PRIVACY & COOKIES
To comply with our obligations under the General Data Protection Act and any other relevant legislation.
To keep your personal information and the business you do with us in strict confidence.
To obtain your personal information lawfully and fairly.
To maintain appropriate procedures to ensure that personal information in our possession is accurate and, where necessary, kept up-to-date.
Where we choose to have certain services, such as data processing, provided by third parties we do so in accordance with applicable law and take all reasonable precautions regarding the practices employed by the service provider to protect personal information.
To maintain appropriate technical and organisational safeguards to protect personal information against loss, theft, unauthorised access, disclosure, copying, use, or modification.
Not to sell your personal information.
If you do not agree with this policy we would kindly like to ask you to refrain from providing us with your information.
What is personal data?
Personal data is defined by the General Data Protection Regulations as:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
Legal bases for processing your data
We use different legal bases for processing data that you provide us:
Contract: when you use and participate in our events, training, or services
Legitimate interest: where you have previously used our services or attended our events or training.
Consent: where any processing or secondary processing of your personal data is shared with third parties or where you agree to the specific use of your personal data as per the terms and conditions of the event, training, or other services you are registering for.
Personal data we collect, why we collect it, and whom we share it with
We collect personal data as set out below in order to promote and provide our services.
We collect student data in order to facilitate our teaching activities including monitoring, achievement, progression, and feedback. We also use this data to inform students or past students about courses and events that we believe may be of interest to them.
When collecting data for students, we may occasionally collect personal data for children. This information is normally provided to us by the parents.
For children younger than 16 years old, the use of any of our services is only allowed with the valid consent of a parent or a guardian. In limited cases as part of a reservation, we may collect and use the information of children only as provided by the parent or guardian or with their consent. If we become aware that we process information of a child under 16 years old without the valid consent of a parent or guardian, we reserve the right to delete it.
Statistical: anonymous information about how many users we have, how often they visit, which pages are visited most frequently, and by what types of users, in what countries.
Technical: personal information to remember a visitor within the same browsing session and to ensure that the interface is adapted to their device (e.g. when you click ‘remember me’)
You can turn off cookies, but if you do, you may not be able to use all the features on our websites and we may not be able to store your preferences (such as whether you have accepted cookies). This will not prevent other cookies from being placed on your device unless you adjust your settings.
How we collect this information about you:
We collect the information listed through different channels:
Digital / online forms e.g. for event participation
Phone calls and correspondence
Visiting our websites and/ or social media pages.
How we use your information
We process your personal data in accordance with our obligations under applicable data protection laws and regulations, for the following reasons:
To provide you with details of events and services that you have requested or that are strongly related to services that you have used.
To provide you with details of events and services that we think may be of interest to you
To notify you of changes to our services, training, and events.
To provide you with a service- this may include passing your data to a third party.
To meet our safeguarding obligations
How long we keep your personal data
We only keep your information for as long as we need it to provide you with the services or information you have requested, to administer your relationship with us, to comply with the law, or to ensure we do not communicate with those that have asked us not to.
Our general retention period is five years after a record has ceased to be active.
Where we store your personal data
We store your data on two different platforms:
public cloud-based storage
We use appropriate business systems and procedures to protect and safeguard the personal data you give us. We also use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorized personnel are permitted to access personal data in the course of their work.
Any payment transactions will be encrypted using SSL technology (SSL stands for ‘Secure Sockets Layer’ and creates encrypted connections).
Unfortunately, the transmission of information via the internet is not completely secure. We cannot guarantee the safety of your data during transmission, but once we receive your data it will be used and stored securely.
Access to your information
We allow our staff to access and use your information for the purposes for which you have provided it to us. For added security, we require all staff with medium-high data access levels to utilise multi-factor authentication via our Cloud systems and storage.
Any third-party agencies engaged by us to carry out our services are carefully selected and required to demonstrate compliance with UK data protection legislation.
We will only share your personal information with third parties where it is directly relevant to the services you have requested. We require third parties to treat your data with the same level of care as if we were handling it directly.
While we will seek consent at the point of collecting your data, in some cases we may process data without consent when we are legally allowed to do so and where it is in our legitimate interests.
You can withdraw your consent at any time.
If you request not to receive any further contact from us, we will keep a record so we know not to contact you in the future. This will include your name, organisation, and preference not to be contacted
We understand that privacy and data are sensitive and important. You have a number of rights in relation to your data. These are:
The right of access: you have the right to access the data and information we hold about you. Please see below for details on how to request this information
The right to rectification: we want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate by contacting us using the contact details below
The right to erasure: you can request that we delete the information we hold on you by contacting us using the contact details below.
The right to restrict processing: you can let us know how you want us to use your data by getting in touch with us using the contact details below.
The right to data portability: you have the right to request your data be provided in an easy-to-use format to another supplier.
The right to object: you can opt-out of hearing from us at any point by contacting us using the contact details below.
Legal information and how to contact us
The controller of personal data is the company that determines the purpose and means of processing your personal data.
You have a right to access the personal information we hold about you and in certain circumstances to be provided with a copy of that information. You can request this by using the contact details below.
If at any time you do not wish to receive further information about us and our services, or you wish to change your contact details or preferences, please contact us using the details below. Please note that we will keep some basic contact information to ensure we don’t contact you again in the future. If we completely erased your records then we wouldn’t be able to ensure we don’t contact you again in the future.
What is a cookie?
Cookies are small text files that are sent by websites that you visit to recognise who you are when you return there. These files are stored on your computer’s hard drive and are read by your web browser.
How are cookies used?
In short, cookies are a way of providing statistics on on-site visits as well as some limited functionality that makes your site visit easier. When used properly cookies are an asset to a site visitor and a site owner. They are not viruses, but some unscrupulous outfits will use them maliciously – we follow best practices for cookie use.
Adobe uses a particular type of cookie called a ‘Local Shared Object’, which is typically collected if you watch a video for example that uses the Adobe Flash media player, i.e. an embedded YouTube video on a page that is being played via Flash. Please note that these types of cookies will not be found on iPads, which do not support Flash. Have a look at Adobe’s website if you want to control Flash cookies on your computer. If you’ve got a Firefox browser you can also get an add-on to detect and delete Flash cookies.
Opting out of cookies?
There are a number of options available so that you do not have to store any cookies at all. You can either set your browser so that it will not accept and store any cookie or if you have a little more time and knowledge you are able to allow only certain ‘trusted’ sites to store cookies on your computer. These sites may include us (of course!), or the site where you carry out your online banking, or possibly your favourite news service.
It’s worth bearing in mind that if you decide to delete all of your cookies, then you will likely have to re-enter all of your usernames and passwords on all of the sites that you visit, which you previously didn’t even have to think about. As we mentioned before, cookies can be a real asset to your web surfing experience.
The Information Commissioner’s Office (http://www.ico.gov.uk/) provides some advice about cookies and their use, but it also provides a link to ‘About cookies’ (www.aboutcookies.org) which is run by the law firm Pinsent Masons. This website provides even more information about cookies if you feel that this page and the ICO is not enough information for you, but it also details how you might delete any cookies that you find, and it also shows you how to allow those trusted sites to store their cookies on your computer.