Privacy Policy

Train With Premier | Privacy Policy

 

1.0  Who we are

Train With Premier Limited (Registered Company: 10666503) are part of Premier Education Group plc, ICO Registered Number: 05922136, and are a National Training Provider for the active leisure, learning and well-being sector.

2.0 Our commitment to user privacy and data protection

Train With Premier (also referred to as “TWP”, “we”, “us”, “our” in this Privacy Policy)  is committed to meeting the highest standards of data protection to provide the best service to our contacts. We will tell our contacts exactly how we will use and store their data, not use it for any purpose other than the ones we have consent for and take all reasonable steps to ensure their data is stored and transferred securely.

TWP is committed to respecting the personal data you supply us with. The details we store enable us to personalise the service we provide and, with your consent, to keep you updated with details of courses, camps and services that may be of interest to you.

With your consent, we may contact you by post, telephone or email and share this information with pre-agreed third parties to provide information to you about other services and products that we think might be of interest to you. If we want to use the data in any way other than for the purpose you have consented to (e.g. sharing with a new third party) we will need to ask for your consent each time.

You have the right to opt out of receiving promotions from us and/or our chosen third parties at any time. This can be done by emailing us at [email protected].

If you think any information we hold about you is incorrect you should notify the Data Protection Officer at [email protected]. Any information which is wrong will be corrected within a month.  TWP and Premier Education Group strive to protection the security of information which you have provided and will use all appropriate security measures to safeguard such data (see 4.0 and 5.0 for more detail).

3.0 Relevant legislation

This website has been designed to comply with the EU General Data Protection Regulation 2018 (GDPR), which governs data protection and user privacy standards throughout the European Union.

GDPR outlines how organisations must collect, handle and store personal information. To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.

Users who entrust their personal data to companies like TWP have the following rights under GDPR:

• The right to be forgotten (you can request for your data to be deleted)
• The right to see all the data we hold on you (by submitting a Subject Access Request)
• The right to data portability (if you ask to see all your data, we’ll give it to you in a commonly used format, like a pdf)
• The right to correct inaccurate information we hold on you
• The right to opt-out of marketing communications as easily as you opted in
• The right to restrict or object to processing (although we may still need to hold on to your data, for example to fulfil a contract)
• The right to complain (this would be to a supervisory authority responsible for data protection)

Given the stringent nature of this regulation, this website may be compliant with other international data protection and user privacy legislation. If you are unsure whether this website meets your country’s data protection and user privacy legislation, please contact our data protection officer (contact details can be found in section 9.0) for clarification.

4.0 Personal information that this website collects and why we collect it

• Contact forms and email links (smartsheet encryption of this data)

Some of the data entered on our online forms is not stored on TWP owned servers. Before becoming a TWP customer, your data is only securely encrypted and then securely transmitted to the HubSpot secure servers using PHP scripts. That data is then stored by HubSpot on their secure servers. HubSpot’s current security and storage policy can be found here www.hubspot.com/datastorage. We also sync HubSpot to smartsheet, whose policy can be found here https://www.smartsheet.com/trust/privacy

We access these details via the HubSpot Client Management Portal logging into the HubSpot secure servers, where your details are only accessed by authorised admin personnel at the TWP. You will only ever receive correspondence via TWP or our holding company Premier Education Group or an authorised sender based on the notification settings in your account.

If you opt-in to our email newsletters, your email address will be securely stored on HubSpot, who handle our email marketing services as a third-party data processor (see section 6.0). This email address will not be stored anywhere on the website or downloaded onto any other system. We contact our customers with a monthly newsletter and periodic additional communications around specific promotions.

We will keep your email address on both databases until either you specifically request removal from the list, which can be done by following an Unsubscribe link included in all our communications or requesting removal by email. Please note that you will need to email us using the email account you want to have removed from our records.

You must obtain parental consent before subscribing to our email newsletter if you are under 16 years old.

 

• Payments

Payments for our courses are process via Stripe. We do not hold any of your payment card information. All payment information is processed via Stripe.

5.0       How we store your personal information

5.1 Where your data is stored

When you initially fill out a form on our website, the data linked to our third-party data processor HubSpot. HubSpot’s data is stored on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. We use HubSpot for all marketing communications which you can opt-out of at any time.

We reserve the right to delete your data from our system if you no longer fulfil our sales criteria – i.e. you have not made a purchase from us for the past two years or if you have not opened the last 11 of our emails.

In these scenarios, we will retain the bare minimum of information (i.e. your email address) on a Suppressed list, to ensure we do not contact you again once you have been removed from our email lists.

5.2 Sharing or transferring your data

Occasionally we will need to share or transfer your data with our trusted third-party data processors or within the company. When we transfer data, we will securely encrypt it before transferring.

We are based in the UK, and under GDPR, we can transfer data between countries which adhere to similarly stringent data protection legislation. This includes the USA, where some of HubSpot’s servers are based. See section 6 for HubSpot’s Privacy Policy.

5.3 Automated processing

With your consent, we will carry out a limited number of automated processes relating to your data. This may include automatically sending you information we think will be of interest to you based on what you’ve engaged with in the past or sending you reminder emails if we think you’ve forgotten to complete a purchase. You can opt out of automated processing at any time.

6.0 About this website’s server (inc. security info)

 Our server, which we manage ourselves, is hosted in the UK with a company called Redstation (www.redstation.com). The server Operating System is kept up to date via automatic security patches and all software used is still supported (including PHP).

All our sites use HTTPS encryption to protect any sensitive data in transit from the server to the browser.

7.0 Our third-party data processors

We use several third-party organisations to process personal data on our behalf. These organisations have been selected in part due to their commitment to data security. All are GDPR-compliant as outlined in section 2.0. Those based in the USA are also EU-US Privacy Shield compliant

• Hubspot – Privacy Policy
• ownCloud – Privacy Policy
• InfusionSoft (TWP/B11 only) – Privacy Policy
• Trust Pilot – Privacy Policy
• Event Espresso – Privacy Policy
• Stripe – Privacy Policy
• smartsheet – Privacy Policy

8.0 Data Breaches

In the event of an unlawful data breach of this website or any of our data held on third-party data processors, we will inform the Information Commissioner’s Officer within 72 hours of the breach. We will inform the people whose data has been compromised of the breach if the data compromised could have a significant negative impact on the individuals concerned (e.g. financial or medical data).

9.0 Data Controller

The data controller of this website is Premier Education Group Holdings, company number 05922136.

Registered address & operating office:

Old Apple Store,
Church Road,
Shropham,
Attleborough,
Norfolk,
NR17 1EJ

10.0 Data Protection Officer (contact info)

Mekila Kelly
Operations and Compliance Manager / Designated Safeguarding Lead
phone: 01953 499040
[email protected]

11.0 Changes to our privacy policy

We will continue to review and update this policy in line with the latest industry guidance. Any changes will be recorded in this section.