Our approach to Data Protection and Privacy

Anzo Training is a trading name of Anzo Tech Limited (Company Number 08128404). We are specialists in workplace training mainly across the south of the UK. In addition to keeping your workforce trained and safe, as the Data Controller of this company we are committed to keeping your data secure and confidential as a visitor to this website and/or as a customer.

This Privacy Policy forms our commitment to keeping your data secure, confidential and lawfully processed. It sets out how we use your data when you visit this website and use our services.

1. Law

The information contained in this Privacy Policy shall be governed and construed in accordance with English law and be subject to the exclusive jurisdiction of the English courts.

2. General Data Protections Regulations

We abide by the principles set out in the GDPR regulations.

3. When we collect your data

We collect personal data in a few of these circumstances:

• When you visit this website and fill out an enquiry.
• Processing your booking with us whether online or through our customer services team.
• When you contact us to discuss your booking.
• When corresponding with you or contacting you about our services.
• When you take part in surveys or provide us with feedback.
• When someone books a place on a course with us on your behalf.

4. What data do we collect about you?

We may collect the following data about you. This list is not exhaustive and in specific instances, we may need to collect additional data for the purposes set out in this Policy.  Some of the below personal data is collected directly, for example when you purchase training from us or fill out a contact form. Other personal data is collected indirectly. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.

Data categories

• Identification – Name. Employer, role (if you contact us on behalf of a company you are employed by).
• Contact details – Email address, telephone number, location/postal address.
• Account – Your purchase, quotation and communication history with us, and marketing preferences
• Usage – usage of website, products & services
• Payment details – debit/credit card/invoicing details, billing contact details. (card details are not kept on our records)
• Training history – course title, qualification type, date taken, validity, expiry, location taken, grade.

5. How we use your data

We only use your data when it is lawful for us to do so. Please find information on how we use your data below, and the lawful basis for processing in each case.

Type/Purpose of Processing	Lawful Basis for Processing	Data Categories
Processing your order	Contract	Identification, Contact, Account, Payment Details
Performance of administrative, accounting or customer service tasks relevant to an order, enquiry and/or training	Contract	Identification, Contact, Account, Payment Details
Fulfilment of your training, and verification of it after completion.	Contract	Identification, Contact, Training History
To fulfil your training in any case where you have medical, disability or other health needs that are necessary to be considered for the successful provision of training	Consent	Health/Medical/Disability information
Provide you with information on relevant products, services and offers if you have contacted us	1.Contract/Pre-Contractual Intention 2. Legitimate Interests – To help ensure you fulfil all your training requirements and to market our products & services	Identification, Electronic Identification, Contact, Account, Training History
Inform you when the training you have purchased is approaching its expiry	Legitimate Interest – To offer you the best possible service we can, and improve brand loyalty	Identification, Contact, Account, Payment Details, Training History
Manage your marketing, website and service preferences	Legitimate Interest – To honour your preferences as a user of our website, customer, or other interested party	Identification, Electronic Identification, Contact, Account
Gather feedback on products, services and experience	Legitimate Interest – To both improve and to ensure you are happy with, our products, services and customer experience.	Identification, Contact, Account, Training History
Provide you with relevant information and marketing through personalisation	Legitimate Interest – To offer you the best possible service through relevant information and content, and to grow as a company through improving marketing effectiveness	Identification, Electronic identification, Contact, Account, Training History
Analysis of website and product usage, communications, purchase history and marketing data to gain knowledge on service and product performance, user behaviour and marketing effectiveness	Legitimate Interest – Improve our website, customer experience, products, services and marketing in order to improve & grow as a company	Identification, Electronic identification, Contact, Account, Training History
Quality assurance testing, monitoring, auditing, market analysis, developing of and training on products, services, business systems and processes	Legitimates interest – To improve products, services, business processes and systems, security and protection of business assets	Identification, Electronic Identification Contact, Account, Training History, Account

 

Pixels and other web technologies

We may use pixels or other web technologies to track when you’ve opened an email or link we send to you.

6. Retention Periods

We store data on you for different lengths of time depending on the type of user you are and your relationship with the company. We use a combination of criteria to determine how long we keep the different types of data we hold on you.

Some data is required to be held by law and to fulfil our contractual obligations with both you as a customer, and the awarding bodies we work with to certify your qualifications. In other situations, we store your data for as long as we believe there is be a legitimate mutual interest between us, as an existing or prospective customer. You have certain rights under the GDPR to remove, transfer or change this data – please see the ‘Your Data Rights’ section for more information’.

7. Direct Marketing

If allowed by the Applicable Law and/or your consent, we may contact you from time to time to provide you with information which we think you may find of interest, unless you have opted out of such contact.

