Wale-Kesh Learning – CFA Exam Preparation Services (UK)
Last Updated: 11/04/2026
1. Introduction
These Terms and Conditions (“Terms”) govern your access to and use of services provided by Wale-Kesh Learning (“we”, “us”, “our”), a UK-based CFA exam preparation provider.
By enrolling in, accessing, or using any of our services, you agree to be legally bound by these Terms. If you do not agree, you must not use our services.
2. Services Overview
We provide CFA exam preparation through the following formats:
2.1 self-paced video learning
Pre-recorded video lectures for CFA Levels I, II, and III
Content is as described on the official website (including course pages and homepage listings)
Designed for independent, self-paced study
Includes structured curriculum coverage as advertised
Access Duration:
Access is granted for the exam year in which you enrol
Access expires automatically on 1st January of the following calendar year, regardless of enrolment date
2.2 Live In-Person Classes
Level I: 20 days (weekend format)
Level II: 10 days (weekend format)
Level III: 10 days (weekend format)
Delivered at designated UK physical venues
Recording Notice:
All in-person classes are recorded
2.3 Live Online Classes (Microsoft Teams)
Delivered exclusively via Microsoft Teams
Available for Levels I, II, and III
Conducted on weekdays and structured per level
Minimum guided learning hours:
Level I: 150+ hours
Level II: 75+ hours
Level III: 50+ hours
Recording Notice:
All online classes are recorded
2.4 Hybrid Attendance Option
Students may attend in-person classes online at 50% of the in-person course fee
Access is provided exclusively via Microsoft Teams
No alternative platforms are supported
3. Access Duration (Critical Term)
Access to all live in-person and live online classes ends on 1st January of the following calendar year, regardless of enrolment date
Self-paced video access also expires on the same date
No extensions are guaranteed unless explicitly granted in writing
4. Free First-Day Access
The first day of any course is provided free of charge
Registration is required to attend
Continued access beyond the first day requires full enrolment and payment
5. Recording of Sessions
All sessions, including in-person and online classes, are recorded
Recordings are provided solely for personal educational use
Recordings remain the intellectual property of [Company Name]
You must not download, copy, share, or redistribute recordings in any form
6. Account Access and Device Restrictions
Self-paced video access is limited to:
1 mobile device (iOS or Android)
1 web login via the official website
Access is strictly personal and non-transferable
Simultaneous logins beyond permitted devices are not allowed
Any attempt to bypass access restrictions may result in suspension or termination
7. Location Tracking and Usage Monitoring
We may use location data and system analytics to monitor usage and detect misuse
This includes detecting account sharing, abnormal login activity, or unauthorized access patterns
If misuse is suspected:
Access may be suspended immediately
You may receive an email requesting explanation
Final termination may occur if misuse is confirmed
8. Strict Non-Sharing Policy
Access is strictly for individual use only
You must not share your account, login credentials, or content with anyone, including friends or colleagues
Any sharing, redistribution, or unauthorized access will result in immediate termination without refund
9. Fees and Payment
9.1 Payment Processing
Payments are processed through third-party payment provider (Stripe)
We do not store full card details on our systems
All payment processing is subject to the terms of the respective payment provider
9.2 Fees
All fees are stated in GBP 50 (£50)
Pricing depends on course type and delivery format
9.3 Payment Obligations
Full payment is required before access unless otherwise agreed in writing
Failure to complete payment may result in suspension or denial of access
10. Refund and Cancellation Policy
10.1 Cooling-Off Period
A 14-day cooling-off period applies from the date of purchase
Refund eligibility is subject to usage limits
10.2 Fair Usage Limit
Refunds are only available if no more than 20% of total course content has been accessed
Access includes video views, live attendance, and platform usage
10.3 Post Cooling-Off Period
No refunds will be issued after the 14-day period unless required by law
Refunds will not be granted where significant access has been used
11. Class Transfers
Students may request transfers between batches, levels, or formats
Transfers are subject to availability
A £50 administrative fee applies to each transfer request
12. Eligibility
Minimum age requirement: 18 years
Students are responsible for ensuring CFA Institute eligibility requirements are met
We do not guarantee exam registration approval or exam success
13. Code of Conduct
You agree to:
Use services solely for personal educational purposes
Participate respectfully in all sessions
Avoid disruptive, abusive, or fraudulent behaviour
Comply with all platform and instructor instructions
We reserve the right to remove access without refund for violations.
