Privacy Policy

GENERAL

Headworks Training Limited (“we”, “us” or “Headworks”) take the privacy of your information very seriously. Our Privacy Notice is designed to tell you about our practices regarding the collection, use and disclosure of personal information which may be collected in person from you, obtained via our websites or collected through other means such as by email, or telephone communication.

In this notice “you” refers to any individual whose personal data we hold or process

In general, our services relate to the provision of training and consulting services to clients and we do not process personal data on a large scale. This Privacy Notice explains when and why we collect personal information about people who interact with or attend courses with Headworks Training Limited and and how we keep it secure.

This notice is governed by the EU General Data Protection Regulation (the “GDPR”) from 25 May 2018.

HOW DO WE PROCESS YOUR PERSONAL DATA?

Headworks Training Limited complies with its obligations under the “GDPR” legislation by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

 We may obtain information from you when you:

  • Email, telephone or correspond in any other way with Headworks Training Ltd

  • Attend a Headworks Training course

  • Book on to a Headworks Training course

  • Complete our online contact form

 This personal information may include but is not limited to the following:

  • Your name

  • Your work place

  • Your job title

  • Your email address

  • Your phone number

 Your personal information will only be used by us to:

  • Process your bookings or requests

  • Respond to questions

  • Provide or administer services, such as issuing certification on completion of a course

  • Maintain our own accounts and client records

  • Carry out our obligations arising from any contracts entered into by you and us

  • Provide you with information of upcoming courses or new course titles that we feel may be of interest to you

  • Seek your views or comments on the services we provide

Below is an in-depth summary of the different categories of data we may use.

Communication Data that includes any communication that you send us whether that be through the contact form on our website, through email, text, social media messaging or any other.  We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.

Customer Data that includes data relating to individuals that attend a Gateway course or any purchases of services such as your name, title, workplace, job title, email address, phone number and purchase details.  We process this data to supply the services you have purchased and to keep records of course attendance.  Our lawful ground for this processing is our legitimate interests which in this case are to enable us issue certification of courses to individuals and properly administer our business.

Marketing Data that includes data about your previous bookings and course attendance.  We process this data to to let you know about upcoming courses relevant to you.  Our lawful ground for this processing is our legitimate interests which in this case are to grow our business and improve our service.

WHO HAS ACCESS TO YOUR INFORMATION?

We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.

We allow access to your personal data only to our employees and partners who have a business need to know such data.  They will only process your personal data on our instructions and they must keep it confidential.

ACCESSING & UPDATING YOUR INFORMATION – YOUR RIGHTS

Under data protection laws, you have the following rights with respect to your personal data:

  • The right to request a copy of your personal data, which Headworks Training Ltd hold about you

  • The right to request that Headworks Training Ltd corrects any personal data if it is found to be inaccurate or out of date

  • The right to request your personal data is erased, where it is no longer necessary for Headworks Training Ltd to retain such data

  • The right to withdraw your consent to the processing at any time

  • The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability, where applicable)

  • The right to object to the processing of personal data, (where applicable)

  • The right to lodge a complaint with the Information Commissioners Office

If you change email address, or any other information we hold is inaccurate or out of date, or you wish to exercise any of the rights set out above, please email us amber@head.works.  We will respond to all legitimate requests within two weeks. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case we will notify you.

LINKING TO OTHER WEBSITES 

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website, so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website. Similarly, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.

DATA SECURITY

We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed or accessed without authorisation.  Communications in connection with the website and its content may be sent to you by us by e-mail. For ease of use and compatibility, communications will not be sent to you in an encrypted form. E-mail is not a fully secure means of communication. Whilst we try to keep our systems and communications protected against viruses and other harmful effects we cannot guarantee this.

DATA RETENTION

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, accounting or reporting requirements.  For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers. In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.