  • phone number;

  • account login details.

Account and Learner Information

  • usernames;

  • passwords;

  • learner account details;

  • security questions;

  • preferences and account settings;

  • course progress and completion data;

  • certificates issued;

  • quiz or assessment results;

  • webinar participation;

  • community activity.

Payment and Transaction Information

  • payment confirmations;

  • purchase history;

  • subscriptions;

  • refunds;

  • transaction records;

  • products viewed;

  • cart activity;

  • wishlist activity;

  • abandoned checkout activity;

  • purchase, return, cancellation, or exchange history.

We do not store full payment card details ourselves.

Technical and Usage Information

  • IP address;

  • browser type;

  • device information;

  • operating system;

  • website activity;

  • analytics information;

  • cookies and tracking data;

  • learner interaction data;

  • network connection information;

  • unique device identifiers.

Communications

  • emails;

  • support requests;

  • survey responses;

  • feedback;

  • social media interactions;

  • webinar communications.

User Generated Content

Where you participate in reviews, comments, communities, discussions, webinars, or shared activities, content you submit may be visible to others depending on where it is posted.

4. How We Collect Your Information

We collect personal data:

  • directly from you when you purchase, register, subscribe, contact us, or use our services;

  • automatically through cookies, analytics, tracking technologies, and platform technologies;

  • through third-party providers such as payment processors, marketing systems, learning platforms, and integrations;

  • through webinar, community, and course participation;

  • through advertising, analytics, and marketing partners where permitted by law.

5. How We Use Your Personal Data

We may use your personal data to:

  • provide and manage courses, memberships, downloads, and services;

  • process payments and transactions;

  • create and manage learner accounts;

  • communicate with you about purchases, access, or support;

  • improve our services and learner experience;

  • personalise content and recommendations;

  • monitor usage and protect platform security;

  • detect, investigate, prevent, or take action regarding fraudulent, illegal, malicious, unsafe, or unauthorised activity;

  • comply with legal and regulatory obligations;

  • send service updates and administrative communications;

  • send marketing communications where permitted;

  • manage competitions, surveys, promotions, or events;

  • conduct analytics, reporting, and business intelligence activities.

6. Lawful Bases for Processing

Under UK GDPR and other applicable laws, we rely on one or more of the following lawful bases:

  • performance of a contract;

  • legitimate interests;

  • consent;

  • compliance with legal obligations.

Where we rely on legitimate interests, we balance our business interests against your rights and freedoms.

7. Marketing Communications

We may send you marketing communications relating to:

  • courses;

  • events;

  • webinars;

  • resources;

  • communities;

  • updates; and

  • related educational services.

You may unsubscribe at any time by:

  • clicking the unsubscribe link in emails; or

  • contacting us directly.

We do not sell personal data in exchange for money. However, some advertising or analytics activities may be considered “sharing” or “targeted advertising” under certain US privacy laws.

8. Artificial Intelligence and Automated Systems

We may use artificial intelligence (“AI”) tools and automated systems as part of:

  • educational content creation;

  • learner support;

  • analytics;

  • operational efficiency;

  • customer service;

  • transcription;

  • summarisation;

  • workflow automation.

AI-generated or AI-assisted systems may process limited personal information where necessary to deliver services or improve operations.

We take reasonable steps to ensure such systems are used responsibly and in accordance with applicable data protection law.

We do not make solely automated decisions that produce legal or similarly significant effects about you.

9. Who We Share Your Data With

We may share personal data with trusted third parties including:

  • payment providers;

  • learning platforms;

  • email and marketing providers;

  • webinar and communication platforms;

  • analytics providers;

  • website hosting providers;

  • professional advisers;

  • legal or regulatory authorities where required;

  • technology, automation, AI, and operational support providers.

We may also disclose information:

  • where required by law;

  • to protect our rights, users, systems, or services;

  • in connection with fraud prevention or investigations; or

  • in connection with a merger, acquisition, restructuring, financing, sale of assets, insolvency event, or business transfer.

