Gateway Training & Consultancy Privacy Notice
Gateway Training & Consultancy are committed to protecting your privacy. We only use your personal information to manage bookings and improve service. We will never sell, lease, rent or share your details with third parties.
This Privacy Notice explains when and why we collect personal information about people who interact with or attend courses with Gateway Training and Consultancy, and how we keep it secure. We may change this Notice from time to time so please check our website occasionally to ensure that you’re happy with any changes.
Any questions regarding this Notice and our privacy practices should be send by email to firstname.lastname@example.org. Alternatively, you can telephone 0845 450 7644.
HOW DO WE PROCESS YOUR PERSONAL DATA?
Gateway Training & Consultancy complies with its obligations under the “GDPR” legislation by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We may obtain information from you when you:
- Email, telephone or correspond in any other way with Gateway Training & Consultancy
- Attend a Gateway Training & Consultancy course
- Book on to a Gateway Training & Consultancy open course
- Apply for a job
This personal information may include but is not limited to the following:
- Your name
- Your work place
- Your job title
- Your email address
- Your phone number
Your personal information will only be used by us to:
- Process your bookings or requests
- Respond to questions
- Provide or administer services, such as issuing certification on completion of a course
- Maintain our own accounts and client records
- Carry out our obligations arising from any contracts entered into by you and us
- Provide you with information of upcoming courses or new course titles that we feel may be of interest to you
- Seek your views or comments on the services we provide
Below is an in-depth summary of the different categories of data we may use.
Communication Data that includes any communication that you send us whether that be through the contact form on our website, through email, text, social media messaging or any other. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
Customer Data that includes data relating to individuals that attend a Gateway course or any purchases of services such as your name, title, workplace, job title, email address, phone number and purchase details. We process this data to supply the services you have purchased and to keep records of course attendance. Our lawful ground for this processing is our legitimate interests which in this case are to enable us issue certification of courses to individuals and properly administer our business.
Marketing Data that includes data about your previous bookings and course attendance. We process this data to enable you to partake in our promotions, to let you know about upcoming courses relevant to you and remind you when courses are close to expiry. Our lawful ground for this processing is our legitimate interests which in this case are to grow our business and improve our service.
WHO HAS ACCESS TO YOUR INFORMATION?
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
We allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential.
ACCESSING & UPDATING YOUR INFORMATION – YOUR RIGHTS
Under data protection laws, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data, which Gateway Training & Consultancy hold about you
- The right to request that Gateway Training & Consultancy corrects any personal data if it is found to be inaccurate or out of date
- The right to request your personal data is erased, where it is no longer necessary for Gateway Training & Consultancy to retain such data
- The right to withdraw your consent to the processing at any time
- The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability, where applicable)
- The right to object to the processing of personal data, (where applicable)
- The right to lodge a complaint with the Information Commissioners Office
If you change email address, or any other information we hold is inaccurate or out of date, or you wish to exercise any of the rights set out above, please email us at email@example.com or telephone 0845 450 7644. We will respond to all legitimate requests within two weeks. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case we will notify you.
LINKING TO OTHER WEBSITES
We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed or accessed without authorisation. Communications in connection with the website and its content may be sent to you by us by e-mail. For ease of use and compatibility, communications will not be sent to you in an encrypted form. E-mail is not a fully secure means of communication. Whilst we try to keep our systems and communications protected against viruses and other harmful effects we cannot guarantee this.
If you pay for any goods or services online or over the phone with Gateway Training & Consultancy, your credit card details are not collected or stored by us. This information is collected by WorldPay using their secure servers. We only store your contact name, email and telephone number in order that we can process your order effectively.
WorldPay provides a secure payment gateway (Level 1 PCI DSS), processing payments for thousands of online businesses, including ours. It is their utmost priority to ensure that transaction data is handled in a safe and secure way. WorldPay is PCI DSS (Payment Card Industry Data Security Standard) compliant to the highest level and maintains regular security audits. They are also regularly audited by the banks and banking authorities to ensure that their systems are impenetrable. World Pay is an active member of the PCI Security Standards Council (PCI SSC) that defines card industry global regulation.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, accounting or reporting requirements. For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers. In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
This notice was last updated in May 2018.