14. Technical Requirements
You are responsible for ensuring:
Stable internet connection
Compatible devices
Access to Microsoft Teams (for live classes)
We are not responsible for interruptions caused by technical issues outside our control.
15. Intellectual Property
All content, including videos, recordings, slides, and course materials, are owned by Wale-Kesh Learning.
You must not:
Copy, reproduce, or distribute content
Share login access
Record sessions
Use content for commercial purposes
16. Performance Disclaimer
We do not guarantee CFA exam success or any specific outcome
Results depend on individual effort and external examination conditions
Any performance examples are illustrative only
17. Changes to Services
We reserve the right to:
Modify course structure, content, or schedules
Replace or change instructors
Move classes between in-person and online delivery if required
Update or improve learning materials
Reasonable notice will be provided where possible.
18. Limitation of Liability
To the fullest extent permitted by UK law:
We are not liable for exam outcomes or failure
We are not liable for indirect or consequential losses
We are not responsible for disruptions beyond our control
Total liability is limited to the amount paid for the course
19. Data Protection
We comply with UK GDPR regulations. Personal data may be used for:
Course delivery
Usage monitoring and misuse prevention
Communication and support
Full details are provided in our Privacy Policy.
20. Force Majeure
We are not liable for failure or delay caused by events beyond our control, including:
Government restrictions
Venue closures
Internet outages
Natural disasters
21. Termination
We may suspend or terminate access immediately if:
These Terms are violated
Account sharing or misuse is detected
Fraudulent or abusive activity occurs
Termination may occur with or without prior notice depending on severity.
22. Governing Law
These Terms are governed by the laws of England and Wales. Any disputes shall be subject to the exclusive jurisdiction of UK courts.
23. Contact Information
Wale-Kesh Learning
Address: 43 High Street, Marlow, England, SL7 1BA
Email: info@drwalekesh.com
Phone: +44 7498 212288
24. Acknowledgement
By enrolling in or accessing our services, you confirm that you have read, understood, and agree to these Terms and Conditions in full.
Nigeria (NDPA 2023)
Nigeria (NDPA 2023)
Effective Date: January 1, 2026
This Privacy Policy explains how drwalekesh.com (“we”, “our”, “us”) collects, uses, stores, shares, and protects personal data in compliance with the Nigeria Data Protection Act (NDPA) 2023 and other applicable data protection regulations.
By accessing or using this website, you agree to the collection and use of information in accordance with this Privacy Policy.
This Privacy Policy applies to all visitors, users, patients, clients, and any other individuals who interact with drwalekesh.com through the website, online forms, email communication, or related digital services.
We may collect and process the following categories of personal data:
a. Personal Identification Information
Full name
Email address
Phone number
Contact address (where applicable)
b. Professional and Educational Data
Where applicable and provided voluntarily:
Educational background
Professional experience
Course progress, assessments, and learning activities
Note: Any sensitive personal data, if incidentally collected, is processed strictly in accordance with NDPA 2023 and only with explicit consent or lawful justification.
c. Technical and Usage Data
IP address
Browser type and version
Device information
Pages visited and time spent on the website
Cookies and similar tracking technologies
We process personal data based on one or more of the following lawful bases under NDPA 2023:
Consent of the data subject
Performance of a contract or service request
Compliance with legal obligations
Legitimate interests, provided such interests do not override your fundamental rights and freedoms
Protection of vital interests
We use personal data to:
Provide educational, professional training, certification preparation, and CFA-related learning services
Respond to inquiries and communications
Manage course enrollment, access, assessments, and learner support
Improve website functionality and user experience
Comply with legal, regulatory, and professional obligations
Send important service-related notices
We do not sell or rent personal data to third parties.