You can contact us at any time to withdraw your details and consent to processing from our marketing database, by contacting us by emailing – accounts@anzo.training

We will not make available or sell your information to third parties for marketing purposes. However, If we sell, assign or transfer the assets of our business, or if our business is merged or enters into a joint venture with another business entity, we reserve the right to sell or transfer the database maintained by us (including any personal information provided by you).

8. Suppliers and Sub-processors

In order for us to provide you with great quality Health and Safety training and an enjoyable browsing experience, we sometimes use services provided by other companies to assist us. These suppliers range from product (e.g. our eLearning providers), to technical (e.g. our Web Hosting provider, online payment providers).

Where necessary, we may share your personal data with these companies for processing in order to fulfil certain services. This is always done in a secure, confidential manner and your data is only held with the company for as long as is necessary in each case. The organisations will also always have appropriate technical and organisational methods in place to protect your data.

A full list of these providers, the personal data they hold, why we send them this data and the length of time they hold the data for can be obtained if required by contacting us by emailing – accounts@anzo.training

We may also disclose personal information where information is part of a due legal process and otherwise required or permitted by law.

9. Location and International Transfers

Your data is largely held and processed within the EEA, however some of our third-party suppliers, such as hosting providers and other technology focused service providers, are based in the USA and so store and process data within the USA – certain global providers may also store and process data in other non-EEA countries.

In these cases, agreements with these suppliers will use Standard Contractual Clauses (SCC) / Model Contractual Clauses (MCC) from the European Commission, or similar agreements providing the same or greater levels of protection for international data transfers.

By submitting your data and agreeing to this policy you agree to this transfer, storing or processing.

10. Security

We employ technical and organisational measures to protect the information provided by you from access by unauthorised persons and against unlawful processing.

This is achieved through a wide range of methods, including but not limited to: data encryption where appropriate, risk analysis, staff training, internal information security policies and other methods recommended under the GDPR.

All third-party data processors that we use (as described in section 7, ‘Suppliers and Sub-processors’), have also confirmed that they employ the technical and organisational methods needed to keep your data safe and secure.

Other Collectors of Information

Except as otherwise expressly included in this Privacy Policy, this document only addresses the use and disclosure of information we collect from you. To the extent that you disclose your information to other parties, different rules may apply to their use or disclosure of the information you disclose to them. To the extent that we use third party advertisers, they adhere to their own privacy policies. Since we do not control the privacy policy of any third party, you are subject to the privacy policy of that third party.

11. Your Data Rights

We adhere to all rights given to individuals under the GDPR. To exercise any of these rights with the personal data we hold on you, please contact us by emailing – accounts@anzo.training or write to:

Anzo Training. 21 Kingsley Park, Whitchurch, Hampshire, RG28 7HA.

Subject Access Requests

This is your right to request a copy of the information that we hold about you.  If you would like a copy of some or all your personal information, please email us at accounts@anzo.training with sufficient information to enable us to identify you.  We will respond to your request within one month of receipt of the request.

Updating and Correcting Information

We want to make sure your personal information is accurate and up to date.  You may ask us to correct or remove information you think is inaccurate.

Objections to processing of personal data

It is your right to lodge an objection to the processing of your personal data if you feel the “ground relating to your particular situation” apply.  The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of a legal claims.

Data Portability

It is also your right to receive the personal data which you have given to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without delay from the current controller if:

(a)    The processing is based on consent or on a contract, and

(b)    The processing is carried out by automated means.

Right to be Forgotten

Should you wish for us to completely delete all information that we hold about you for, please either email accounts@anzo.training or write to:

Anzo Training. 21 Kingsley Park, Whitchurch, Hampshire, RG28 7HA.

Please note that if the personal data you wish to delete is needed for lawful purposes and/or contractual fulfilment, it may not be possible for us to remove this.

12. Complaints

If you believe we have processed your data unfairly or unlawfully, you have the right to lodge a complaint with a supervisory authority, such as the Information Commissioner’s Office within the UK – https://ico.org.uk/. Our ICO Entry No. ZA78785.

13. Changes to this Policy

We may need to change this Privacy Policy over time. We will post changes to this Privacy Policy to the website when such changes are necessary. All amended terms shall automatically be effective immediately after they are initially posted on the website.

14. Contact us

If you have any questions about this Privacy Policy, how we run the website or your dealing with our website, please send an e-mail to us at: accounts@anzo.training

Or write to us at:  Anzo Training. 21 Kingsley Park, Whitchurch, Hampshire, RG28 7HA.

This privacy policy (“Privacy Policy”) is provided by Anzo Training as a part of the Anzo Tech Limited (Company Number 08128484) whose registered office is at Anzo Training. 21 Kingsley Park, Whitchurch, Hampshire, RG28 7HA. (referred to as “us”, “our” or “we” in this Privacy Policy) for the information of visitors (referred to as “you” or “your” in this Privacy Policy) to our website, the URL of which is https://anzo.training referred to as the “Website” in this Privacy Policy.