We only share personal data where necessary and require third parties to handle it securely and lawfully.

10. International Transfers

Some third-party providers may process data outside the UK or European Economic Area (EEA), including the United States.

Where international transfers occur, we rely on:

  • adequacy regulations;

  • Standard Contractual Clauses;

  • UK International Data Transfer Agreements; or

  • other legally recognised safeguards.

11. Data Retention

We retain personal data only for as long as reasonably necessary for:

  • providing services;

  • legal obligations;

  • dispute resolution;

  • accounting and tax requirements;

  • enforcing agreements;

  • fraud prevention and security.

Where appropriate, data may be anonymised or securely deleted.

Learner account data may be retained for administrative, certification, compliance, or historical record purposes unless deletion is requested and legally permissible.

12. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • operate our websites;

  • remember preferences;

  • analyse traffic and usage;

  • improve services;

  • personalise content;

  • support marketing and advertising.

Some cookies are essential to website functionality.

Others, including analytics, advertising, and tracking cookies, may require your consent depending on your jurisdiction.

You may manage cookie preferences through your browser settings or our cookie consent tools.

We may use third-party analytics, advertising, communication, productivity, and social media technologies including Google, Microsoft, YouTube, LinkedIn, and Meta platforms to analyse website usage, improve services, measure advertising performance, deliver communications, manage productivity systems, and provide personalised content or advertising where permitted by law.

These providers may use cookies, pixels, tags, analytics tools, and similar technologies to collect information about your interactions with our websites and services.

For more information about cookies, visit:

https://ico.org.uk/for-the-public/online/cookies

13. Security

We take reasonable technical and organisational measures to protect personal information against:

  • unauthorised access;

  • misuse;

  • disclosure;

  • loss;

  • destruction; or

  • alteration.

However, no internet transmission, storage system, or security measure can be guaranteed to be completely secure or impenetrable.

14. Your Rights

Depending on your location and applicable law, you may have rights including:

  • access to your personal data;

  • correction of inaccurate data;

  • deletion of personal data;

  • restriction of processing;

  • objection to processing;

  • withdrawal of consent;

  • data portability;

  • objection to direct marketing;

  • objection to targeted advertising or certain data sharing activities.

To exercise your rights, contact us using the details below.

You may also authorise another person to make a request on your behalf where permitted by applicable law. We may require verification of identity and authority before processing such requests.

We may need to verify your identity before responding.

We may recognise legally required browser-based opt-out preference signals, such as Global Privacy Control (GPC), where required by applicable law.

We will not discriminate against you for exercising any applicable privacy rights.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) or your local supervisory authority where applicable.

15. Age Restrictions and Children’s Privacy

Our website, courses, memberships, communities, digital products, webinars, and services are intended for users aged 18 years and over.

By using our services, creating an account, or purchasing a product, you confirm that you are at least 18 years old and legally capable of entering into a binding agreement.

We do not knowingly market to, collect personal data from, or provide services directly to children under the age of 18.

If we become aware that personal information has been collected from a person under 18 without appropriate lawful basis, parental authorisation, or other legal justification, we will take reasonable steps to delete that information.

If you believe that a child or person under 18 has provided personal information through our services, please contact us immediately using the contact details provided in this Privacy Policy.

16. Third-Party Websites and Platforms

Our websites and services may contain links to third-party websites, integrations, or platforms.

We are not responsible for the privacy practices, content, availability, or security of third-party websites or services.

You should review the privacy policies of those third parties before providing personal information.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

Updated versions will be published on our website with a revised “Last Updated” date.

Continued use of our services after changes are published constitutes acceptance of the updated policy where permitted by law.

18. Complaints

If you have concerns about how we use your personal data, please contact us first.

Depending on your jurisdiction, you may have the right to appeal a decision regarding your privacy rights request.

You also have the right to complain to the UK Information Commissioner’s Office (ICO):

https://ico.org.uk/

19. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact:

Challenge Innovate Grow Limited
124 City Road, London, England, EC1V 2NX

Email: dawn.taylor@ifitwereeasy.org