We use cookies and similar technologies to:
Enhance website performance
Understand user behavior
Improve content relevance
You may control or disable cookies through your browser settings. Disabling cookies may affect certain website features.
We may share personal data only in the following circumstances:
With trusted service providers who process data on our behalf under strict confidentiality agreements
Where required by law, court order, or regulatory authority
To protect our legal rights, users, or the public
All third parties are required to comply with NDPA 2023 data protection standards.
We implement appropriate technical and organizational safeguards to protect personal data against:
Unauthorized access
Accidental loss
Misuse or alteration
Unlawful disclosure
These measures include secure servers, access controls, encryption where applicable, and staff confidentiality obligations.
Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal and regulatory requirements.
Once data is no longer required, it is securely deleted or anonymized.
As a data subject, you have the right to:
Access your personal data
Request correction of inaccurate data
Request deletion of your personal data
Object to or restrict processing
Withdraw consent at any time
Request data portability
Lodge a complaint with the Nigeria Data Protection Commission (NDPC)
Requests relating to these rights will be handled within the timelines prescribed by law.
We have appointed a Data Protection Officer (DPO) to oversee compliance with data protection laws.
DPO Email: dataprotection@meaheadzonline.com
All data protection inquiries, complaints, or requests should be directed to the DPO.
Where personal data is transferred outside Nigeria, such transfers will be conducted in compliance with NDPA 2023, ensuring adequate data protection safeguards are in place.
This platform is intended for adults and professionals. We do not knowingly collect personal data from children under the age of 18.
We reserve the right to update this Privacy Policy at any time to reflect legal, technical, or operational changes.
All updates will be posted on this page with a revised effective date. Continued use of the website constitutes acceptance of the updated policy.
For general inquiries about this Privacy Policy or our data practices, please contact us through the website or via the Data Protection Officer.
By creating an account, enrolling in a course, or using any feature of this LMS platform, you explicitly consent to the collection and processing of your personal data for educational, certification training, learning management, assessment, and learner support purposes in accordance with this Privacy Policy and the Nigeria Data Protection Act (NDPA) 2023.
You acknowledge that:
Your data will be used to deliver CFA-related training and learning services
Learning progress, assessments, and activity logs may be stored for academic and compliance purposes
You may withdraw consent at any time, subject to legal or contractual limitations
Withdrawal of consent may affect your ability to access courses or certifications.
drwalekesh.com uses cookies and similar technologies to support core LMS functionality, including:
User authentication and session management
Course progress tracking
Performance analytics and platform improvement
Security and fraud prevention
Types of Cookies Used
Strictly Necessary Cookies – Required for login, navigation, and course access
Functional Cookies – Remember user preferences and learning settings
Analytics Cookies – Help us understand platform usage and improve learning outcomes
You may manage or disable cookies via your browser settings. Disabling essential cookies may limit LMS functionality.
Where payments are required, drwalekesh.com uses trusted third-party payment processors.
We do not store full card or banking details on our servers.
Payment-related data is processed solely for:
Course enrollment and subscription management
Transaction verification and record-keeping
Compliance with financial and regulatory obligations
All payment processors are required to comply with applicable data protection and security standards.
drwalekesh.com maintains internal data protection practices designed to support:
NDPA 2023 compliance
Regulatory reviews or audits
Contractual obligations with enterprise or institutional partners
Records of processing activities may be maintained where required by law.
drwalekesh.com is committed to protecting your privacy and handling personal data transparently, lawfully, and securely in accordance with the Nigeria Data Protection Act 2023.
