Concrew Training is a private limited company which provides training and consultancy services to help businesses grow and to provide individuals with new and/or enhanced skills, abilities and career progression opportunities. This privacy notice tells you what to expect when Concrew Training Limited collects and uses personal information.
References to “we” or “us” are to Concrew Training Limited, a company incorporated in England and Wales (registered number 8932046) whose registered office is at Ransom Hall, Ransom Wood Business Park, Mansfield. UK. NG21 0HJ who is the controller of any personal data processed as described in this Privacy Policy.
POLICY OVERVIEW
In general terms we retain only the information we need to conduct our business. The majority of the personal information we retain relates to customer enquiries, invoicing and newsletters. Notably, Name and Email Address but other associated information relating to email opens and links clicked may be recorded too.
In some situations, for example sales, enquiries and course bookings we may hold more detailed information, this could include job role, business type, business address and business telephone numbers and payment method. This information is not stored on our web sites. We do not retain any customer credit card or bank information.
Where delegates attend courses and complete course evaluations their attendance, comments and feedback is retained too. We only use the data we collect for the purpose it was supplied for. We do not, for example, add the details of those booking or attending courses to our mailing lists unless specifically requested to do so. We do not sell our data but we may need to share individual or small group data with subcontractors and customers to ensure delivery contracts are fulfilled, for example delegate names on a training course and delegate feedback is shared with the trainer and the customer organising the training. More detailed information on how we use personal data can be found below.
LAWFUL BASIS FOR PROCESSING
All personal information we gather is processed in accordance with applicable data protection and ancillary laws. We use the information you provide to us, or to us either direct or via our sub-contractors,
- in meeting specific requests you have made of us, for example – the supply of services or information
- in performing a contract with you to deliver our services
- in meeting our legal obligations
- for our legitimate business purposes
Our Legitimate Business Purposes include: –
- offering products and services to you or your business. (You have the right at any time to request that we do not contact you for this purpose or to limit how we contact you)
- enhancing, personalising and improving our communications and services we provide
- determining the effectiveness of promotional campaigns
- providing training, consultancy and professional development services s ordered by our clients
- asking you for feedback on the products, services or support you received from us
- meeting contractual obligations to any funder(s) of services we provide
- improving website security and efficiency, identifying and prevent potential fraud or data theft
We may when needed to fulfil these businesses purposes share your information with delivery partners, sub-contractors and persons in your own organisation.
Information we hold, for example information within email correspondence, may be transferred to or through other countries, with adequate levels of protection.
Any personal information we collect is stored securely until a time it is no longer required or has no use. You have, at all times, the right to:
- to request access to personal data relating to you and have it provided in a structured machine-readable format;
- to restrict the processing, rectification or erasure of your data (subject to other conditions);
- the right to object to our processing of your data and the right to withdraw your consent to our processing where relevant.
For data protection purposes we may need to verify any instruction to modify or change personal data held originates for the person to whom the data relates.
INFORMATION COMMISSIONERS OFFICE (ICO) UK
Concrew Training is registered with the ICO as a processor of data and strives to abide by the laws and regulations placed on business.
CHILDREN
We strongly believe in protecting the privacy of children. In line with this belief, we do not knowingly collect or maintain personal information from persons under 13 years of age, and no part of our websites are directed to persons under 13 years of age. If you are under 13 years of age, then please do not use or access the Website at any time or in any manner. We will take appropriate steps to delete any personal information of persons we believe to be less than 13 years of age.
DISCLOSURE and SHARING OF YOUR INFORMATION
We do not sell our data but we may on occasions share individual or small group data with subcontractors and customers to ensure delivery contracts are fulfilled, for example delegate names on a training course. Delegate feedback is shared with the trainer and the customer organising the training.
We may disclose your personal information to third parties when permitted by law including:
- with your consent
- to our suppliers in order for them to help us provide our services to you, this includes:
- partner institutions and trainers that provide training courses or content online or face to face
- our provider of file storage and communications services when you contact us
if we are under a duty to disclose or share your information in order to comply with any legal obligation, or in order to enforce or apply our Terms and other agreements; or to protect our rights, property, or safety, our users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
OUR WEBSITES
General Information
Our websites do not collect any personal identifiable information other than that you may specifically supply via the web site forms. We only use necessary cookies so you will not be offered opt in/out options.
WordPress
We use a third party service, WordPress.com, to publish our websites. These sites are hosted on third party servers. We do not allow posting of comments or feedback and no general user information is stored. When we run open events booking information collected via the web site forms is sent to us and not stored our websites.
Web site browsing and Cookies
Our web sites only use essential cookies. These improve the users experience when visiting the web site. We do not collate or analyse cookie data and no personal identifiable information is contained within them. More information can be found in our Cookies Policy.
