Last updated: May 2026 · Applies to all JTL services
1 Data Controller
This website is operated by Jacopo (Jack) — JTL, Jack Teaching Languages, an independent online language teaching service.
Based in: Italy
Contact: jack.teaching.languages@gmail.com
Website: jackteachinglanguages.com
WhatsApp: +39 351 828 7492
If you have any questions about how your data is handled, contact us directly at the email above. We will respond within 72 hours.
2 What Data We Collect
We only collect data you voluntarily provide. This may include:
- Contact form: your name, email address, message, and selected language/level
- Account registration: name, email address, and password (hashed)
- WhatsApp: your phone number and messages if you contact us via WhatsApp
- Level/placement test: your answers and assessed level
- Payment: processed by Stripe — we do not store card details
We do not use tracking cookies, third-party advertising, or analytics tools that profile you.
3 Why We Collect It (Legal Basis)
- Booking & lessons — to fulfil our contract with you (Art. 6(1)(b) GDPR)
- Responding to enquiries — legitimate interest in communicating with prospective students (Art. 6(1)(f) GDPR)
- Account creation — contract performance and your consent (Art. 6(1)(a) GDPR)
- Legal obligations — e.g. keeping records for tax purposes (Art. 6(1)(c) GDPR)
4 How We Use Your Data
- To respond to your booking enquiry or message
- To schedule and conduct online lessons
- To send lesson materials, notes, and PDFs
- To manage your student account and progress
- To issue invoices or receipts
We will never sell, rent, or share your data with third parties for marketing purposes.
5 Third-Party Services
We use a small number of trusted services to operate the website:
- Vercel — website hosting (USA/EU, GDPR compliant)
- Supabase — database for student accounts (EU region)
- Stripe — payment processing (PCI DSS compliant, GDPR compliant)
- FormSubmit — delivers your booking/contact form message to us by email
- Google Calendar — appointment scheduling, only if you book via the calendar button
- WhatsApp / Meta — if you contact us via WhatsApp, Meta's privacy policy applies
Each of these providers has their own privacy policy and appropriate data protection agreements in place.
6 How Long We Keep Your Data
- Enquiry messages: up to 12 months after last contact
- Student account data: for as long as your account is active, then deleted within 90 days of account closure
- Payment records: 7 years (legal/tax obligation)
- Lesson recordings (if any): deleted within 30 days unless you request otherwise
7 Your Rights (GDPR)
Under GDPR, you have the right to:
- Access — request a copy of your personal data
- Rectification — correct inaccurate data
- Erasure — request deletion of your data ("right to be forgotten")
- Restriction — limit how we process your data
- Portability — receive your data in a machine-readable format
- Objection — object to processing based on legitimate interest
- Withdraw consent — at any time, where processing is based on consent
8 Cookies
This website uses only essential cookies and local storage (e.g. to keep you logged in and to remember your cookie choice). We do not use advertising or cross-site tracking cookies.
A cookie banner lets you accept or decline any non-essential cookies; essential cookies are required for the site to function. You can also clear cookies in your browser settings at any time.
9 Data Security
We take data security seriously. Your data is stored on secure, encrypted servers. Passwords are hashed and never stored in plain text. All connections to this website use HTTPS/TLS encryption.
In the unlikely event of a data breach affecting your rights, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR.
10 Complaints
If you believe your data rights have been violated, you have the right to lodge a complaint with your national data protection authority.
- Italy: Garante per la protezione dei dati personali
- UK: Information Commissioner's Office (ICO)
- EU: Your local national supervisory authority
We would always prefer to resolve any issue directly — please contact us first.
11 Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Significant changes will be communicated to registered users by email.