Europe & UK
Data Protection Policy
Europe & UK
Effective Date: January 1, 2026
This Privacy Policy explains how drwalekesh.com (“we”, “us”, “our”) collects, uses, discloses, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR).
This policy applies to users located in the European Economic Area (EEA) and any individual whose personal data is processed under GDPR.
drwalekesh.com is the Data Controller responsible for determining how and why personal data is processed.
We may collect and process the following categories of personal data:
a. Identity and Contact Data
Full name
Email address
Phone number
Country of residence
b. Account and Learning Data (LMS)
User account credentials
Course enrollments
Learning progress and assessments
Certificates and completion records
c. Technical and Usage Data
IP address
Device and browser information
Log files
Pages visited and interaction data
Cookies and similar technologies
d. Payment Data
Transaction references
Payment status
Note: Full payment card or banking details are processed by third-party payment providers and are not stored on our servers.
We process personal data on one or more of the following lawful bases:
Consent
Contractual necessity
Legal obligation
Legitimate interests, provided your rights and freedoms are not overridden
We use personal data to:
Create and manage user accounts
Deliver CFA-focused training and learning services
Track learning progress and issue certificates
Process payments and subscriptions
Communicate service-related updates
Improve platform functionality and security
Comply with legal and regulatory requirements
We use cookies and similar technologies to:
Enable core LMS functionality
Maintain secure user sessions
Track learning progress
Analyze platform usage
You may manage or withdraw cookie consent through your browser settings or our cookie banner, where applicable.
We may share personal data with:
Trusted service providers (hosting, analytics, email, payment processing)
Professional advisers where legally required
Regulatory or law enforcement authorities where required by law
All processors operate under Data Processing Agreements (DPAs) and comply with GDPR.
Where personal data is transferred outside the EEA, appropriate safeguards are implemented, including:
Adequacy decisions
Standard Contractual Clauses (SCCs)
Other lawful transfer mechanisms
Personal data is retained only for as long as necessary to fulfill the purposes outlined in this policy or to meet legal, contractual, or regulatory obligations.
When no longer required, data is securely deleted or anonymized.
You have the right to:
Access your personal data
Rectify inaccurate data
Request erasure (“Right to be Forgotten”)
Restrict processing
Data portability
Object to processing
Withdraw consent at any time
Lodge a complaint with a supervisory authority in your EU country
We have appointed a Data Protection Officer (DPO) to oversee GDPR compliance.
DPO Email: dataprotection@meaheadzonline.com
All GDPR-related inquiries, requests, or complaints should be directed to the DPO.
We implement appropriate technical and organizational measures to protect personal data, including:
Secure hosting environments
Access controls and authentication
Data minimization practices
Staff confidentiality obligations
This platform is intended for adults and professionals. We do not knowingly process personal data of children under the age of 16.
drwalekesh.com does not engage in automated decision-making or profiling that produces legal or similarly significant effects on users.
We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes.
Updates will be posted on this page with a revised effective date.
For questions regarding this Privacy Policy or our GDPR practices, please contact the Data Protection Officer.
drwalekesh.com is committed to protecting your personal data and upholding your rights under the General Data Protection Regulation (GDPR).
Data Protection Policy
Data Protection Policy
Wale-Kesh Learning
Document Owner: Compliance and Operations Team
Version: 1.0
Effective Date: 15 May 2026
Review Date: 15 May 2027
1. Purpose
This Data Protection Policy explains how the organization collects, processes, stores, shares, and protects personal data in connection with its educational services, including:
• Self-paced online video courses
• Live online classes
• In-person classroom training
• Online payment processing
• Student support services
• Marketing and communications
• Learning management systems (LMS)
The organization is committed to complying with:
• The UK General Data Protection Regulation (UK GDPR)
• The Data Protection Act 2018
• Applicable electronic communications and privacy laws
• Payment Card Industry Data Security Standards (PCI DSS), where applicable
This policy applies to all employees, contractors, tutors, consultants, and third-party service providers handling personal data on behalf of the organization.