Website Forms
Our web sites contain various contact, subscription forms and from time to time course booking forms. These forward the information you supply to us in email format. We store and process the information solely to provide the service you have requested.
- Email marketing subscriptions – kept until we cease marketing via email or your request removal.
- General Enquiries – These and subsequent email correspondence chains are retained for 6 years
- Open Course Bookings – 5 years
Website and Marketing Email Images
In line with our vision of “growing together” we believe the internet should remain free and open. We support the sharing of images through creative commons licenses and where such images are used we provide links to the original works, artists and license. We retain this information and publish it to meet the creative commons licencing requirements. Information is retained for 12 months after we cease to hold the image in our files.
Website Images – Content Delivery Network
Service Provider “Vertigo Studio SRL” of Bucharest Romania operating as “Optimole” is used to speed up the load time of images on our website. Optimole provides a Content Delivery Network for the storage and optimization of image data and layout data (CSS and JavaScript files). In this process, the transfer of information between your browser and our website is technically routed through Optimole’s network. This enables Optimole to analyse the traffic between your browser and our website and provide a filter between webservers and potentially malicious internet traffic. In doing so, Optimole may use cookies or other technologies to recognise Internet users, but these are used solely for the purpose described above.
The use of Optimole is based on our legitimate interest to ensure our websites load quickly and are error-free
Website Security
Only authorised users are required to log in to our websites. Our web sites use multiple third party services to help maintain their security. To deliver this security they log and process the user name, password and IP addresses of visitors/computers that log in or try to log in. This information is retained for 8 days from last log in or log in attempt. For repeated unauthorised log in attempts in details are blacklisted and may be retained indefinitely.
Adverts and Sponsored Website Links
Our websites do not contain direct third party paid for/sponsored links or adverts. If any such links are found do not follow them but advise us so we can investigate further.
We may on occasions, for example in our “news” section, provide links to third party websites that provide addition information and or resources. We do not receive any payments for doing this.
Concrew Training cannot be held liable for any damages or implications caused by visiting any external links. We may on occasions provide links to third party websites that provide addition information and or resources. We do not receive any payments for doing this
External Website Links
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Our websites contain links to external websites. We keep third party links to a minimum and where included strives to ensure they are safe and relevant be aware that we have no control over the privacy policies operated by these linked sites. We accept no liability for the privacy policies of these sites or for the treatment of information provided by you to or on such sites. Links can change and can come corrupted so visitors to this web site should take care when opening any external link. If any links are found to be corrupt damaged or in anyway misleading please notify us.
Concrew Training cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social Media Platforms
Our website, newsletters and marketing campaigns may contain links to third party social media platforms.
Communication, engagement and actions taken with and through these are on the terms and conditions and privacy policies of the respective social media platform. Users are advised to use social media platforms with due care and caution in regard to the content of any messages posted and the disclosure of their own personal details.
Concrew Training will never ask for personal or sensitive information through social media platforms.
Any visitors, users or clients wishing to discuss sensitive details are requested to contact us direct by telephone, mail or email.
Our websites may also uses social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your own social media platform account.
Concrew Training shares information and website links through a range of social media platforms. Some social media platforms shorten lengthy website addresses to an abbreviated code like structure; for example this web site’s address could become http://ow.ly/wVidI. Users are advised to take care and use good judgement before clicking any shortened website addresses published on social media platforms. These links can change and can come corrupted. Concrew Training cannot be held liable for any damages or implications caused by visiting any shortened links.
Email Newsletters and Marketing Campaigns
This website and Concrew Training operate an email newsletter program, which informs subscribers about products and services supplied by Concrew Training and this website. Email newsletters are issued through our Concrew Training Mail division website. Emails are sent to our subscriber lists.
Our subscriber lists contain first name, last name and email address information. This information is retained until we cease sending marketing emails or removal is requested.
Concrew Training uses third party mailing systems to send email marketing and newsletters. Subscriber list details may be stored on or passed through these systems but the subscriber list details are not made available to them for their or other party use. We also vet the third party security and privacy polices before use.
Concrew Training does not otherwise sell or share personal information with third parties other than law enforcing agencies when specifically requested to do so. Users can request subscription, at their own discretion, through our general contact form or our email list subscription form, or by emailing us direct.
Email newsletters and marketing campaigns published by Concrew Training and its web sites may contain tracking facilities, industry standard technologies including clear gifs, within the actual email. Subscriber activity may be tracked and stored in databases for future analysis and evaluation. Such tracked activity may include, for example but not exclusively; the opening of emails and the clicking of links within the email content, times, dates and frequency of activity. This information is used to enhance the quality, relevance and effectiveness of future email campaigns. For example, high levels of opening of related course links may lead to a course being marketed more frequently. We may also use this information to identify subscribers who appear to have ceased interacting our email newsletters and marketing; in these situations we may remind subscribers of their right to unsubscribe, remove their details from our mailing lists and/or request that they re-subscribe. Information is retained for up to 6 years or until no longer needed.
