Privacy Policy Effective Date: [Insert Date] 1. Introduction [Your Company Name] (“we”, “our”, “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use our services, including our website, training courses, and communications. 2. Data Controller The data controller responsible for your personal data is: [Your Company Name] [Address] [Email] [Phone] 3. Personal Data We Collect We may collect and process the following data about you: Identity information: name, date of birth, gender. Contact information: email address, phone number, postal address. Professional information: job title, company, qualifications. Course and training information: courses attended, feedback, certificates issued. Payment information: billing address, card or bank details (processed securely via a third-party provider). Website usage data: IP address, cookies, and browsing behaviour on our website. 4. How We Use Your Data We use your data to: Provide and manage your access to our training courses and services. Process payments and issue receipts or invoices. Send course-related communications, updates, or promotional materials (if you have consented). Improve our services and develop new training offerings. Comply with legal obligations, such as financial and regulatory requirements. 5. Legal Basis for Processing We process your data based on: Your consent, where you have provided it. The necessity to perform a contract with you. Compliance with legal obligations. Our legitimate interests, such as improving our services. 6. Data Sharing We do not sell your personal data. We may share your information with: Third-party service providers who help deliver our training (e.g., online platforms, exam boards, payment processors). Regulatory authorities, if required by law. Professional bodies or partners, with your consent, where relevant. 7. Data Retention We retain your personal data only as long as necessary for the purposes stated above or as required by law. For example: Training records and certificates: [Specify period, e.g., 7 years]. Financial records: [Specify period, e.g., 6 years for HMRC]. 8. Your Rights Under the UK GDPR, you have the right to: Access your personal data. Request correction of inaccurate data. Request erasure of your data (“right to be forgotten”). Restrict or object to processing. Withdraw consent at any time. Receive your data in a portable format. To exercise these rights, please contact: [Insert contact details]. 9. Data Security We implement appropriate technical and organisational measures to protect your personal data from loss, misuse, or unauthorised access. 10. Cookies and Tracking Our website may use cookies and similar technologies to enhance user experience and analyse usage. You can manage cookie preferences through your browser settings. 11. Changes to This Policy We may update this Privacy Policy from time to time. The latest version will always be available on our website. 12. Complaints If you have concerns about how we handle your data, you can contact us. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): https://ico.org.uk/