2. Scope
This policy applies to all personal data processed by the organization relating to:
• Students
• Prospective students
• Parents or sponsors
• Employees and contractors
• Tutors and instructors
• Website visitors
• Corporate clients
• Event attendees
It covers both digital and paper-based records.
3. Definitions
Personal Data
Any information relating to an identified or identifiable individual, including:
• Name
• Email address
• Phone number
• Billing information
• Identification documents
• Learning progress
• Attendance records
• IP address
• Device information
Special Category Data Sensitive personal data such as:
• Health information
• Racial or ethnic origin
• Religious beliefs
• Biometric data
The organization generally does not intentionally collect special category data unless legally required or voluntarily provided for accessibility or support purposes.
Processing
Any operation performed on personal data, including:
• Collection
• Storage
• Use
• Sharing
• Recording
• Deletion
4. Data Protection Principles
The organization follows the UK GDPR principles by ensuring that personal data is:
1. Processed lawfully, fairly, and transparently
2. Collected for specified and legitimate purposes
3. Adequate, relevant, and limited to what is necessary
4. Accurate and kept up to date
5. Retained only as long as necessary
6. Processed securely and confidentially
7. Accountable through documented compliance measures
5. Lawful Bases for Processing
The organization relies on one or more of the following lawful bases:
Activity Lawful Basis
Student enrolment Contract
Course delivery Contract
Payment processing Contract and legal obligation
Attendance tracking Legitimate interests
Student communications Contract
Marketing emails Consent or legitimate interests
Regulatory compliance Legal obligation
Fraud prevention Legitimate interests
Recording live classes Legitimate interests
6. Types of Data Collected
Student Data
• Full name
• Email address
• Telephone number
• Date of birth (if required)
• Address
• Course enrolment details
• Attendance records
• Examination performance
• Learning analytics
• Identification documents where required
Payment Data
Online payments are processed through secure third-party payment providers. The organization does not store full card details on internal systems.
Payment-related information may include:
• Billing name
• Billing address
• Transaction reference
• Payment status
Technical Data
• IP addresses
• Browser type
• Device information
• Cookies and tracking data
• Login activity
• Platform usage data
Employee and Tutor Data
• Payroll information
• Contracts
• Qualifications
• Background checks
• Contact information
7. How Personal Data Is Collected
Personal data may be collected through:
• Website registration forms
• Course sign-up forms
• Online payment gateways
• Learning management systems
• Email communications
• Live class participation
• In-person attendance sheets
• Customer support requests
• Marketing subscriptions
• Recruitment processes
8. Use of Personal Data
The organization uses personal data to:
• Deliver educational services
• Provide access to online learning platforms
• Conduct live classes
• Manage in-person classes
• Process payments
• Issue invoices and receipts
• Provide student support
• Monitor academic progress
• Improve course quality
• Prevent fraud and abuse
• Meet legal and regulatory obligations
• Send service-related communications
• Conduct marketing activities where permitted
9. Online Learning Platforms and Recordings
Self-Paced Video Courses
The organization may track:
• Video completion status
• Quiz results
• Login activity
• Course engagement metrics
Live Online Classes
Live classes may be recorded for:
• Revision purposes
• Quality assurance
• Internal training
• Student access
Students will be informed when sessions are recorded.
Participants should avoid sharing unnecessary personal or confidential information during
recorded sessions.
10. In-Person Classes
For classroom-based training, the organization may collect:
• Attendance records
• Visitor logs
• CCTV footage where applicable
• Emergency contact information
CCTV systems are used only for security and safety purposes.
11. Cookies and Website Tracking
The organization’s website may use cookies and analytics technologies to:
• Improve website functionality
• Analyze website traffic
• Remember user preferences
• Enhance user experience
• Support marketing campaigns
Users can manage cookie preferences through browser settings or website cookie banners.