In compliance with UK regulations subscribers are given the opportunity to un-subscribe at any time through an automated system. Clear links to our unsubscribe process are included in the footer of all newsletters. Additionally Unsubscribe Forms are published on our web sites.
Telephone Calls and Enquiries
When you call our main contact numbers our telephone service provider, “iNet Telecoms Ltd” collects Calling Line Identification (CLI) information and records the telephone conversation. Telephone recordings are retained for 30 days. A transcription of the call, contact details is distributed through email and retained in line with our email retention period.
We use the information collected to provide answers to your questions and enquiries including where appropriate course information and price quotes.
When calls are made to our mobile phones we collect Calling Line Identification (CLI) information and where left recordings of voice mail messages. We use this information to provide answers to your questions and enquiries including where appropriate course information and price quotes. This information is retained by us until we have responded to your enquiry. Where email information is provided in the course of the telephone conversation this is recorded and may be used to confirm or provide information to you. The content of telephone enquiries may be transferred into email correspondence and retained as below.
Our telephone numbers are listed with the Telephone Preference Service. We do not make nor accept unsolicited sales calls. We report unsolicited sales calls to the Telephone Preference Service, who in turn may pass them to the Information Commissioners Office (ICO).
EMAILS
Email sent to us, including any attachments, are monitored and blocking software used to prevent the delivery of viruses and/or unsuitable materials.
All emails sent to us and the information within is recorded and stored. We use the information provided to reply to your enquiry and for future correspondence that relates to it. We call this transactional email.
When we send transaction emails they are routed through third party service providers. These service providers track and retain delivery information. We vet the privacy and security policies of these providers before use. We make every effort to ensure the delivery chain is secure this cannot be guaranteed.
We keep details of email correspondence for up to 3 years.
SALES and CREDIT CARD PAYMENTS
All sales, invoicing and payment information is recorded and retained for 6 years.
When we accept payments by credit cards the transactions are processed online through Zoho Books and directly by Stripe Incorporated whose head office is in San Francisco, California, USA. Stripe provides an online international payment scheme for over 100,000 businesses in more than 100 countries. They have secure systems and robust privacy policies which can be found at https://stripe.com/gb/privacy. They collect and process your credit card and related payment details. Card data is not passed to us only confirmation of the payment.
Where customers wish to pay by credit card over the telephone we input the data into the secure online Stripe Portal and immediately after shred any information that we have written down.
COURSE REGISTERS and EVALUATION FORMS
When delegates attend courses Concrew Training records and stores their attendance and feedback grades/comments, processing is carried out on behalf of the end user client (Data Controller) and Concrew Training operates as a data processor. We use the above information to issue CPD certificates and for quality development. In the process of doing this we share the information with the trainer/s who delivered the workshop and for internal on site CPD courses, the organisation which commissioned the course. We retain this information for 6 years. We also, where express permission has been given with the evaluation forms, use anonymous delegate feedback for marketing purposes. We do not personally identifiable information within our marketing. These records are kept for up to 6 years.
VIDEO CONFERENCING, ONLINE CLASSROOMS and MEETINGS
Online training carries a higher risk to your privacy than face-to-face training. To minimise risk to your privacy we strive, where ever possible, to deliver our online training virtual classroom training through the platforms, systems and procedures of the client organisation. This means that the privacy policy in place for such training will be that of our client organisation. In the event that Concrew Training is required to process data it is as a data processor rather than as a data controller.
On the rare occasions that training is delivered on a video conferencing platform arranged by Concrew Training we have a number of safeguards in place to safeguard users and their privacy. These include data encryption and waiting/joining rooms. We do not record the training once the session ends no copy is maintained by Concrew Training, The Trainer or the platform. Additionally; prior to course enrolment all users are issued with a set of ground rules for professional behaviour when participating in our online training sessions. To safeguard other users the Trainer may restrict your participation if these rules are breached
Concrew Training and the video conferencing platforms we use to deliver our online learning and meetings through, collect the data that is needed operate effectively and provide you the best experiences. You provide most of this data to us directly when you register for webinars and events
Including: Name, Phone Number, Email Address, Company name, address
The information collected may be shared with the video conferencing platform and the trainer hosting the course but only for the purpose of delivering the training.
