If you have any legal notes regarding our processing of personal data or about Privacy Policy, Terms of Service or our Copyright policy you may contact

Compliance with GDPR

Last updated:

We Are Learning is committed to ensuring compliance with the General Data Protection Regulation ("GDPR") for handling and processing of personal data.

We Are Learning will always ensure that appropriate technical and organisational measures are implemented. We’ve included the table below to help our customers think about GDPR and their responsibilities and how We Are Learning factors into the equation. This list is neither exclusive nor exhaustive.

GDPR Requirement
GDPR Reference
Actions Taken

Lawful Basis

Article 6


We Are Learning: Establishes a lawful basis to process personal data.

Data Subject: If the lawful basis is consent, Data Subject consents to We Are Learning’s data collection about them.

Processing children’s personal data

Article 8

We Are Learning

We Are Learning does not distinguish between different types of personal data and does not knowingly collect children’s personal data.

Data protection by design

Article 25


We Are Learning: Collects the minimum personal data necessary to carry out normal business operations.

Customer: Manages content within We Are Learning.

Data Protection Impact Assessments

Article 35


We Are Learning: Appoints responsible staff to perform any necessary Data Protection Impact Assessments.

Customer: Determines level of content shared with business partners and may assist We Are Learning, as the processor.


Article 32

We Are Learning

Comply with security requirements. Personal Data is encrypted in transit and at rest using AES-256 bit encryption.

Minimal Data Collection

We only gather what is necessary to offer our service. When possible, we make data anonymous.

Sharing Information We only share personal information when it's needed to provide our service. We have agreements with our suppliers about how they handle personal information. The suppliers and data centers we use are within the EEA.

Limited Storage Time

We keep personal information only for as long as our customers need it. After a customer agreement ends, we delete, return, or make the information anonymous as agreed. Our database is protected with AES-256 encryption.


We have put in place security measures to prevent personal information from getting lost or ending up in the wrong hands. We regularly maintain and update our security measures.

Responsibility We have created internal procedures and routines to ensure that our handling of personal information is done in an organized and documented way.

Any questions on this topic?

Sign up for newsletters

Don't miss out on our latest news. Get the inside knowledge on product updates and upcoming events.

Privacy policy
© WE ARE 2024