Training Link is the data controller (referred to as “we”, “us” or “our” in this privacy notice) and we are responsible for your personal data. (You are known as the data subject.)
Full name of legal entity:
- Training Link
- Unit B, Meltex House
- 65-67 Kepler
- B79 7XE
- 0121 323 4477
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes. This can be done by emailing us at firstname.lastname@example.org
- WHAT DATA DO WE COLLECT ABOUT YOU, FOR WHAT PURPOSE AND ON WHAT GROUNDS DO WE PROCESS IT
Personal data means any information capable of identifying an individual.
We may process the following categories of personal data about you:
- Communication Data includes any form of communication. This could be any of (or a combination of) the following:
- Our website contact form
- Telephone calls
- Text messaging
- Social media messaging
- Social media posting
- Any other form of communication that you send to us
We process this data for the purposes of accurate, appropriate and relevant communication with you. It is also used for academic record keeping and for the establishment, pursuance or defence of legal claims (if deemed necessary or appropriate).
- Customer Data that includes data relating to any purchases of products or services. This includes, but is not limited to your name, title, billing address, delivery address, email address, phone number, contact details, basic bank/credit card details.
We process this data to supply the products or services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.
- Technical Data that includes data about your use of our website, length of visit to pages on our website, page views and navigation paths. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website and to understand the effectiveness of our website. Our lawful ground for this processing is our legitimate interests, which in this case are to enable us to correctly administer our website and our business, to grow our business and to assist with our marketing strategies.
Where we are required to collect personal data, and you do not provide us with the data when requested, we may not be able to deliver our services to you. If you don’t provide us with the requested data, we may have to cancel a product or service you have ordered. If we do, we will notify you at the time.
We will only use your personal data for the purpose that it was collected, or for a reasonably compatible purpose (if required or necessary). For more information on this please e-mail us at email@example.com. In case we need to use your details for an unrelated new purpose we will notify you, and explain the grounds for further processing.
We do not carry out automated decision making or any type of automated profiling.
We do not collect any sensitive data about you. Sensitive data refers to data that includes details about your race, ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, genetic or biometric data. We do not collect any information about criminal convictions and offences.
- MARKETING COMMUNICATIONS
We will not share your personal data with any third party for their own marketing purposes. We may from time to time send e-mails to existing customers; these e-mails will relate to current products or services that we feel would be appropriate. You are free to unsubscribe from these e-mails at any time.
- DISCLOSURES OF YOUR PERSONAL DATA
We may have to share your personal data with one or more of the parties set out below in order to provide you with our products or services, or in order to comply with our legal obligations:
- Softext – Nominated IT and software service provider
- The Association of Accounting Technicians (AAT) – Awarding Body
- The Institute of Certified Bookkeepers (ICB) – Awarding Body
- Study House – Business Practices Course Provider
- Parcelforce/Royal Mail – Nominated Course Courier/Delivery Operator
- Worldpay – Online Payment System
- PayPal – Online Payment System
- Divido – Nominated Finance Company
- Professional advisers. This may include, but is not limited to lawyers, bankers, auditors and insurers (if required)
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law and current General Data Protection Regulations. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
- INTERNATIONAL TRANSFERS
This relates to any countries outside of the European Economic Area (EEA). These countries do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.
Rest assured that we do not transfer personal data to anyone unless there is a genuine need to do so (as outlined in point 4 above).
- DATA SECURITY
We have robust security measures in place to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without prior authorisation. We will only allow access to your personal data to those nominated third parties previously mentioned in point 4 above and they will only process your personal data on our instruction, keeping it private and confidential at all times. Furthermore, they are not permitted to pass on your details to any other party without your explicit permission.
We have processes and procedures in place to deal with any suspected breach of personal data and will notify you plus any applicable regulator of a breach if we are legally required to do so.
- DATA RETENTION
We will only retain your personal data for as long as it is necessary to fulfil the purpose it was collected for, including for the purposes of satisfying any legal or reporting requirements.
When making this decision, we will consider the learner journey, qualification level, accreditation body, syllabus, course progression, plus a range of other contributing factors.
In some circumstances we may choose to anonymise your personal data for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
- YOUR LEGAL RIGHTS
Under GDPR you have rights in relation to your personal data that include:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
You can read more about these rights here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you wish to exercise any of the rights above, please send us an email to firstname.lastname@example.org giving us as much detail as possible and we will be happy to engage with you.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is excessive, unfounded or repetitive.
We will respond to all legitimate requests within 30 days. Occasionally it may take us longer than 30 days (if for example your request is particularly complex or you have made a number of requests). If this is the case, you will be notified.
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
Please do contact us in the first instance if you have a complaint so that we can try to resolve it for you.
- Third-Party Links
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links, or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.