Use of Your Information – Video Conferencing Platforms
When you access our products and services through our video conferencing, webinars online classrooms/meetings you agree that your personal information may be collected, stored, used and shared by us and our partners, course and content providers, or the third parties we work with, to
- provide you with a personalised learning experience
- to fulfil any contractual agreements between you and us
- to send you course-specific email notifications and updates about online courses you have booked on
- to collect, moderate and present reviews and ratings of our online content and courses to be published on our Website
- to provide confirmations of the courses you have participated in and/or the award you have achieved as a result (if applicable) for accreditation, certification and/or CPD purposes
The trainer may ask for details of past experience and knowledge, and further information may be gathered as a result of your answers to questions, activities and quizzes. This information is used to help other learners get to know you and help us to tailor the training to meet your learning needs better.
Data Collected – Video Conferencing Platforms
Additional information is collected when you access our training through a third party video conferencing platform such as “ZOOM” or “MS Teams”. When you register for (or attend) an event hosted on such a third party video conferencing platform, your participation will also be governed by privacy policies of the video conferencing platform. These third party organisations may gather or receive and use your data pursuant to their own policies.
Upon registering for an event, you should receive the privacy policies that are applicable to your participation in that event and be asked to agree to them. If you register for an event but do not receive event policy notices, or if you have questions about policies presented, please contact us.
Information collected by the video conferencing platform may include:
- Name, user name, email and personal photo (if you upload one)
- Device Information, Your computer operating system/version and connection type, type of speakers, camera, microphone
- IP Address and through that location information
- Changes to the above during session eg, change of computer, device or equipment
- Which settings and features were used, eg video on/off. waiting room used
- Name/Date/Time/Duration of the meeting, number of participants
- Join time of the participants
The video conferencing platform will retain this type of personal data personal data in line with their own privacy policy.
Additional information collected by the video conferencing platform during the training session that is not stored or retained after the training session ends
- Voluntary additional information such as answers to questions etc
- Files and documents that are uploaded during the training
- Video and audio footage – i.e the training session itself
- Tracking of your attention
Job applicants, SUBCONTRACTORS, current and former employees
When individuals apply to work at or with Concrew Training we will only use the information they supply to us to process their application and to monitor recruitment statistics.
Where we want to disclose information to a third party, for example where we want to take up a reference or obtain a ‘disclosure’ from the Criminal Records Bureau we will not do so without informing them beforehand.
Personal information about unsuccessful job candidates will be held for 12 months after the recruitment exercise has been completed. Personal information about subcontractors will be held on file until it is no longer needed. Typically 24 months without assignment.
Once a person has taken up employment with Concrew Training we will compile a file relating to their employment. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment has ended we will retain the file in accordance with the requirements of our retention schedule and then delete it. We also provide personal information about employees to the appropriate Government agencies, including for example HMRC including real time pay and tax information.
DATA STORAGE
Data is securely stored at our offices in Nottinghamshire England. Our service providers, for example web, email, telephone and back up storage providers also store, securely, copies of this data and in multiple locations. Most data is stored within Europe but some service providers, for example Microsoft and Google, and Video Conferencing Platforms may transfer data outside of Europe. Our service providers systems comply with UK data protection legislation and the standards needed when data is transferred outside of Europe
Complaints and Queries
Concrew Training performs to high standards when collecting and using personal information. We treat any complaints we receive seriously. If you believe our collection or use of information is unfair, misleading or inappropriate please let us know and we will strive to remedy the situation as quickly as possible. We retain any complaint or improvement information for 12 months or where received by email in line with our email retention time limits.
SUBJECT ACCESS REQUESTS (SAR)
If you require details of the information we hold about you may request the same through a subject access request. If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need by telephone or by email.
You may also request a formal hard copy of the personal information held about you by Concrew Training. To access this information please put your request in writing and send it to our main office address in Mansfield as detailed at the bottom of this policy
If we do hold information about you we will be pleased to:
- give you a description of it
- tell you why we are holding it
- tell you who it could be disclosed to; and
- let you have a copy of the information in an intelligible form
If we do hold information about you or the information we hold is incorrect, you can ask us to correct any mistakes. Concrew Training does not charge for reasonable subject access requests. We reserve the right to make reasonable charges in respect of any request that is manifestly unfounded or excessive.
FREEDOM OF INFORMATION REQUESTS (FOI)
Concrew Training is a commercial business and outside the scope for FOI requests. To protect the privacy of service users and stakeholders Concrew Training does not process third party freedom of information especially those that relate to business sensitive information.
HOW TO CONTACT US
We can be contacted by telephone, email or web forms via the contact us pages on any of our web sites, alternatively you can write to us at:
Concrew Training, Ransom Hall, Ransom Wood Business Park, Mansfield, Nottinghamshire, NG21 0HJ
REVIEW
The effectiveness of this policy and associated arrangements are reviewed at least bi-annually under the direct supervision of the Director.
Issued: 01 May 2014 Updated: 07 February 2024
Last reviewed: 07 February 2024
Next Review: May 2025