12. Data Sharing
The organization may share personal data with:
• Payment processors
• Cloud hosting providers
• Learning management system providers
• Email communication platforms
• IT support providers
• Professional advisers
• Regulatory authorities where legally required
Third-party providers are required to:
• Maintain appropriate security controls
• Process data only under instructions
• Comply with UK GDPR obligations
The organization does not sell personal data.
13. International Data Transfers
Where personal data is transferred outside the United Kingdom, the organization ensures appropriate safeguards are in place, including:
• UK adequacy regulations
• International Data Transfer Agreements (IDTAs)
• Standard contractual clauses
• Approved certification mechanisms
14. Data Security Measures
The organization implements appropriate technical and organizational security measures, including:
• Secure cloud-based systems
• Password protection and multi-factor authentication
• Encryption of sensitive data
• Access controls based on business need
• Secure payment gateways
• Anti-virus and endpoint protection
• Staff training on data protection
• Secure disposal of records
• Regular system updates and monitoring
Employees must:
• Keep passwords confidential
• Avoid sharing login credentials
• Report suspicious activity immediately
• Use approved systems only
• Lock devices when unattended
15. Data Retention
Personal data is retained only for as long as necessary.
Typical retention periods include:
Data Type Retention Period
Student records 6 years after course completion
Financial records 6 years
Marketing consent records Until withdrawal of consent
Website analytics 12–24 months
CCTV footage Up to 30 days unless required for investigation
Recruitment records 12 months
Data may be retained longer where required by law or for legitimate legal purposes.
16. Individual Rights
Under UK GDPR, individuals may have the right to:
• Access their personal data
• Correct inaccurate data
• Request deletion of data
• Restrict processing
• Object to processing
• Withdraw consent
• Request data portability
• Lodge a complaint with the Information Commissioner’s Office (ICO)
Requests should be submitted in writing to the organization’s Data Protection Contact.
The organization will normally respond within one calendar month.
17. Marketing Communications
Marketing emails and promotional communications will only be sent where:
• Consent has been obtained, or
• Another lawful basis applies under applicable law
Recipients may unsubscribe at any time using the unsubscribe link or by contacting the
organization.
18. Data Breach Management
A personal data breach may include:
• Unauthorized access
• Loss of data
• Disclosure of confidential information
• Malware attacks
• Accidental deletion
All suspected breaches must be reported immediately to management.
The organization will:
1. Investigate the incident
2. Contain and mitigate risks
3. Assess legal reporting obligations
4. Notify affected individuals where required
5. Report qualifying breaches to the ICO within statutory time limits
6. Maintain breach records
19. Staff Responsibilities
All employees and contractors must:
• Follow this policy
• Complete data protection training
• Handle personal data securely
• Report incidents promptly
• Use company systems responsibly
• Avoid unauthorized disclosure of information
Failure to comply with this policy may result in disciplinary action.
20. Children and Young Learners
The organization primarily provides professional education services intended for adults.
Where services involve individuals under 18 years of age, additional safeguards and
consent requirements may apply.
21. Data Protection Contact
Questions regarding this policy or personal data requests should be directed to:
Data Protection Contact
Compliance Team
Wale-Kesh Learning
Email: info@drwalekesh.com
22. Complaints
Individuals have the right to lodge a complaint with the UK Information Commissioner’s
Office:
Information Commissioner’s Office (ICO)
Website: https://ico.org.uk
Telephone: 0303 123 1113
23. Policy Review
This policy will be reviewed at least annually or whenever there are:
• Material business changes
• Legal or regulatory updates
• Significant technology changes
• Security incidents affecting data processing
24. Related Documents
• Privacy Notice
• Information Security Policy
• Cookie Policy
• Data Retention Policy
• Incident Response Procedure
• Acceptable Use Policy
• Employee Confidentiality Agreement