privacy-policy - 7Speaking

Preamble

7Speaking is part of the LEARNATION Group, a major player in Digital Learning and remote educational engineering, specialising in language training.

The LEARNATION Group was created from the merger of four leading companies in the language training sector: Educastream, 1to1PROGRESS, PrepMyFuture, and 7Speaking.

The LEARNATION Group is committed to maintaining high standards of ethics, particularly in terms of personal data protection.

On the websites www.7speaking.com and user.7speaking.com, 7Speaking processes personal data as the data controller. The identity and contact details of 7Speaking are specified in the “Legal Notice” section.

This external privacy policy aims to inform you about how your data is processed by 7Speaking and your rights regarding this processing.

It may evolve according to the applicable legal and regulatory context.

1 – Legal Bases and Purposes of Data Processing

7Speaking implements various data processing activities based on the following legal grounds: contractual performance, your consent, legal and regulatory obligations, and legitimate interests.

The purposes associated with each legal basis are listed below:

Based on Contractual Performance

When you agree to the Terms of Use, 7Speaking processes data for the following purposes:

To provide personalised language training, either individually or to a group of employees, agents of an administration, students, or educational institutions.

To map language proficiency and needs to create a customised programme.

To allow training professionals (training managers, partners, and teachers) to monitor and adapt services to the learner’s needs.

To increase learner engagement and to achieve optimal engagement rates.

Based on Your Consent

With your consent, 7Speaking processes data for the following purposes:

Managing participation in the 7Speaking user community.

Managing cookies that require consent.

Based on Legal and Regulatory Obligations

7Speaking processes data for the following purposes:

To manage general accounting.

To respond to official requests from public or judicial authorities authorised to make such requests.

Based on Legitimate Interests

7Speaking processes data for the following purposes in its legitimate interest:

Establishing proof of transactions.

Preventing fraud.

Analysing data to personalise products and services according to your profile and sending you personalised or general communications about our products and services.

Managing cookies that do not require consent.

The objectives pursued based on legitimate interests are carried out with respect for your rights and freedoms. If 7Speaking processes your data for purposes other than those listed above, you will be informed, and any necessary additional procedures will be carried out.

2 – Data Processed

7Speaking undertakes to only collect and process data that is necessary for its activities, particularly concerning the provision of the services we offer, as well as personalised products and services tailored to your profile. Therefore, 7Speaking collects various personal data concerning you.

Some data processed by 7Speaking may be collected indirectly from:

Publications or databases made available to us;

Third parties, such as data providers, including employers and/or teachers.

3 – Individuals Concerned

The individuals concerned by the data processing are:

Prospective clients who contact 7Speaking for information about the products and services offered;

7Speaking clients;

Any person with an account granting access to the websites www.7speaking.com and user.7speaking.com, including learners, trainers, and teachers.

4 – Data Recipients

To achieve the purposes described above and within the necessary scope, the data collected by 7Speaking may be shared with the following recipients:

Internal departments of 7Speaking or other companies within the LEARNATION Group that act as processors, authorised to manage the commercial relationship (including contract execution, management, and administration).

LEARNATION Group companies, acting as data controllers, with the right to refuse being exercised directly with 7Speaking.

Clients’ internal training departments, acting as joint data controllers, with access to data regarding the training of their employees.

Marketing, sales, and customer relations departments, responsible for managing customer relationships and processing complaints, for prospecting, administrative services, IT, and their line managers.

Partners, service providers, and subcontractors, where applicable.

Lawyers, legal auxiliaries, judicial officers, and administrative or judicial authorities handling a dispute, in compliance with legal obligations or to allow 7Speaking to defend its rights and interests.

Mediators, regulating and supervising authorities authorised to receive such data.

Audit and internal control services, including external auditors and accountants.

5 – Data Retention Period

In respect of the right to oblivion, 7Speaking retains personal data only for the duration necessary to fulfil the purposes of the processing, in compliance with applicable legislation.

The data collected by 7Speaking will be retained for the period necessary to achieve the purposes described above, plus any statutory limitation period.

More specifically, we organise our data retention policy as follows:

Data Retention Periods for Processing Purposes

Purpose	Data Retention Period
Providing personalised language training to a learner.	The entire duration of the contractual relationship. Afterwards, only the data necessary for pre-litigation or litigation purposes are archived for the legal limitation period (5 years for civil and commercial matters). If litigation occurs, data is retained throughout the process and until all ordinary and extraordinary legal remedies are exhausted.
Determining the learner’s level and specific needs.
Mapping the language proficiency of a company, administration, or educational institution.
Collecting training needs for a company, administration, or educational institution.
Enabling employees to become operational 4 times faster in their roles.
Allowing training professionals (training managers, partners, and teachers) to monitor and adapt the service to learners’ needs.
Generating learner engagement and achieving optimal participation rates.
Evaluating the products or services offered and under what conditions.	Data is retained for 3 years from the last incoming contact.
Managing operations related to products or services subscribed to.	Data is retained for 3 years from the last incoming contact.
Managing commercial relationships, including responding to contact requests.	The entire duration of the contractual relationship, with data archived for pre-litigation or litigation purposes (5-year legal limitation). In the event of litigation, data is retained until all legal remedies are exhausted.
Managing accounting.	The current fiscal year, plus 10 years from its closure.
Implementing security measures to prevent fraud and abuse.	Data may be retained for up to 12 months after alerts are issued. Non-relevant alerts are deleted after 12 months. Verified alerts are kept for a maximum of 5 years after fraud cases are closed.
Detecting unusual transactions and preventing fraud.	Data may be retained for up to 12 months after alerts are issued. Verified fraud alerts are kept for up to 5 years after cases are closed.
Managing responses to official requests from public or judicial authorities.	Data is retained for the entire duration of the procedure, plus the legal limitation period (5 years).
Establishing proof of transactions.	The entire duration of the contractual relationship, with data archived for the legal limitation period (5 years). In case of litigation, data is retained until all legal remedies are exhausted.
Analysing your data to personalise products and services, and sending messages or communications.	Data is retained for 3 years from the last incoming contact.
Managing newsletter subscriptions.	Data is retained until the subscriber unsubscribes.
Managing phone conversation recordings.	Recorded data is kept for 6 months from the collection date.
Managing documents for analysis (e.g., reports and analysis grids).	Data is retained for 1 year from the collection date.
Managing cookies.	Data is retained for a maximum of 13 months.

This detailed table ensures that data is handled with respect for applicable regulations and retention limits.

6 – Data Security

7Speaking places a strong focus on the security of personal data.

We have implemented technical and organisational measures which are tailored to the sensitivity of the personal data, ensuring its integrity and confidentiality, and protecting it against any malicious intrusion, loss, alteration, or unauthorised disclosure to third parties.

7Speaking regularly conducts audits in order to ensure the proper correct operational application of data security rules.

We are committed to taking the necessary physical, technical, and organisational security measures to:

Protect our business activities;

Safeguard the personal data of our prospects, clients, and users;

Prevent unauthorised access, modification, distortion, disclosure, or destruction of the personal data we hold.

Note: The security and confidentiality of personal data also depends on good practice by individuals. You are encouraged to remain vigilant in this respect.

7Speaking carefully selects its subcontractors and service providers and requires them to:

Provide a level of personal data protection equivalent to our own;

Use personal data solely to manage the services they are required to provide;

Strictly comply with applicable laws and regulations on privacy and personal data;

Implement all necessary measures to protect personal data they may process;

Define the technical and organisational measures necessary for ensuring data security.

7Speaking enters into legally required contracts with its subcontractors, clearly defining the conditions and procedures for personal data processing.

7 – Transfer of Data Outside the European Union

7Speaking stores personal data within the European Union.

8 – Ancillary Services

As part of your subscription to 7Speaking’s products and services, you may benefit from ancillary services. You are free to subscribe to these services directly from their providers. The provider of the ancillary service(s) is responsible for processing personal data in accordance with data protection regulations.

You should review how the ancillary service provider processes your personal data. We may need to share relevant data with these providers to enable them to offer their services to you.

9 – Your Rights and How to Exercise Them

9.1 – Your Rights

You have the following rights concerning your personal data:

Right to information;

Right of access;

Right to rectification;

Right to erasure (unless the data is necessary for the performance of services or for 7Speaking to meet its legal obligations or assert its rights);

Right to set instructions regarding your data after your death.

For access requests, 7Speaking may charge reasonable administrative fees for any additional copies of the data beyond the first.

You also have the right to:

Request the restriction of processing;

Data portability for data you have provided;

Object to processing.

You can object to data processing for reasons related to your individual circumstances if the processing is based on 7Speaking’s legitimate interest. This right to refuse also applies to profiling.

If you exercise this right, 7Speaking will stop processing your data unless there are compelling legitimate grounds for processing that override your interests, rights, and freedoms or if the data is necessary for the establishment, exercise, or defence of legal claims.

You can also object to any processing related to direct marketing without needing to justify your reasons.

9.2 – Exercising Your Rights

To exercise your rights, send an email to dataprotection@7speaking.com or a letter to the Data Protection Officer (DPO) with proof of your identity at:

7Speaking – Délégué à la Protection des Données personnelles

Tour Europe – 33 Place des Corolles

92400 Courbevoie

For post-mortem instructions and the exercise of other rights, contact the DPO by post at the above address with proof of your identity.

9.3 – Withdrawal of Consent

You can withdraw your consent at any time, where it has been requested. Withdrawal of consent does not affect the lawfulness of any processing carried out before the withdrawal.

9.4 – Filing a Complaint

If you believe, after contacting us, that your rights regarding your data have not been respected, you can file a complaint with the Commission Nationale de l’Informatique et des Libertés (CNIL).