In order to provide our service we need to process some data relating to you (some of which may be personally sensitive). Use of our services is entirely opt-in.
All of the training data is stored in an encrypted database - on Microsoft Azure cloud based servers residing wholly within the EU. Some other servers may be used internationally for additional services (support, email, etc.).
We may share your training data with your organisation and the training presenter. This may or may not be anonymised.
We may obtain your data from your employer, yourself, and both our web portal and installable web application.
We may offer insights and training recommendations based upon data in your profile. The results of any such profiling are accessible directly in your account. We may also use data extracts (anonymised) for research purposes (to improve our product or algorithms for example). We can exclude your data from such programmes if you prefer.
Please contact us if you feel there are errors in any data we hold relating to you.
You can download history of your training via our web portal. Please contact us for anything further, we will endeavour to comply with reasonable requests where possible (assuming it does not adversely affect the rights and freedoms of others).
You can request we delete your account at any time. We may have to preserve your attendance data for your organisation.
We use several third-parties to operate and secure our service. Please refer to their respective privacy policies for more information on how they process data: Microsoft Azure, Cloudflare, Freshworks Freshdesk, Google Recaptcha, ActiveCampaign Postmark and Twilio SendGrid.
Please refer to the respective merchant for their privacy policies. We never store your credit/debit card details but do keep other information related to the transaction.
Please contact us if have any complaints concerning our data collection or processing. You can also escalate your complaint to the Information Commissioner's Office (ICO), a supervisory body.
For data processing within the EU, we are registered with the Information Commissioner's Office (ICO) under the Data Protection Act (Registration number: ZA243844). Outside of the EU, we operate under the EU-US Privacy Shield Framework where permissible (the replacement for the EU Safe Harbor Framework).
If you have further security questions or concerns please contact us.
This policy was last updated on the 03 October 2022.