Free pre-test slots are offered so we can understand the student’s level and recommend a suitable class.
A booking is only confirmed when the selected slot is accepted and confirmed by Bloomers Global Academy.
Parents or guardians should provide accurate contact and student-level information so we can prepare properly.
Paid lessons and class packages
Lesson fees, package details, class duration, and payment deadlines will be shared before enrolment.
Paid lessons begin after payment confirmation, unless a different arrangement is agreed in writing.
Class availability may change, so preferred times are not guaranteed until confirmed.
Rescheduling and cancellations
Please contact us as early as possible if a student cannot attend a booked session.
Rescheduling depends on teacher availability and may not always be possible at short notice.
Refund or credit decisions depend on the class/package arrangement communicated at the time of booking.
Communication
We may use WhatsApp, SMS, phone, or email to manage bookings, reminders, class updates, and support requests.
Marketing messages are sent only where consent is given or where permitted by law.
Privacy
Personal data is handled according to our
Privacy Policy.
We use cookies to make this site work (strictly necessary).
With your consent, we also use optional cookies for analytics and ads measurement (Meta Pixel).
This page explains how we collect, use, disclose and protect personal data on our mobile-first
booking funnel (Subject → Course → Policy → Contact → Slot → Confirm) and related admin/reporting
tools.
Who we are (Controller)
Controller:
NANEDIRI WEERATUNGA SENA JULIA MELANIE (sole trader, established in Italy)
Trading name:
Bloomers Global Academy
P. IVA:
13784790969
Address:
V DON GIOVANNI BOSCO 2 SC C INT 12, CINISELLO BALSAMO, 20092, ITALY
EU/EEA & UK coverage:We offer services to individuals in the EU/EEA.
Lead supervisory authority (EU):
Italy — Garante per la protezione dei dati
personali.
Data we collect
Identity & contact:
phone (E.164), name (optional), language (EN/SI).
Lead & booking context:
selected subject/course, slot selections, submission
timestamps, consent metadata (policy URL/version/time, IP hash).
Technical:
device/user-agent, strictly necessary cookies (see below).
Analytics/ads (only with consent):
page views and events via tools like Meta
Pixel.
Why we use your data (legal bases)
Service delivery:
manage leads and bookings; send confirmations/operational
messages.
Legal basis:
contract/pre-contractual steps (GDPR/UK GDPR Art. 6(1)(b)).
Security & fraud prevention:
rate-limiting, bot controls, audit logs.
Legal basis:
legitimate interests; and where applicable, legal obligation.
Analytics (non-essential):
understand traffic and improve UX.
Legal basis:
your consent (opt-in).
Advertising/retargeting (Meta Pixel):
measure campaigns and show relevant ads.
Legal basis:
your consent (opt-in).
Communications with students:
course updates and information after enrollment.
Legal basis:
contract/legitimate interests.
Marketing to non-students:
only if you explicitly opt-in (e.g., checkbox or
in-chat “YES”).
Legal basis:
consent.
Cookies & Pixels
We set
strictly necessary
cookies to operate the booking funnel, remember your
progress, and keep the service secure (e.g., session and CSRF). These are essential and do not
require consent.
With your consent, we use
optional
cookies for analytics and
ads measurement
(e.g., Meta Pixel). These are blocked until you choose “Accept” in
the cookie banner. You can change your choices any time via
Cookie Settings.
Email delivery:
SMTP provider for confirmations/alerts.
Analytics/advertising:
Meta Platforms (only if you consent).
We require processors to follow our instructions, implement security, and not use your data for
their own purposes.
International transfers
When data is transferred outside the EU/UK (for example to the United States by Meta or Cloudflare),
we rely on recognised safeguards: the
EU-US Data Privacy Framework
(and UK-US Data
Bridge) where applicable, and/or the
Standard Contractual Clauses (EU)
and
UK IDTA/Addendum
with transfer impact assessments.
Retention
Leads who do not enroll:
deleted automatically after
90 days.
Students:
retained for the duration of the course and as required by legal, tax or accounting rules.
Consent logs:
retained for
24 months
to demonstrate compliance.
Audit logs/backups:
rotated and deleted on a set schedule.
Children
Our services are intended for adults (parents/guardians) booking on behalf of children. We do not
knowingly collect personal data directly from children under 16 through this site. If you believe a
child has provided personal data to us, please contact us and we will take appropriate steps.
Your rights
You may request access, rectification, erasure, restriction, portability, and object to processing.
You can withdraw consent at any time (this does not affect processing before withdrawal).
How we protect your data
HTTPS end-to-end; strict security headers
CSRF protection, honeypot, and rate-limits
Admin 2FA (TOTP), audit logs, least-PII emails
Passwords hashed with Argon2id; regular rehash policy
Changes
We may update this policy to reflect legal or technical developments. Updates will be dated at the
top; material changes will be notified on-site.
